JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.239

65.111.9.239 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.239

Whois 65.111.9.239

IP Abuse Reports for 65.111.9.239:

This IP address has been reported a total of 35 times from 16 distinct sources. 65.111.9.239 was first reported on August 31st 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 IVski	2026-05-13 05:51:21 (3 weeks ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-07 00:16:34 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-03-26 19:39:59 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-03-09 15:52:04 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-01-30 00:26:03 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2025-12-31 16:19:15 (5 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-12-23 16:42:16 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 12/23/2025 4:42 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 14:57:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 09:57:30.428409 2025] [security2:error] [pid 18021:tid 18021] [client 65.111.9.239:18707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kruizekontrhl.com"] [uri "/.svn/wc.db"] [unique_id "aTbnWjWkZNgGpu_4ewTF_AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 01:33:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 20:33:46.742095 2025] [security2:error] [pid 17763:tid 17779] [client 65.111.9.239:44529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yubasutterphotographer.com"] [uri "/.git/HEAD"] [unique_id "aTYq-lHGsSTpVoqIg5lfMwAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 23:23:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:23:20.244918 2025] [security2:error] [pid 30823:tid 30823] [client 65.111.9.239:39561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barecreationsaz.com"] [uri "/.env"] [unique_id "aTYMaDf2LbJ72ObX5fbR3wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-07 14:07:15 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-07 12:04:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:04:14.449363 2025] [security2:error] [pid 31432:tid 31432] [client 65.111.9.239:50607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "26c.org"] [uri "/.git/HEAD"] [unique_id "aTVtPoR1uQFT50DdGFATsgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 10:58:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 05:58:34.237974 2025] [security2:error] [pid 10350:tid 10350] [client 65.111.9.239:52381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "graham.starkey.name"] [uri "/.env"] [unique_id "aTQMWntR5hhZxWBCCUlN7QAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:14:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:14:11.161293 2025] [security2:error] [pid 9024:tid 9047] [client 65.111.9.239:27675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beckhofmann.com"] [uri "/.git/HEAD"] [unique_id "aTJ4L9RRZeJPlZoQ1HwryQAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 09:00:56 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.27 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 186.195.94.191

🇨🇳 115.190.166.75

🇮🇳 103.225.191.78

🇧🇩 103.81.175.146

🇷🇺 81.24.93.180

🇲🇾 49.124.152.250

🇺🇸 20.38.32.246

🇰🇷 1.235.192.130

🇮🇳 223.181.28.70

🇻🇳 202.47.87.5

🇬🇧 185.247.137.215

🇮🇷 178.131.173.81

🇺🇸 153.76.11.17

🇭🇰 123.202.225.98

🇧🇩 103.213.238.91

🇨🇳 58.51.190.104

🇲🇾 49.124.152.174

🇲🇾 49.124.146.43

🇩🇪 45.135.194.83

🇮🇩 36.74.209.237