JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.1.29

65.111.1.29 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 28%: ?

28%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.1.29

Whois 65.111.1.29

IP Abuse Reports for 65.111.1.29:

This IP address has been reported a total of 25 times from 16 distinct sources. 65.111.1.29 was first reported on October 30th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-06-03 16:18:49 (1 day ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-05-29 21:14:46 (6 days ago)	(y4) Failed scan -byebye- from 65.111.1.29 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-29 02:41:44 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/w ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/weihnachtsbasar-athen.gr.log; samples=site_wide=true \| distinct_ips=23 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ✨	2026-04-22 00:39:14 (1 month ago)	Rule : Security 4 System %592 65.111.1.29 44745 *hidden-privacy* 443 6 187917466 %610 44	Port Scan Hacking Brute-Force
🇺🇸 WizardsToolkit	2026-04-18 21:02:50 (1 month ago)	attempted to access /backup.sql	Web App Attack
Anonymous	2026-04-06 12:56:56 (1 month ago)	Fail2ban filtered ...	Web App Attack
🇦🇺 oncord	2026-03-23 20:26:03 (2 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-24 07:44:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:44:29.299119 2025] [security2:error] [pid 4104:tid 4104] [client 65.111.1.29:38197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tunabay.com"] [uri "/.git/HEAD"] [unique_id "aSQM3dU9LXWfSVAEiKTKzQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:26:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:26:12.012432 2025] [security2:error] [pid 9593:tid 9593] [client 65.111.1.29:55329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.otrantocapital.com"] [uri "/.env"] [unique_id "aSQIlJAo3jdBdM4CmgmZvgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:01:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:01:06.123434 2025] [security2:error] [pid 20260:tid 20260] [client 65.111.1.29:41623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thepercussionworks.com"] [uri "/.svn/wc.db"] [unique_id "aSP0ogKhJ25ZYSzHqLzw2gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:40:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.1.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:40:51.057191 2025] [security2:error] [pid 17875:tid 17875] [client 65.111.1.29:58799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.coalminer.com"] [uri "/.git/HEAD"] [unique_id "aSPh03gk9CU_Ha3Fv8Pp1wAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 12:34:26 (6 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 MAGIC	2025-11-17 02:05:12 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-11-14 08:46:35 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 octageeks.com	2025-11-13 05:08:43 (6 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.116.59.144

🇺🇸 205.210.31.22

🇲🇽 187.235.102.215

🇰🇷 183.104.86.65

🇺🇸 172.69.40.174

🇸🇬 167.99.72.161

🇨🇦 165.22.232.233

🇮🇩 110.139.60.241

🇭🇰 66.232.15.73

🇺🇸 65.49.1.21

🇺🇸 45.130.83.79

🇺🇸 205.210.31.93

🇬🇧 185.216.145.178

🇮🇳 172.71.198.84

🇩🇪 172.69.151.106

🇺🇸 172.68.70.152

🇺🇸 170.187.165.219

🇫🇮 147.185.133.144

🇧🇷 147.93.36.199

🇫🇷 145.239.10.137