JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.229

65.111.6.229 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.229

Whois 65.111.6.229

IP Abuse Reports for 65.111.6.229:

This IP address has been reported a total of 38 times from 15 distinct sources. 65.111.6.229 was first reported on June 28th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-06 17:53:36 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 ingroscart.it	2026-01-04 12:03:20 (5 months ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 65.111.6.229 (US/Uni ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 65.111.6.229 (US/United States/-) show less	Bad Web Bot
🇮🇹 VHosting	2025-12-23 14:10:34 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 01:22:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 20:22:47.766746 2025] [security2:error] [pid 24240:tid 24240] [client 65.111.6.229:54227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phenomenalcattery.com"] [uri "/.env"] [unique_id "aTjLZ4-6dpO9ClcDumq-wQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 15:42:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 10:42:54.138721 2025] [security2:error] [pid 26858:tid 26858] [client 65.111.6.229:39423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jojofarmsohio.com"] [uri "/.git/HEAD"] [unique_id "aThDfoxkm2uxtsttYTI0lwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 22:07:03 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 17:06:57.741854 2025] [security2:error] [pid 11371:tid 11382] [client 65.111.6.229:18179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lordennerdale.com"] [uri "/.svn/wc.db"] [unique_id "aTdMAZmG57BC9S1aMXGtLQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-08 03:55:12 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇳🇱 i-turnradio.nl	2025-12-06 21:58:48 (5 months ago)	2025-12-06 @ 22:58:47 (CET) ~ Blocked for trying to access: /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:58:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:58:42.153285 2025] [security2:error] [pid 15096:tid 15096] [client 65.111.6.229:34729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "syvox.net"] [uri "/.env"] [unique_id "aTQ2kpN36aNbapc7eNZkNQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 15:44:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:44:44.716359 2025] [security2:error] [pid 30543:tid 30543] [client 65.111.6.229:17071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coconut-homes.com"] [uri "/.git/HEAD"] [unique_id "aTL97Ppok3A5yZAJlfoGDQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 04:39:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 23:39:01.861955 2025] [security2:error] [pid 9024:tid 9048] [client 65.111.6.229:52131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "velatorioslucenses.com"] [uri "/.env"] [unique_id "aTJh5dRRZeJPlZoQ1HwnAgAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:47:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:47:05.696945 2025] [security2:error] [pid 1954:tid 1974] [client 65.111.6.229:42017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "windowtailors.com"] [uri "/.svn/wc.db"] [unique_id "aTJHqfR1xlfgKkp0nutMmQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 20:27:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:26:53.332209 2025] [security2:error] [pid 22651:tid 22692] [client 65.111.6.229:60031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maroontribe.com"] [uri "/.svn/wc.db"] [unique_id "aS9LjXl98EkaO0lQkbEsxQAAAYg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:21:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:21:39.991195 2025] [security2:error] [pid 22272:tid 22272] [client 65.111.6.229:23801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pattifox.com"] [uri "/.svn/wc.db"] [unique_id "aS8EA5IPAFMgkqvQGVFaOgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:46:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:46:47.261554 2025] [security2:error] [pid 29352:tid 29352] [client 65.111.6.229:58045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "habakkukent.com"] [uri "/.svn/wc.db"] [unique_id "aS5vN98nPsZrwtf6rIh5RQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 47.251.5.136

🇺🇸 3.210.169.234

🇩🇪 2.26.80.210

🇨🇳 222.138.40.246

🇺🇸 216.172.190.116

🇰🇷 211.251.245.88

🇺🇸 103.216.1.166

🇸🇬 47.84.100.167

🇳🇱 45.148.10.151

🇺🇸 192.254.210.231

🇨🇳 182.32.169.203

🇩🇪 167.94.145.22

🇺🇸 142.251.156.119

🇬🇧 35.203.210.162

🇳🇱 192.253.248.169

🇲🇾 121.122.119.170

🇮🇳 117.205.2.250

🇳🇱 45.148.10.141

🇩🇪 31.17.183.89

🇦🇪 20.203.42.204