JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.1.96

65.111.1.96 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.1.96

Whois 65.111.1.96

IP Abuse Reports for 65.111.1.96:

This IP address has been reported a total of 39 times from 18 distinct sources. 65.111.1.96 was first reported on July 13th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-21 07:27:56 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 nowyouknow	2026-03-03 12:45:10 (3 months ago)	(From [email protected]) No experience is necessary and full training is provided. But before you ... show more (From [email protected]) No experience is necessary and full training is provided. But before you apply, you need to see which role you’re best suited for. Go here to take the Writing Job Quiz. ---> http://PaidToWrite.Online/ Once you finish the quiz, you’ll get a breakdown of the best opportunities available for you right now. Visit -----> http://PaidToWrite.Online/ show less	Phishing Web Spam
🇦🇺 MAGIC	2026-02-25 01:11:49 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 windowsforum	2026-02-23 04:35:08 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=MagaretPat	Web Spam Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-19 05:19:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:19:39.881869 2026] [security2:error] [pid 26953:tid 26953] [client 65.111.1.96:27021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krewt.com"] [uri "/admin/.git/config"] [unique_id "aZadawPbo6jaQ7P_nTIHiwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:46:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:46:04.917201 2026] [security2:error] [pid 17402:tid 17402] [client 65.111.1.96:17635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vycestudiojuridico.cl"] [uri "/site/.git/config"] [unique_id "aZZdTN5ILBdqRy3FXxq_1QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 23:32:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:32:19.984301 2026] [security2:error] [pid 21640:tid 21640] [client 65.111.1.96:48647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vibratingharvard.com"] [uri "/.env"] [unique_id "aZZMA4jEdtLvWnTBSiZCgQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:04:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:04:28.781673 2026] [security2:error] [pid 1672049:tid 1672049] [client 65.111.1.96:10619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tracklocross.com"] [uri "/.env"] [unique_id "aZYbTEUDMkrWX--zmzHnKwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:50:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:50:46.320258 2026] [security2:error] [pid 7110:tid 7110] [client 65.111.1.96:32669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "threewild.com"] [uri "/.git/config"] [unique_id "aZYKBgsxzq4w_6M5RNrvlAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:28:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:28:35.701309 2026] [security2:error] [pid 25479:tid 25479] [client 65.111.1.96:59935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/.env.staging"] [unique_id "aZYE03l4a1r5rcQAP1HnkAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 14:41:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 09:41:12.684148 2026] [security2:error] [pid 27224:tid 27224] [client 65.111.1.96:58177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xmlprotocol.com"] [uri "/.env.production"] [unique_id "aZXPiEM-JhFlDNY7FZ1rQAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:14:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:14:15.664525 2026] [security2:error] [pid 27744:tid 27744] [client 65.111.1.96:31049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wies.name"] [uri "/admin/.git/config"] [unique_id "aZW7J-Kt2H-zrifkbqJ9PAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:39:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:39:47.496629 2026] [security2:error] [pid 804532:tid 804535] [client 65.111.1.96:11729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wehcad.com"] [uri "/.env.local"] [unique_id "aZWzEyVMIGSGO_bGgZBJigAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:46:21.163671 2026] [security2:error] [pid 18779:tid 18779] [client 65.111.1.96:17693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterjhoodco.com"] [uri "/test/.git/config"] [unique_id "aZWmjfiKiK97sQJ9Zfj_2wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 223.123.44.118

🇷🇺 188.92.241.148

🇺🇸 147.185.132.140

🇳🇱 45.156.128.62

🇬🇧 35.203.211.253

🇷🇴 2.57.122.177

🇧🇷 191.6.60.236

🇺🇸 165.154.134.203

🇻🇳 113.23.54.249

🇳🇱 81.19.216.100

🇱🇹 77.90.185.16

🇺🇸 64.62.197.211

🇫🇷 51.178.114.78

🇳🇱 45.148.10.147

🇨🇳 36.33.167.165

🇺🇸 18.218.9.249

🇯🇵 207.56.225.202

🇩🇪 178.16.52.44

🇺🇸 165.154.172.86

🇺🇸 162.216.149.208