JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.72

65.111.9.72 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.72

Whois 65.111.9.72

IP Abuse Reports for 65.111.9.72:

This IP address has been reported a total of 26 times from 15 distinct sources. 65.111.9.72 was first reported on July 11th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-10 20:05:44 (3 hours ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-06-10 18:55:01 (4 hours ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.git/HEAD	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 jjnxpct	2025-12-09 04:48:49 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.svn/wc.db (Rule ID: 920440) - URL file extension is restricted by policy show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 17:41:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 12:41:20.385350 2025] [security2:error] [pid 23704:tid 23704] [client 65.111.9.72:22681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "m2oblivion.com"] [uri "/.git/HEAD"] [unique_id "aTcNwFgHzvzkpLm9ovBDgwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 16:23:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 11:23:41.844561 2025] [security2:error] [pid 25990:tid 25990] [client 65.111.9.72:45537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psystems.net"] [uri "/.env"] [unique_id "aTRYjd9CgBhQzubM4i0DrQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:13:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:13:35.255350 2025] [security2:error] [pid 10077:tid 10077] [client 65.111.9.72:17349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hyps.net"] [uri "/.git/HEAD"] [unique_id "aTQr_1oe5R3sMuGeypVeBQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:16:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:16:21.319888 2025] [security2:error] [pid 3676:tid 3676] [client 65.111.9.72:18949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "poohippie.com"] [uri "/.env"] [unique_id "aTKw9Qojzm3Szrd_UM-tYAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:39:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:39:46.815198 2025] [security2:error] [pid 28335:tid 28335] [client 65.111.9.72:37915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teamrealduck.com"] [uri "/.svn/wc.db"] [unique_id "aTJ-Mgf8n-UW7PtOLQDLsQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 syokadmin	2025-12-03 08:00:16 (6 months ago)	(cpanel) Failed cPanel login from 65.111.9.72 (US/United States/-): 1 in the last 3600 secs	Brute-Force Web App Attack
Anonymous	2025-11-16 22:58:30 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 00:21:16 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-11 09:01:03 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-06 23:45:41 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.06 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.06 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2025-10-25 16:59:54 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-59.65.111.9.72.web-spammers ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-59.65.111.9.72.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.206.8.121

🇩🇪 151.243.11.248

🇺🇸 138.197.204.198

🇨🇳 112.82.218.151

🇸🇬 94.231.206.6

🇷🇺 94.180.243.12

🇷🇴 93.113.10.194

🇸🇨 41.86.34.139

🇨🇳 14.120.51.243

🇩🇪 213.209.159.231

🇳🇱 204.76.203.15

🇦🇺 202.125.97.104

🇹🇼 198.235.24.85

🇲🇽 186.96.145.241

🇮🇳 182.78.108.126

🇲🇽 177.229.197.38

🇫🇷 173.249.18.4

🇵🇪 161.132.49.90

🇭🇰 152.32.169.155

🇿🇦 105.184.154.94