JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.54

65.111.6.54 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.54

Whois 65.111.6.54

IP Abuse Reports for 65.111.6.54:

This IP address has been reported a total of 29 times from 13 distinct sources. 65.111.6.54 was first reported on July 8th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-04-19 11:58:42 (1 month ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 relianoid.com	2026-02-16 07:38:12 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-12-10 10:03:52 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 10:12:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:12:03.017574 2025] [security2:error] [pid 2713242:tid 2713242] [client 65.111.6.54:50591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.4photogifts.com"] [uri "/.env"] [unique_id "aSbSc3b4RfORYD-Oa4YlGAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:18:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:18:48.018020 2025] [security2:error] [pid 6147:tid 6147] [client 65.111.6.54:9167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.amrtactical.com"] [uri "/.git/HEAD"] [unique_id "aSabyAPIA2zb_8_h64DeDgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:24:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:24:31.664250 2025] [security2:error] [pid 5274:tid 5274] [client 65.111.6.54:14647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.sarahingber.com"] [uri "/.git/HEAD"] [unique_id "aSU9j8_DMTCwE3j-pqHtoAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 14:19:27 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:18:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:18:08.142109 2025] [security2:error] [pid 8307:tid 8307] [client 65.111.6.54:19679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thomaschemical.net"] [uri "/.git/HEAD"] [unique_id "aSQUwGm_fqaTsNOz5UlkQAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:38:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:38:12.288897 2025] [security2:error] [pid 30377:tid 30377] [client 65.111.6.54:38821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "athome360.com"] [uri "/.git/HEAD"] [unique_id "aSQLZPms1eNTeir7jvMi5AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2025-11-24 07:24:42 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 05:36:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:36:02.471746 2025] [security2:error] [pid 744:tid 744] [client 65.111.6.54:58457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fpstudios.puoci.com"] [uri "/.env"] [unique_id "aSPuwjvSNOJFijjHXxz0VAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:45:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:45:44.140758 2025] [security2:error] [pid 21156:tid 21156] [client 65.111.6.54:25169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.engelhardtkraatz.com"] [uri "/.svn/wc.db"] [unique_id "aSPi-P_f94ys-sQj9mX0MAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 22:44:18 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-11 22:41:04 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-28 22:36:50 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.149.212

🇺🇸 2604:a880:400:d1:0:4:8c09:2001

🇧🇪 198.235.24.217

🇲🇽 187.249.60.130

🇺🇸 162.216.149.51

🇨🇳 113.195.163.224

🇳🇱 91.92.241.106

🇺🇸 66.132.186.199

🇩🇪 47.91.65.144

🇩🇪 46.202.156.115

🇺🇸 40.124.175.251

🇺🇸 20.65.195.62

🇺🇸 18.97.5.31

🇷🇴 2.57.121.112

🇺🇸 216.25.89.92

🇭🇰 165.154.61.184

🇻🇳 152.32.250.188

🇺🇸 135.237.125.143

🇨🇳 120.78.9.93

🇨🇳 113.57.185.161