JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.144

65.111.9.144 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.144

Whois 65.111.9.144

IP Abuse Reports for 65.111.9.144:

This IP address has been reported a total of 41 times from 14 distinct sources. 65.111.9.144 was first reported on June 26th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 billyborsht	2026-05-15 23:01:02 (3 weeks ago)	2026-05-16T11:01:01.544061+12:00 southern wordpress(poetryinhell.org)[903105]: Authentication attemp ... show more 2026-05-16T11:01:01.544061+12:00 southern wordpress(poetryinhell.org)[903105]: Authentication attempt for unknown user blog_table from 65.111.9.144 ... show less	Hacking Web App Attack
🇦🇺 MAGIC	2026-05-02 02:37:51 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇱🇻 garmtech.com	2026-05-01 12:46:58 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 15-46.65.111.9.144.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 15-46.65.111.9.144.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 octageeks.com	2026-04-14 04:07:01 (1 month ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇱🇻 garmtech.com	2026-01-24 19:11:54 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-11.65.111.9.144.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-11.65.111.9.144.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 stinpriza	2025-12-31 00:07:38 (5 months ago)	Web App Attack	Web App Attack
Anonymous	2025-12-22 16:40:31 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-12-14 21:09:18 (5 months ago)	botnet	DDoS Attack
🇷🇸 Smel	2025-11-26 06:03:03 (6 months ago)	Unauthorized Probe/Connection, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2025-11-26 05:58:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:58:53.017692 2025] [security2:error] [pid 26960:tid 26960] [client 65.111.9.144:36011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.hodlmoser.com"] [uri "/.git/HEAD"] [unique_id "aSaXHbC-DnYbyglRjAOyhwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:51:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:51:23.774948 2025] [security2:error] [pid 27294:tid 27294] [client 65.111.9.144:23471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agrizel.menagri.com"] [uri "/.svn/wc.db"] [unique_id "aSaHSxqa2ITLrAO14bYj_AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:10:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:10:35.539258 2025] [security2:error] [pid 16729:tid 16729] [client 65.111.9.144:58599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.needtoorder.us"] [uri "/.svn/wc.db"] [unique_id "aSUsO97zp0v1fsoZWcpQxwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:32:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:32:24.771745 2025] [security2:error] [pid 1647077:tid 1647115] [client 65.111.9.144:53711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doctoratedegree.org.aafm.us"] [uri "/.env"] [unique_id "aSUVONNHCagQpGvj6qPBuQAAAkg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:15:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:15:23.734293 2025] [security2:error] [pid 13881:tid 13881] [client 65.111.9.144:41561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pizazzsalonandspa.com"] [uri "/.svn/wc.db"] [unique_id "aSUROzugM3ubh3xzL630YwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:38:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:37:58.916126 2025] [security2:error] [pid 21049:tid 21049] [client 65.111.9.144:60871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jchiggins.nashes.net"] [uri "/.svn/wc.db"] [unique_id "aSUIdovfTyr5-z3XR72JzAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.115

🇳🇱 145.102.6.121

🇻🇳 116.110.1.243

🇺🇸 74.125.224.42

🇺🇸 54.224.133.188

🇮🇷 2.180.220.1

🇰🇬 185.53.228.202

🇺🇸 162.241.152.247

🇩🇪 78.111.67.47

🇬🇧 35.203.211.137

🇨🇳 14.103.118.61

🇷🇴 2.57.121.112

🇹🇭 203.146.102.66

🇬🇧 188.66.88.72

🇺🇸 165.227.100.97

🇺🇸 164.92.78.51

🇰🇷 121.165.61.178

🇻🇳 116.110.219.247

🇮🇪 108.129.236.132

🇺🇸 66.132.186.137