JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.221

65.111.9.221 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.221

Whois 65.111.9.221

IP Abuse Reports for 65.111.9.221:

This IP address has been reported a total of 41 times from 26 distinct sources. 65.111.9.221 was first reported on June 27th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-06-01 10:20:17 (2 weeks ago)	65.111.9.221 - - [01/Jun/2026:12:20:16 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https: ... show more 65.111.9.221 - - [01/Jun/2026:12:20:16 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6488 "https://www.primobio.it/mio-account/?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-23 05:15:03 (3 weeks ago)		Bad Web Bot
🇳🇱 soverin	2026-05-21 21:26:11 (3 weeks ago)	Network scan on port 443	Email Spam
🇪🇸 librebit	2026-05-17 05:13:40 (1 month ago)	Brute force	Brute-Force
Anonymous	2026-04-10 00:53:21 (2 months ago)	Forum/form spam	Web Spam
🇫🇮 as211431.net	2026-03-24 06:36:26 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /user/register/ UA: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇮 as211431.net	2026-03-18 05:16:44 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /join UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-03-02 22:59:45 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-02	Web App Attack SSH Hacking
🇵🇱 sefinek.net	2026-01-01 08:03:17 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 10dencehispahard SL	2025-12-29 09:38:58 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇬🇧 Steve	2025-12-10 04:03:22 (6 months ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:28:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.221 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:28:09.083103 2025] [security2:error] [pid 6876:tid 6876] [client 65.111.9.221:18169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.johnandrews.net"] [uri "/.env"] [unique_id "aSQlKfW3OTUFGTppMvhDUQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:36:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.221 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:36:04.255333 2025] [security2:error] [pid 12027:tid 12027] [client 65.111.9.221:43933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.rdu.us"] [uri "/.env"] [unique_id "aSQK5B3hWkPShlS5e_P-xQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 05:29:23 (6 months ago)	Probing to gain illegal access	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.221 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:20.146156 2025] [security2:error] [pid 19050:tid 19050] [client 65.111.9.221:60533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.catherineclayton.com"] [uri "/.svn/wc.db"] [unique_id "aSPf1PLYW2hM8XoVxxKi7wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 213.230.93.200

🇺🇸 192.227.213.228

🇺🇸 173.239.211.43

🇺🇸 170.199.224.155

🇳🇱 167.172.34.119

🇺🇸 165.227.218.220

🇺🇸 144.31.35.231

🇸🇬 128.199.225.7

🇮🇳 122.187.227.144

🇵🇭 119.92.70.82

🇨🇳 111.39.206.23

🇨🇭 104.244.73.14

🇳🇵 103.160.82.171

🇺🇸 76.50.119.193

🇺🇸 66.132.186.248

🇳🇱 45.148.10.152

🇳🇱 45.148.10.121

🇬🇧 45.38.107.118

🇫🇷 37.187.104.215

🇻🇪 2803:9810:3a68:4210:dd9d:98c1:1bb9:9a9a