JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.46

65.111.6.46 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.46

Whois 65.111.6.46

IP Abuse Reports for 65.111.6.46:

This IP address has been reported a total of 28 times from 16 distinct sources. 65.111.6.46 was first reported on June 27th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 routerjockey	2026-05-06 08:17:52 (4 weeks ago)	[sensor1] Observed 12 TCP SYN probes in the past 6 hours [Top port 3000/tcp(12x)]	Port Scan
🇮🇩 Burayot	2026-05-01 23:54:19 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 65.111.6.46 (US/United States/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 65.111.6.46 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇱🇻 garmtech.com	2026-04-14 10:56:00 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-55.65.111.6.46.web-spammers ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-55.65.111.6.46.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 06:06:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:06:44.209090 2025] [security2:error] [pid 26662:tid 26662] [client 65.111.6.46:59833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.antoniosuarezbr.turedinmobiliaria.com"] [uri "/.git/HEAD"] [unique_id "aSP19JRP3gOrsANeFHIPvAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:32:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:32:00.453415 2025] [security2:error] [pid 8833:tid 8833] [client 65.111.6.46:54087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agapeaccounting.com"] [uri "/.git/HEAD"] [unique_id "aSPt0B2nDMZbK2N9G71YMgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:08:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:08:15.556851 2025] [security2:error] [pid 30420:tid 30420] [client 65.111.6.46:46071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.champions-in-arms.com"] [uri "/.env"] [unique_id "aSPoP8Hv7qTSoshttTQb7QAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:07:25 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 06:06:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 01:06:26.634545 2025] [security2:error] [pid 15163:tid 15163] [client 65.111.6.46:9641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campnecon.com"] [uri "/.env"] [unique_id "aRGA4vmjdWeZkTLqJbShgAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-27 03:26:13 (7 months ago)	2025-10-27T04:26:10.320008 localhost.localdomain sshd[1026373]: pam_unix(sshd:auth): authentication ... show more 2025-10-27T04:26:10.320008 localhost.localdomain sshd[1026373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.6.46 2025-10-27T04:26:12.325458 localhost.localdomain sshd[1026373]: Failed password for invalid user paugba69 from 65.111.6.46 port 38133 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-10-16 13:50:53 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
🇬🇧 D3monite	2025-10-08 16:31:04 (7 months ago)	Attempted Brute Force (cpaneld)	Brute-Force
Anonymous	2025-10-07 16:31:29 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-05 06:53:59 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 hostseries	2025-09-27 12:54:00 (8 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 107.150.98.168

🇿🇦 102.129.61.205

🇫🇷 91.231.89.238

🇺🇸 65.49.1.237

🇨🇳 219.159.91.46

🇺🇸 185.156.46.160

🇺🇸 185.156.46.153

🇨🇳 180.167.128.203

🇺🇸 147.185.132.120

🇧🇩 103.177.125.62

🇺🇸 47.154.105.166

🇳🇱 45.148.10.206

🇷🇴 2.57.122.103

🇵🇰 202.165.237.158

🇺🇸 192.178.36.30

🇺🇸 185.156.46.141

🇭🇰 152.32.239.122

🇵🇭 112.204.124.71

🇺🇸 107.0.200.227

🇭🇰 103.30.40.129