JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.97

65.111.6.97 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.97

Whois 65.111.6.97

IP Abuse Reports for 65.111.6.97:

This IP address has been reported a total of 31 times from 13 distinct sources. 65.111.6.97 was first reported on June 27th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 oncord	2026-01-30 11:25:20 (4 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-28 00:55:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 19:55:37.476314 2025] [security2:error] [pid 21851:tid 21851] [client 65.111.6.97:54887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidnevueconcerts.com"] [uri "/.env"] [unique_id "aVCACVWY_ks40on88JXvUwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:06:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:06:35.438762 2025] [security2:error] [pid 4731:tid 4731] [client 65.111.6.97:33845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myhomeisamerica.com"] [uri "/.svn/wc.db"] [unique_id "aVBYa706ZwhZExP6XA0_5wAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:32:03 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:32:00.222220 2025] [security2:error] [pid 22962:tid 22962] [client 65.111.6.97:28545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ialenti.com"] [uri "/.env"] [unique_id "aVAmIPwsJJPYo8ea_Hr86wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 14:34:29 (5 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
Anonymous	2025-12-26 05:18:45 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	2025-12-07 09:42:48 (5 months ago)	botnet	DDoS Attack
🇨🇭 backslash	2025-12-06 02:55:02 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-11-29 08:02:18 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.29 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.29 is noted in report timestamp show less	Hacking Brute-Force
🇳🇱 homeshowdomain.nl	2025-11-25 23:04:46 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 08:43:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:43:26.435450 2025] [security2:error] [pid 25852:tid 25852] [client 65.111.6.97:23663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.sendera.mx"] [uri "/.env"] [unique_id "aSQarsyJ5UskRfxy3do_4gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:31:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:31:46.745513 2025] [security2:error] [pid 20155:tid 20155] [client 65.111.6.97:51963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dwipapuri-abadi.com"] [uri "/.svn/wc.db"] [unique_id "aSPRomOi4RaOPqYOYl6VRgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-19 14:16:03 (6 months ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2025-11-17 17:54:40 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 07:10:20 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 172.253.5.24

🇺🇸 20.65.194.6

🇬🇧 2a06:4880:2000::3b

🇺🇸 216.25.89.98

🇺🇸 216.24.212.42

🇺🇸 216.24.212.11

🇧🇷 205.210.31.239

🇻🇪 201.249.205.94

🇹🇷 185.128.114.94

🇨🇳 180.184.98.12

🇨🇳 123.178.210.197

🇹🇬 102.64.128.220

🇰🇭 96.9.84.241

🇳🇱 91.204.77.153

🇳🇱 81.19.216.113

🇺🇸 20.65.194.59

🇫🇷 5.196.51.54

🇷🇴 2.57.122.238

🇨🇳 220.167.232.214

🇹🇼 198.235.24.112