JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.202

65.111.6.202 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.202

Whois 65.111.6.202

IP Abuse Reports for 65.111.6.202:

This IP address has been reported a total of 45 times from 18 distinct sources. 65.111.6.202 was first reported on June 28th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇮🇹 VHosting	2026-02-18 22:19:20 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇪🇸 10dencehispahard SL	2025-12-29 09:38:35 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇦🇺 MAGIC	2025-12-21 00:11:12 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-01 20:05:15 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 07:21:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:21:48.276503 2025] [security2:error] [pid 15944:tid 15944] [client 65.111.6.202:44623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lifestrong.com"] [uri "/.git/HEAD"] [unique_id "aSVZDI5jc8iJWkBCMEif0QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:59:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:59:43.075185 2025] [security2:error] [pid 20413:tid 20413] [client 65.111.6.202:60147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ic1.biz"] [uri "/.svn/wc.db"] [unique_id "aSVT30w4HC4irPq0I0PwGAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 05:39:05 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:18:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:17:56.995513 2025] [security2:error] [pid 21943:tid 21943] [client 65.111.6.202:57259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ridgecrestrealtors.com"] [uri "/.env"] [unique_id "aSU8BAERKAIxO6GhQ2RbuQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:22:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:22:15.068010 2025] [security2:error] [pid 15379:tid 15379] [client 65.111.6.202:20885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.robhoward.me"] [uri "/.git/HEAD"] [unique_id "aSUu9843lLK2d6m61Q-FdwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:05:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:05:44.894128 2025] [security2:error] [pid 22101:tid 22101] [client 65.111.6.202:30349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.align-developments.com"] [uri "/.env"] [unique_id "aSUrGESWVF9Xj5BCpZEZLAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:05:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:05:43.814856 2025] [security2:error] [pid 10675:tid 10675] [client 65.111.6.202:39487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.stationrestaurant.ca"] [uri "/.git/HEAD"] [unique_id "aSUdBxeAKaG-UH1DmvYI6gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:55:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:54:58.896713 2025] [security2:error] [pid 20176:tid 20176] [client 65.111.6.202:23451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.justkoolit.com"] [uri "/.git/HEAD"] [unique_id "aSUMcn-Oh8kCbbuU1sDQlwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:01:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:01:06.055308 2025] [security2:error] [pid 30244:tid 30244] [client 65.111.6.202:33287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.smartstylehair.com"] [uri "/.git/HEAD"] [unique_id "aST_0rQM-W7xtNsYLEG5AgAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:39:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:38:58.523665 2025] [security2:error] [pid 19195:tid 19195] [client 65.111.6.202:24697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.chalet-4saisons.com"] [uri "/.env"] [unique_id "aSQnst2FFzfhhPeM0hWPZgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 2402:800:629f:ea0e:dd1a:8f6c:4205:c24

🇹🇭 171.100.121.127

🇮🇳 103.158.40.65

🇳🇬 102.88.137.213

🇳🇱 45.148.10.36

🇮🇳 203.192.224.97

🇵🇱 194.180.49.70

🇳🇱 174.138.10.171

🇺🇸 162.254.36.150

🇮🇳 122.183.57.233

🇸🇬 167.99.66.42

🇹🇷 95.70.170.153

🇷🇴 92.118.39.210

🇺🇸 45.132.115.39

🇺🇸 45.132.115.34

🇺🇸 20.118.209.70

🇨🇳 218.17.239.204

🇺🇸 159.203.112.102

🇨🇳 123.163.244.216

🇻🇳 123.24.161.71