JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.112

65.111.9.112 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.112

Whois 65.111.9.112

IP Abuse Reports for 65.111.9.112:

This IP address has been reported a total of 39 times from 16 distinct sources. 65.111.9.112 was first reported on July 10th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 LTM	2026-05-24 06:20:01 (2 weeks ago)	DNS - Multiple recursive query request denied	DNS Poisoning Hacking
🇪🇸 Gem	2026-02-13 23:19:51 (3 months ago)	Unauthorized web scan.	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 16:05:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 11:05:56.219937 2026] [security2:error] [pid 6753:tid 6753] [client 65.111.9.112:30183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apwstl.com"] [uri "/.env.save"] [unique_id "aYyo5G28s4rsnN2zSx3TSQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 22:59:21 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇷🇺 OK	2026-02-10 05:44:14 (3 months ago)	HTTP/HTTPS	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:04:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:04:01.638556 2026] [security2:error] [pid 12843:tid 12868] [client 65.111.9.112:17037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.live"] [uri "/app/.env"] [unique_id "aYqgIfA-0hoRFyiKDvyoHAAAAQ0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 00:35:56 (3 months ago)	Blocking for trying to access an exploit file: /.env.save	Hacking
🇺🇸 TPI-Abuse	2026-02-09 23:47:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:47:42.517751 2026] [security2:error] [pid 1441:tid 1441] [client 65.111.9.112:60717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-parker.com"] [uri "/frontend/.env"] [unique_id "aYpyHukMWXsMjlHJVDcr7QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:58:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:57:57.852337 2026] [security2:error] [pid 771494:tid 771518] [client 65.111.9.112:20355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howlerrock.com"] [uri "/v2/.git/config"] [unique_id "aYpmdXeAj16Xsm7lkAkjjAAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:53:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:53:35.775523 2026] [security2:error] [pid 1508464:tid 1508464] [client 65.111.9.112:14419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotelausland.com"] [uri "/.env"] [unique_id "aYpXXxwgM67FlmNyVnsW0wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:16:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:16:13.317751 2026] [security2:error] [pid 11652:tid 11652] [client 65.111.9.112:12629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karinproctor.com"] [uri "/site/.git/config"] [unique_id "aYpOnSy8RZBfgBr70_mTJAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 conseilgouz	2026-01-20 17:32:54 (4 months ago)	cow-Joomla User : try to access forms...	Hacking
🇺🇸 TPI-Abuse	2025-11-26 06:24:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:24:32.322340 2025] [security2:error] [pid 19600:tid 19600] [client 65.111.9.112:47749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jillbauman.com"] [uri "/.svn/wc.db"] [unique_id "aSadILWQ78w8OCh5lgoW5QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:54:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:54:46.517531 2025] [security2:error] [pid 19212:tid 19212] [client 65.111.9.112:54573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bayfieldwis.com"] [uri "/.svn/wc.db"] [unique_id "aSaWJl3EA-I7J67w8OkFrQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:24:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:24:47.758166 2025] [security2:error] [pid 13268:tid 13268] [client 65.111.9.112:53865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.envirotreecare.com"] [uri "/.env"] [unique_id "aSZW30ZttHiDpMD0Fvx_ggAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.74.196.10

🇫🇷 194.147.58.193

🇮🇳 182.95.43.86

🇮🇳 182.75.216.230

🇸🇪 171.25.158.68

🇪🇬 81.10.36.225

🇪🇸 46.253.45.10

🇺🇸 44.112.249.132

🇮🇩 27.112.78.170

🇺🇸 20.127.244.67

🇬🇧 194.50.235.139

🇮🇳 182.95.43.50

🇯🇵 160.251.206.106

🇧🇷 143.95.213.196

🇬🇧 94.72.111.217

🇷🇴 80.94.95.115

🇺🇸 44.237.190.98

🇺🇸 34.193.119.44

🇺🇸 34.139.158.179

🇦🇺 20.213.62.162