JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.6.98

65.111.6.98 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.6.98

Whois 65.111.6.98

IP Abuse Reports for 65.111.6.98:

This IP address has been reported a total of 41 times from 19 distinct sources. 65.111.6.98 was first reported on July 9th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 11:03:47 (4 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-03-15 14:11:35 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 13:42:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:42:08.024901 2026] [security2:error] [pid 30720:tid 30764] [client 65.111.6.98:14527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lead-sleds.com"] [uri "/wp/.git/config"] [unique_id "aY8qMHLiWKzp-rMQ30LzvgAAAMo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:09:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:09:02.585480 2026] [security2:error] [pid 5221:tid 5221] [client 65.111.6.98:29869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikeberro.com"] [uri "/site/.git/config"] [unique_id "aY8ibnv0R4eH_eznmtrRuwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:08:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:08:00.163838 2026] [security2:error] [pid 23229:tid 23292] [client 65.111.6.98:27255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metrobaselexpoforum.org"] [uri "/app/.env"] [unique_id "aY7p8BLdtPHrxckGmU3hBQAAAYM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:42:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:42:33.575578 2026] [security2:error] [pid 6631:tid 6631] [client 65.111.6.98:18293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mesaparaseis.com"] [uri "/api/.env"] [unique_id "aY7j-TFFgGqCCdli9IsDgQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 08:10:24 (3 months ago)	Try to access /.env	Web App Attack
🇧🇾 lns.bz	2026-02-13 07:31:25 (3 months ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:41:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:41:25.391246 2026] [security2:error] [pid 3741:tid 3741] [client 65.111.6.98:51213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "med-engineering.com"] [uri "/app/.env"] [unique_id "aY7HlZmrPnWGqzzy2dCThAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:10:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:10:28.487095 2026] [security2:error] [pid 2727296:tid 2727296] [client 65.111.6.98:29009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcefa.org"] [uri "/app/.env"] [unique_id "aY7AVFgFGc4iTFdKRRxa_wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 06:05:59 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:18:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:18:36.202356 2026] [security2:error] [pid 1185:tid 1185] [client 65.111.6.98:21111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matteozacchino.dev"] [uri "/wp/.git/config"] [unique_id "aY60LMk5moTF7JkMfZmpMgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:59:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:59:05.533471 2026] [security2:error] [pid 1957274:tid 1957296] [client 65.111.6.98:19925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mastersofthesecrets.com"] [uri "/backup/.git/config"] [unique_id "aY6vmTfMF1PpzQkxSxqyWAAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:44:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.6.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:44:20.060718 2026] [security2:error] [pid 24147:tid 24147] [client 65.111.6.98:64539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marisetravel.com"] [uri "/admin/.env"] [unique_id "aY6eFLT_oLX5RF_ylyGCrgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 01:51:41 (3 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.105

🇸🇬 103.187.146.90

🇺🇸 72.63.20.221

🇺🇸 64.62.156.228

🇵🇭 61.28.144.154

🇺🇸 45.130.83.93

🇨🇴 45.65.233.18

🇺🇸 20.14.73.54

🇩🇪 213.209.159.56

🇵🇰 182.190.190.44

🇺🇸 154.28.101.47

🇺🇸 107.197.183.81

🇨🇳 106.227.33.165

🇹🇼 101.13.5.49

🇺🇸 100.29.192.2

🇸🇬 52.237.80.79

🇷🇴 2.57.122.238

🇷🇴 2.57.121.25

🇬🇧 198.244.168.52

🇺🇸 142.0.85.181