JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.28.131

65.111.28.131 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.28.131

Whois 65.111.28.131

IP Abuse Reports for 65.111.28.131:

This IP address has been reported a total of 14 times from 11 distinct sources. 65.111.28.131 was first reported on June 27th 2024, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-25 09:33:23 (22 hours ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.28.131 - - [25/Jun/2026:10:33:14 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.28.131 - - [25/Jun/2026:10:33:14 +0100] POST /wp-login.php HTTP/1.1 200 7141 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0 show less	Web App Attack
🇺🇸 lostswordfish.com	2026-06-23 07:58:10 (3 days ago)	Wordfence waf block on illinoisvoices	Web App Attack
🇨🇴 ingentar	2026-06-21 02:47:52 (5 days ago)	2026-06-20T21:47:12.066510-05:00 web wordpress(ingentar.com)[745735]: Blocked authentication attempt ... show more 2026-06-20T21:47:12.066510-05:00 web wordpress(ingentar.com)[745735]: Blocked authentication attempt for admin from 65.111.28.131 ... show less	Web App Attack Brute-Force
🇩🇪 iNetWorker	2026-06-19 14:51:20 (6 days ago)	trolling for resource vulnerabilities	Web App Attack
🇬🇷 setupgr	2026-06-19 09:55:35 (6 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.28.131 (IT/Italy/Lazio/Rome/-/[AS200373 ... show more (mod_security) mod_security (id:900001) triggered by 65.111.28.131 (IT/Italy/Lazio/Rome/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 19 12:55:33.823842 2026] [security2:error] [pid 2276:tid 2371] [client 65.111.28.131:61869] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: cpanagiotou.gr"] [severity "CRITICAL"] [tag "security"] [hostname "cpanagiotou.gr"] [uri "/wp-login.php"] [unique_id "ajUSFfFOzdhEIc8u07d58QAAAAw"], referer: https://cpanagiotou.gr/wp-login.php show less	Port Scan
🇺🇸 mnsf	2026-06-04 19:08:44 (3 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:48 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 02:05:28 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.131 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:05:23.989451 2025] [security2:error] [pid 23022:tid 23022] [client 65.111.28.131:42943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crestrong.com"] [uri "/.svn/wc.db"] [unique_id "aSUO48aCrK3NjRRr5WRBYQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 18:40:16 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:39:42	Port Scan Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 22:23:24 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.28.131 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.28.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 18:23:19.568298 2025] [security2:error] [pid 12576:tid 12576] [client 65.111.28.131:52655] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|banis-associates.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "banis-associates.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQKT1xO0PNX0Zn5o_S7lAgAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-10-12 06:25:51 (8 months ago)	422 requests with url.path *config.php	Brute-Force Bad Web Bot
Anonymous	2024-07-12 06:55:11 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-09 06:43:46 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-06-27 08:38:31 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 192.178.36.146

🇩🇪 69.5.169.246

🇺🇸 66.240.236.116

🇺🇸 35.196.28.197

🇺🇸 34.56.95.22

🇨🇭 20.203.180.35

🇳🇱 20.23.229.100

🇸🇬 167.172.90.44

🇨🇱 136.248.247.188

🇺🇸 104.237.156.209

🇫🇷 85.217.140.53

🇻🇪 38.171.194.151

🇩🇪 213.209.159.238

🇻🇳 180.93.36.222

🇺🇸 66.132.172.189

🇫🇷 51.158.120.121

🇹🇭 202.29.225.158

🇦🇺 192.9.174.4

🇨🇳 183.218.153.220

🇩🇪 147.90.209.180