JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.21

65.111.6.21 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.21

Whois 65.111.6.21

IP Abuse Reports for 65.111.6.21:

This IP address has been reported a total of 32 times from 15 distinct sources. 65.111.6.21 was first reported on June 27th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 01:07:42 (3 days ago)	Web App Attack	Web App Attack
🇩🇪 LRob.fr	2026-06-09 03:30:13 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 12:22:47 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇨🇭 backslash	2026-01-18 09:25:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2025-12-23 17:00:13 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-14 10:52:20 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 00:18:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:18:34.610972 2025] [security2:error] [pid 6649:tid 6687] [client 65.111.6.21:44771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.soyjuantrece.com"] [uri "/.svn/wc.db"] [unique_id "aSZHWvCQPT6s-IHquRxXqwAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:32:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:32:46.555295 2025] [security2:error] [pid 12499:tid 12499] [client 65.111.6.21:56337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.finewebdining.com"] [uri "/.svn/wc.db"] [unique_id "aSUVTlzhjNETBNZ2tBCQNwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:30:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:30:10.439140 2025] [security2:error] [pid 10748:tid 10748] [client 65.111.6.21:50365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.taxgroupsd.com"] [uri "/.git/HEAD"] [unique_id "aSQXkul_zaZHd1PKwpw8bgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:32:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:32:22.860996 2025] [security2:error] [pid 20130:tid 20130] [client 65.111.6.21:42725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kittencream.com.mykelmilur.com"] [uri "/.env"] [unique_id "aSP79lLBz8n5tJwfb2u7ZgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:12:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:12:43.905084 2025] [security2:error] [pid 9565:tid 9565] [client 65.111.6.21:60947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mikelynchphoto.com"] [uri "/.git/HEAD"] [unique_id "aSPbOwGkpj7_vG9DWnHdsQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:10:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:10:31.353611 2025] [security2:error] [pid 2215:tid 2219] [client 65.111.6.21:37287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.atechtransmission.com"] [uri "/.env"] [unique_id "aSPMp4PKgioJ5cBCG_YIrwAAAQE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 00:19:32 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 23:03:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 18:02:55.929109 2025] [security2:error] [pid 1391:tid 1391] [client 65.111.6.21:21133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ronniescedarinn.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRZjn9heq16qDzpjTZtYIgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-18 02:03:10 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.164.91.60

🇹🇭 182.53.207.106

🇫🇷 91.231.89.235

🇺🇸 54.226.194.25

🇺🇸 47.193.96.174

🇨🇳 36.33.167.165

🇺🇸 34.212.36.127

🇵🇱 194.180.49.216

🇨🇳 152.136.45.30

🇺🇸 150.107.36.236

🇺🇸 128.203.204.165

🇲🇦 81.192.46.32

🇩🇪 69.5.169.129

🇨🇳 8.134.157.132

🇨🇦 216.26.237.12

🇦🇷 186.13.24.118

🇺🇸 172.183.157.183

🇺🇸 159.203.76.93

🇵🇰 110.38.247.159

🇩🇪 69.5.169.218