JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.236

65.111.9.236 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.236

Whois 65.111.9.236

IP Abuse Reports for 65.111.9.236:

This IP address has been reported a total of 46 times from 21 distinct sources. 65.111.9.236 was first reported on June 28th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-05-12 07:10:16 (3 weeks ago)	[TueMay1209:10:12.9699192026][security2:error][pid480489:tid480729][client65.111.9.236:0]ModSecurity ... show more [TueMay1209:10:12.9699192026][security2:error][pid480489:tid480729][client65.111.9.236:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"benvenutialfood.org\"][uri\"/.git/HEAD\"][unique_id\"agLSVNWseUXi_E5Y0OePGwAAAMQ\"] show less	Hacking Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-13 09:01:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:01:00.233839 2026] [security2:error] [pid 6452:tid 6452] [client 65.111.9.236:16841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lamporix.com"] [uri "/.env"] [unique_id "aY7oTLq78SYs3zdeDirhzQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:11:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:11:45.670160 2026] [security2:error] [pid 18901:tid 18901] [client 65.111.9.236:52293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koshland.org"] [uri "/.env.production"] [unique_id "aY7Aocd5uitsOO58T9WAnAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:33:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:33:08.687042 2026] [security2:error] [pid 11139:tid 11139] [client 65.111.9.236:19931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-parker.com"] [uri "/admin/.env"] [unique_id "aY6NZDPI97VvjMD1XVGI2gAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:14:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:14:23.094699 2026] [security2:error] [pid 22348:tid 22360] [client 65.111.9.236:57377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fevini.com"] [uri "/.git/config"] [unique_id "aY4mj9ww9ddkOpDKMxPryQAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:07:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:07:30.982516 2026] [security2:error] [pid 25723:tid 25723] [client 65.111.9.236:57683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barnesandbrower.com"] [uri "/.env"] [unique_id "aY4I0nFayAHSfDlOmWsjcgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-12 15:04:22 (3 months ago)	65.111.9.236 - - [12/Feb/2026:16:04:21 +0100] "GET /.git/config HTTP/1.1" 403 5036 "-" "Mozilla/5.0 ... show more 65.111.9.236 - - [12/Feb/2026:16:04:21 +0100] "GET /.git/config HTTP/1.1" 403 5036 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:21:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:21:19.336347 2026] [security2:error] [pid 5326:tid 5366] [client 65.111.9.236:34407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthansl.com"] [uri "/app/.git/config"] [unique_id "aY1VP_2kGrnOESJX597RCwAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 17:59:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:59:39.355723 2026] [security2:error] [pid 18247:tid 18247] [client 65.111.9.236:52757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arabou.co"] [uri "/dev/.git/config"] [unique_id "aYzDi3ZGHkcyAEDQwe6ACAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 17:15:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:15:12.077789 2026] [security2:error] [pid 22661:tid 22661] [client 65.111.9.236:29983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquatech-ind.com"] [uri "/api/.git/config"] [unique_id "aYy5IMdy8oAPjJKEr10IHgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 02:59:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 21:59:19.788420 2026] [security2:error] [pid 13028:tid 13028] [client 65.111.9.236:15819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corepsychotherapycenter.com"] [uri "/backup/.git/config"] [unique_id "aYvwh1hh0o2uR0tH-K0i_wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 01:05:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 20:05:27.199757 2026] [security2:error] [pid 14836:tid 14836] [client 65.111.9.236:56471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bradmackenzie.com"] [uri "/v2/.git/config"] [unique_id "aYvV1wVWibMB9NdBW7OyiQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 22:59:09 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇳🇱 BlueWire Hosting	2026-02-10 21:35:26 (3 months ago)	Probing websites SQL vulnerabilities	Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 207.175.25.6

🇭🇰 172.253.6.20

🇺🇸 165.154.202.145

🇵🇰 153.117.38.210

🇭🇰 152.32.132.28

🇨🇦 148.113.190.105

🇺🇸 66.228.43.62

🇺🇸 66.132.195.92

🇮🇶 65.20.174.49

🇺🇸 64.62.197.49

🇧🇷 45.186.158.26

🇵🇰 39.63.165.196

🇧🇪 34.79.125.236

🇺🇸 23.21.175.228

🇷🇴 2.57.121.112

🇺🇸 216.244.66.202

🇧🇷 187.73.232.181

🇺🇸 147.185.132.30

🇵🇰 58.65.153.217

🇺🇸 50.187.155.130