JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.165

65.111.9.165 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.165

Whois 65.111.9.165

IP Abuse Reports for 65.111.9.165:

This IP address has been reported a total of 29 times from 15 distinct sources. 65.111.9.165 was first reported on July 10th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-05-16 03:42:54 (3 weeks ago)	(From [email protected]) Hi Fuller Life Chiropractic Center, I wanted to bump this ... show more (From [email protected]) Hi Fuller Life Chiropractic Center, I wanted to bump this in case you missed it — I built an AI agent just for Fuller Life Chiropractic Center, trained on your website, Google info, and everything I could find. It’s ready to answer customer questions, book appointments, and even follow up automatically. On average, our agents help increase leads by 17% without any work needed on your part. Again, this isn’t a pitch — just 20 minutes to test-drive your new AI employee. Here’s the link to book a time: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇮🇹 VHosting	2026-02-18 22:11:34 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-17 04:34:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 23:34:15.297237 2026] [security2:error] [pid 19141:tid 19141] [client 65.111.9.165:34611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.tevalaur.com"] [uri "/.env"] [unique_id "aWsRR0H24gayGvcfFgqWSAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 03:08:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 22:08:18.792541 2026] [security2:error] [pid 17610:tid 17610] [client 65.111.9.165:27123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.graduationinvitationsonline.com"] [uri "/.env"] [unique_id "aWr9IjHmbUk5XSZWIJia-AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-12-11 10:13:37 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-12-02 21:26:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:26:01.275370 2025] [security2:error] [pid 16850:tid 16850] [client 65.111.9.165:17771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eganadvisers.com"] [uri "/.env"] [unique_id "aS9ZaRF1DKfM4iVtzObegQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:28:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:28:15.295816 2025] [security2:error] [pid 6512:tid 6512] [client 65.111.9.165:40937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scala-global.com"] [uri "/.env"] [unique_id "aS8vvwPe6gjJ2FDkxE20LwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 09:10:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 04:10:25.740910 2025] [security2:error] [pid 10379:tid 10379] [client 65.111.9.165:21013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "post-therapyreconditioning.com"] [uri "/.git/HEAD"] [unique_id "aS6tAQDPloK2SXgz3owJ7AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:54:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:54:01.106086 2025] [security2:error] [pid 424358:tid 424453] [client 65.111.9.165:47525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "21370.com"] [uri "/.svn/wc.db"] [unique_id "aS6bGfp__Pmf5kEIOQBXTAAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:44:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:44:05.936779 2025] [security2:error] [pid 2638:tid 2638] [client 65.111.9.165:17695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seizetheseason.com"] [uri "/.env"] [unique_id "aS5ulf5AJuN_rcQ5z5kZxgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 02:38:11 (6 months ago)	botnet	DDoS Attack
🇦🇺 2000cn.com.au	2025-12-02 00:54:51 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
Anonymous	2025-11-02 16:21:07 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 06:57:16	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-17 16:50:58 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-15 11:39:28 (7 months ago)	GlobalProtect login attempts with user jvillasenorg.	VPN IP Brute-Force

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.253.9.49

🇺🇸 208.84.100.38

🇺🇸 204.88.187.11

🇺🇸 172.233.178.66

🇺🇸 128.14.75.55

🇨🇳 111.174.130.223

🇺🇸 103.203.57.2

🇨🇿 93.99.104.194

🇧🇬 91.92.40.124

🇱🇹 81.30.98.44

🇵🇦 190.32.246.14

🇳🇱 185.136.15.11

🇩🇪 157.230.126.27

🇺🇸 143.198.134.9

🇨🇳 123.13.41.128

🇸🇬 119.8.182.233

🇮🇳 103.58.152.144

🇧🇬 91.92.40.200

🇧🇬 91.92.40.176

🇺🇸 72.10.32.138