JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.10.28

65.111.10.28 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.10.28

Whois 65.111.10.28

IP Abuse Reports for 65.111.10.28:

This IP address has been reported a total of 24 times from 15 distinct sources. 65.111.10.28 was first reported on July 15th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-02 02:31:48 (4 days ago)	(y4) Failed scan -byebye- from 65.111.10.28 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 pm33	2026-05-31 01:05:55 (6 days ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-05-29 21:13:10 (1 week ago)	(y4) Failed scan -byebye- from 65.111.10.28 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-29 01:58:58 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; s ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; samples=site_wide=true \| distinct_ips=13 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 Octopuce	2026-03-29 18:54:22 (2 months ago)	Aggressive web search of vulnerable pages: /index.php?view=%27&id=28%3ala-mobilite-au-centre-ville-d ... show more Aggressive web search of vulnerable pages: /index.php?view=%27&id=28%3ala-mobilite-au-centre-ville-de-privas-questionnaire-a-destination-des-us ... show less	Web App Attack
🇱🇻 garmtech.com	2026-01-02 09:08:15 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:12 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-15 05:46:09 (5 months ago)	botnet	DDoS Attack
Anonymous	2025-11-25 07:54:35 (6 months ago)	Reconnaissance: File Discovery	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:21:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:21:30.839235 2025] [security2:error] [pid 25078:tid 25078] [client 65.111.10.28:46627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ecodesarrollourbano.com"] [uri "/.env"] [unique_id "aSU82saty2RkUP4xHSkGMAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:37:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:37:17.510797 2025] [security2:error] [pid 19397:tid 19397] [client 65.111.10.28:49293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.personalizedbabyshowernapkins.com"] [uri "/.env"] [unique_id "aSQZPZontDUibNlnN0a6-wAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:45:41.957648 2025] [security2:error] [pid 5964:tid 5964] [client 65.111.10.28:54079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danasedge.cain2016.org"] [uri "/.git/HEAD"] [unique_id "aSQNJUukI_sczW7mgHoOqgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:35:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:35:47.826848 2025] [security2:error] [pid 21711:tid 21711] [client 65.111.10.28:60585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.caferutadelaseda.com"] [uri "/.git/HEAD"] [unique_id "aSP8w_38fXFrmnfE-ETRRwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:49:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.10.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:49:47.227993 2025] [security2:error] [pid 13129:tid 13129] [client 65.111.10.28:12265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.denverrealestateadvice.com"] [uri "/.svn/wc.db"] [unique_id "aSPx-6wvoLum8YFeFanc3gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:52:57 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 196.127.4.69

🇩🇪 165.227.170.113

🇨🇳 103.91.208.101

🇳🇱 81.19.216.106

🇨🇦 50.70.162.121

🇺🇸 40.124.117.126

🇺🇸 20.118.201.169

🇳🇱 20.23.229.100

🇯🇵 8.216.9.49

🇮🇹 2.192.66.98

🇨🇳 182.119.229.202

🇨🇳 175.30.48.104

🇫🇷 148.135.191.227

🇨🇳 124.227.31.33

🇰🇷 118.37.214.187

🇻🇳 103.195.236.35

🇷🇴 102.129.186.87

🇺🇸 18.226.230.77

🇷🇴 2.57.122.177

🇺🇸 2a00:1450:4864:20::32a