JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.196

65.111.6.196 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.196

Whois 65.111.6.196

IP Abuse Reports for 65.111.6.196:

This IP address has been reported a total of 29 times from 16 distinct sources. 65.111.6.196 was first reported on June 27th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-02-16 15:07:39 (3 months ago)	[WAZUH] Mixed case PHP extension detected (PhP, PhP5, Phtml, etc)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:58:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:58:35.605834 2026] [security2:error] [pid 8817:tid 8817] [client 65.111.6.196:31113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "palmatrader.com"] [uri "/new/.git/config"] [unique_id "aZG06w5e20vdmyW5Og-E7gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:02:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:02:07.843260 2026] [security2:error] [pid 7818:tid 7818] [client 65.111.6.196:64491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "punctuminteractive.com"] [uri "/.env.staging"] [unique_id "aZGnr_p0J_78GxF2L1b1OwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 06:06:48 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:55:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:54:59.265658 2026] [security2:error] [pid 16551:tid 16551] [client 65.111.6.196:63337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "professionalpartyplanner.org"] [uri "/v2/.git/config"] [unique_id "aZFfs8HB17lwwzc6HehmfgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-02-15 05:54:33 (3 months ago)	Vulnerability scan activity detected by Fail2Ban	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:58:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:58:19.606256 2026] [security2:error] [pid 3735:tid 3735] [client 65.111.6.196:60971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prestigedomainsales.com"] [uri "/.env"] [unique_id "aZFSa-2wZzcbqDSHggjYFgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:48:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:48:44.895283 2026] [security2:error] [pid 20941:tid 20941] [client 65.111.6.196:34507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "portorock.hiphop"] [uri "/.env.local"] [unique_id "aZFCHIvi7dZwzcu7v3moNgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:15:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:15:05.473595 2026] [security2:error] [pid 20317:tid 20317] [client 65.111.6.196:26599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nlc-calumet.org"] [uri "/app/.git/config"] [unique_id "aZE6OVPUc0aROo21keAXrwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:46:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:46:35.756795 2026] [security2:error] [pid 20494:tid 20494] [client 65.111.6.196:36389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nickersoncarpentry.com"] [uri "/backup/.git/config"] [unique_id "aZEzi_wRYkOIK_R6qwbVFQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:20:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:20:03.142483 2026] [security2:error] [pid 12326:tid 12326] [client 65.111.6.196:44699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rubinsonknowledge.com"] [uri "/.env.staging"] [unique_id "aZEtU8B6ytgn23JOwH9r0AAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:51:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:48:12.670135 2026] [security2:error] [pid 184123:tid 184249] [client 65.111.6.196:22583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosicrucian.net"] [uri "/test/.git/config"] [unique_id "aZEl3IMh4IJV0omYQjPebwAAAkw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:26:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:25:55.789867 2026] [security2:error] [pid 1101272:tid 1101272] [client 65.111.6.196:30269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ncparanormalresearch.com"] [uri "/.git/config"] [unique_id "aZEgo_ZLZvCNmgBuFJ24fwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:54:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:54:08.125365 2026] [security2:error] [pid 21366:tid 21366] [client 65.111.6.196:30245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photoboothtogo.com"] [uri "/dev/.git/config"] [unique_id "aZEZMGDg327YuTmrvF871AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 mrcrassi	2026-02-04 05:55:22 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.118.173.234

🇺🇸 147.135.114.224

🇨🇳 115.236.53.198

🇵🇱 95.214.53.157

🇸🇬 2404:6800:4003:c22::126

🇧🇷 205.210.31.228

🇹🇭 202.29.225.206

🇻🇳 160.30.172.107

🇲🇽 149.232.138.207

🇺🇸 107.141.138.44

🇳🇬 102.88.137.80

🇨🇳 101.89.141.184

🇹🇷 78.186.54.65

🇨🇳 27.19.74.137

🇩🇪 5.175.186.64

🇷🇴 2.57.121.25

🇭🇳 200.107.238.42

🇧🇷 187.9.92.190

🇳🇱 176.65.139.213

🇳🇱 176.65.139.43