JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.28.185

65.111.28.185 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.28.185

Whois 65.111.28.185

IP Abuse Reports for 65.111.28.185:

This IP address has been reported a total of 21 times from 14 distinct sources. 65.111.28.185 was first reported on October 18th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 MatStef132	2026-05-19 20:21:19 (2 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-15 15:39:09 (2 weeks ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:20 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?utm_campaign=Y5v4rNEeX Host: elhacker.net user ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?utm_campaign=Y5v4rNEeX Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: DE Method: GET Timestamp: 2026-04-28T15:44:20Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 iNetWorker	2026-03-02 20:56:13 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇳🇱 jjnxpct	2026-02-24 04:47:49 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/config (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/config] show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-02-23 17:08:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 12:08:39.497182 2026] [security2:error] [pid 5458:tid 5458] [client 65.111.28.185:63203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internationalseniortravel.banis-associates.com"] [uri "/.git/config"] [unique_id "aZyJl7casV5VxtI4azTutQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 16:40:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 11:40:29.355011 2026] [security2:error] [pid 16315:tid 16315] [client 65.111.28.185:30877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cathayexpress.com.dragoldio.com"] [uri "/.git/config"] [unique_id "aZyC_YZ-96ZWd9oLMmEKKQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 11:58:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 06:58:38.139951 2026] [security2:error] [pid 5092:tid 5116] [client 65.111.28.185:50473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "possibilitywhisperer.teritemme.com"] [uri "/.git/config"] [unique_id "aZxA7sltzFrfzzFf1iFSSQAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:50:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:50:37.629035 2026] [security2:error] [pid 16647:tid 16647] [client 65.111.28.185:52485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulpasquali.com"] [uri "/.git/config"] [unique_id "aZUM3Q1dY3JU-XkSCpAYKQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 F242	2026-01-30 05:13:02 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 12:16:24 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-05 20:37:27 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:45 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 10dencehispahard SL	2025-11-19 08:48:31 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 136.144.42.240

🇮🇳 103.174.80.40

🇳🇱 78.142.18.172

🇭🇰 45.78.38.195

🇷🇴 2.57.121.112

🇺🇸 216.218.206.111

🇺🇿 194.107.115.199

🇭🇰 150.5.141.198

🇱🇹 81.30.98.44

🇱🇹 62.60.130.210

🇱🇹 45.227.254.170

🇩🇪 44.148.253.75

🇧🇷 43.157.174.69

🇹🇼 36.226.242.105

🇻🇳 2402:800:6d62:85ff:385c:37d0:4cd2:53bb

🇺🇸 184.105.247.251

🇨🇳 180.184.84.77

🇺🇸 162.216.150.47

🇮🇳 122.186.204.214

🇮🇳 106.200.29.238