JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.9.79

65.111.9.79 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.9.79

Whois 65.111.9.79

IP Abuse Reports for 65.111.9.79:

This IP address has been reported a total of 48 times from 21 distinct sources. 65.111.9.79 was first reported on July 9th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 05:10:23 (9 hours ago)	Web App Attack	Web App Attack
🇺🇸 mnsf	2026-05-31 12:05:36 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇨🇭 backslash	2026-05-23 05:15:03 (4 weeks ago)		Bad Web Bot
🇪🇸 librebit	2026-05-17 04:09:01 (1 month ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-15 00:16:49 (1 month ago)	RDWeb scan	Web App Attack
Anonymous	2026-04-30 02:45:01 (1 month ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:40:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:40:50.991081 2026] [security2:error] [pid 11481:tid 11481] [client 65.111.9.79:57029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garrygwilt.com"] [uri "/frontend/.env"] [unique_id "aYpUYlqgNFHJrV8v3BNPsgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 16:44:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 11:44:40.134535 2026] [security2:error] [pid 22134:tid 22134] [client 65.111.9.79:51203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuentevictoria.com"] [uri "/.env.staging"] [unique_id "aYoO-CKt0NeTR3S45Dp8dgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:37:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:37:37.690371 2026] [security2:error] [pid 10516:tid 10516] [client 65.111.9.79:54119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundaciondamashcc.org.ec"] [uri "/dev/.git/config"] [unique_id "aYnHAR670tioFBCopPPqgAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 21:19:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 16:19:15.360499 2026] [security2:error] [pid 27592:tid 27592] [client 65.111.9.79:60995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/.git/HEAD"] [unique_id "aYj907n5SuDTbfEDVW5VSwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:47 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 Burayot	2025-12-28 01:59:08 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.9.79 (US/United States/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.9.79 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇦🇺 2000cn.com.au	2025-12-27 21:29:49 (5 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:04:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:04:31.694220 2025] [security2:error] [pid 10925:tid 10925] [client 65.111.9.79:13417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jacobyonline.com"] [uri "/.svn/wc.db"] [unique_id "aVAfr0GwfaQPVLUf9Nwo7gAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 16:30:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.9.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:29:55.400429 2025] [security2:error] [pid 2852:tid 2860] [client 65.111.9.79:39913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gfx-technology.com"] [uri "/.git/HEAD"] [unique_id "aVAJg3eq7BsfisjpkAYdTQAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.143

🇨🇳 58.246.72.170

🇬🇧 193.163.125.55

🇮🇳 182.79.216.226

🇺🇸 173.244.60.241

🇭🇰 172.253.4.22

🇮🇶 65.20.160.107

🇺🇸 52.176.211.73

🇷🇺 213.180.203.25

🇧🇷 205.210.31.235

🇳🇵 203.9.211.235

🇬🇧 193.163.125.181

🇮🇳 183.82.108.109

🇰🇷 125.138.175.113

🇨🇳 117.147.54.206

🇺🇸 107.170.40.174

🇦🇿 91.135.255.165

🇮🇷 84.47.254.30

🇨🇳 82.156.88.97

🇧🇬 79.124.62.134