JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.6

65.111.6.6 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.6

Whois 65.111.6.6

IP Abuse Reports for 65.111.6.6:

This IP address has been reported a total of 34 times from 19 distinct sources. 65.111.6.6 was first reported on July 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:15:09 (2 weeks ago)		Bad Web Bot
🇨🇳 ThreatBook.io	2026-05-12 00:28:28 (3 weeks ago)	ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/65.111.6.6 20 ... show more ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/65.111.6.6 2026-05-11 20:24:02 /weblogic/ready 2026-05-11 20:24:00 /console/login/LoginForm.jsp 2026-05-11 20:24:07 /wls-wsat/CoordinatorPortType 2026-05-11 20:24:03 /management/tenant-monitoring/servers 2026-05-11 20:24:05 /config/config.xml show less	Web App Attack
Anonymous	2026-03-28 21:37:53 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-03-16 00:51:10 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-12 05:11:54 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 01:11:46.490186 2026] [security2:error] [pid 24868:tid 24868] [client 65.111.6.6:38393] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|comitedelafamille.org\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "comitedelafamille.org"] [uri "/html.db"] [unique_id "abJLEhReQu1qRoVtErlJ9gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-09 05:11:06 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-02-02 01:27:09 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 myagent.site	2026-01-25 10:42:11 (4 months ago)	Blocking for trying to access an exploit file: /config.php.csv	Hacking
🇮🇹 Progetto1	2025-12-26 00:45:21 (5 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇮🇹 VHosting	2025-12-23 20:00:20 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-08 09:17:51 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-12-04 05:28:00 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 07:22:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:22:17.774677 2025] [security2:error] [pid 27049:tid 27049] [client 65.111.6.6:10589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.capriexpress.com"] [uri "/.git/HEAD"] [unique_id "aSaqqUXWPrulLGxW2xJWcgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:43:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:43:47.822605 2025] [security2:error] [pid 21902:tid 21902] [client 65.111.6.6:17187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.misfitranch.com"] [uri "/.env"] [unique_id "aSZbUw4OXFjLQpwxfuVY0AAAAC8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:18:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:18:25.247674 2025] [security2:error] [pid 5318:tid 5337] [client 65.111.6.6:19587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kandooo.com"] [uri "/.env"] [unique_id "aSZVYYtQIEBqnJukf2LFEAAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.235

🇧🇷 189.123.88.84

🇧🇷 179.179.218.69

🇸🇬 167.99.72.161

🇺🇸 100.29.192.39

🇺🇸 91.230.168.15

🇱🇹 81.30.98.142

🇩🇪 62.67.70.113

🇮🇩 34.128.98.167

🇳🇱 5.83.143.125

🇺🇸 159.223.128.195

🇦🇺 149.118.68.211

🇧🇪 34.78.23.28

🇧🇷 187.56.194.218

🇷🇺 109.111.175.210

🇺🇸 97.68.15.30

🇮🇷 87.107.102.195

🇵🇱 83.9.108.231

🇺🇸 64.227.7.254

🇲🇳 180.149.125.167