JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.27.203

65.111.27.203 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.27.203

Whois 65.111.27.203

IP Abuse Reports for 65.111.27.203:

This IP address has been reported a total of 18 times from 12 distinct sources. 65.111.27.203 was first reported on July 11th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-21 03:10:39 (1 day ago)	Web App Attack	Web App Attack
Anonymous	2026-01-28 15:21:32 (4 months ago)	wordpress-trap	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 12:15:38 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇮🇹 flws	2025-11-25 05:52:11 (6 months ago)	Using APIs to sign up a huge number of fake users	Exploited Host Web App Attack
🇵🇱 IROK	2025-11-24 12:03:20 (6 months ago)	24/Nov/2025:13:03:10.378686 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client ... show more 24/Nov/2025:13:03:10.378686 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 65.111.27.203] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_URI. [file "remote server"] [line "-1"] [id "430057"] [msg "Malware.Expert - request_uri: .ENV Files"] [tag "MEWAF"] [hostname "cloud24.com.pl"] [uri "/.env"] [unique_id "aSRJfpFN9cOjP54pXJQiEwAAAIw"] ... show less	Hacking
🇺🇸 TPI-Abuse	2025-11-24 08:52:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:52:01.641750 2025] [security2:error] [pid 21753:tid 21753] [client 65.111.27.203:35631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.creativeawardsaz.com"] [uri "/.svn/wc.db"] [unique_id "aSQcsUYuHEoWwcIsw6chQgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:25:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:25:36.041822 2025] [security2:error] [pid 17928:tid 17928] [client 65.111.27.203:16455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmotorsports.com"] [uri "/.env"] [unique_id "aSPsUOyRIBYqkm19fhHxIAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:04:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:03:53.121914 2025] [security2:error] [pid 9325:tid 9325] [client 65.111.27.203:48135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.actionplanner.xyz"] [uri "/.env"] [unique_id "aSPnOU_fkqF59CZXEOymWQAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:11:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:11:24.706876 2025] [security2:error] [pid 3965260:tid 3965364] [client 65.111.27.203:26925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.workbykathryn.workconfident.com"] [uri "/.env"] [unique_id "aSPa7KyiyKH59MCrZuH9NwAAAgw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 06:20:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 01:20:31.782136 2025] [security2:error] [pid 29770:tid 29770] [client 65.111.27.203:27093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.imagesbyaubrey.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRbKL25jwvxnY6PSVa9HQAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 17:58:38 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:35:06	Port Scan Brute-Force Exploited Host Web App Attack
🇱🇻 garmtech.com	2025-10-26 07:06:30 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-06.65.111.27.203.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-06.65.111.27.203.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇮🇳 Mr.Singh	2025-10-15 15:30:43 (8 months ago)	NFT blocked 65.111.27.203 after 4 rejections on 15-Oct-2025.	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2024-12-22 15:18:25 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.27.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 22 10:18:19.052111 2024] [security2:error] [pid 3714346:tid 3714346] [client 65.111.27.203:34777] [client 65.111.27.203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wlsn.com"] [uri "/.env"] [unique_id "Z2gtuzXQUjTyiPIvsDQS2wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-18 11:42:51 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.199

🇨🇳 125.94.145.234

🇺🇸 2604:a880:400:d1:0:4:9e97:e001

🇳🇱 194.26.192.129

🇬🇧 193.163.125.113

🇸🇬 146.190.103.103

🇱🇹 141.98.9.51

🇨🇳 125.84.50.119

🇵🇭 124.104.195.140

🇮🇳 106.207.149.219

🇨🇩 102.216.240.61

🇷🇺 89.31.188.154

🇧🇬 79.124.56.146

🇺🇸 71.168.178.131

🇫🇷 54.37.252.231

🇺🇸 44.248.177.90

🇵🇪 38.253.147.100

🇺🇸 20.169.105.96

🇷🇴 2.57.122.177

🇫🇮 193.25.216.125