JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.28.198

65.111.28.198 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 68%: ?

68%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.28.198

Whois 65.111.28.198

IP Abuse Reports for 65.111.28.198:

This IP address has been reported a total of 42 times from 26 distinct sources. 65.111.28.198 was first reported on June 27th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 abuse-detection	2026-06-22 16:14:27 (1 day ago)	Web security detection (http-wordpress-auth-probes); path=/wp-login.php; status=301	Brute-Force Web App Attack
🇬🇧 spamverify.com	2026-06-22 16:04:21 (1 day ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇩🇪 georgengelmann	2026-06-22 07:47:06 (1 day ago)	Failed login attempt for admin	Brute-Force Web App Attack
🇫🇷 pm33	2026-06-21 00:52:24 (3 days ago)	Wordpress login attempts	Brute-Force
🇬🇷 setupgr	2026-06-21 00:43:50 (3 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.28.198 (IT/Italy/Lazio/Rome/-/[AS200373 ... show more (mod_security) mod_security (id:900001) triggered by 65.111.28.198 (IT/Italy/Lazio/Rome/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 21 03:43:48.111496 2026] [security2:error] [pid 2276:tid 2339] [client 65.111.28.198:61915] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ajczxPFOzdhEIc8u07dFqAAAAAE"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇩🇪 ger-stg-sifi1	2026-06-20 18:56:53 (3 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 MAGIC	2026-06-20 02:11:05 (4 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 ELYAZ	2026-06-16 13:29:00 (1 week ago)	(y4) Failed scan -byebye- from 65.111.28.198 (IT/Italy/-): (CF_ENABLE)	Hacking
🇩🇪 FeG Deutschland	2026-06-16 06:12:52 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 london2038.com	2026-06-16 01:17:01 (1 week ago)	Attacking WordPress 65.111.28.198 - - [16/Jun/2026:03:16:59 +0200] "POST /wp-login.php HTTP/1.1" 503 ... show more Attacking WordPress 65.111.28.198 - - [16/Jun/2026:03:16:59 +0200] "POST /wp-login.php HTTP/1.1" 503 19309 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:120.0) Gecko/20100101 Firefox/120.0" show less	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-14 12:24:50 (1 week ago)	65.111.28.198 - - [14/Jun/2026:14:24:50 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 65.111.28.198 - - [14/Jun/2026:14:24:50 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-13 09:58:07 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 65.111.28.198: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.28.198: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 12:58:06.624524 2026] [security2:error] [pid 705244:tid 705320] [client 65.111.28.198:44783] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0prsJfU53COhMBEC1_0AAAAEA"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇬🇷 setupgr	2026-06-12 15:36:19 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 65.111.28.198: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.28.198: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 18:36:16.831775 2026] [security2:error] [pid 351529:tid 351556] [client 65.111.28.198:34117] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.pankoskal.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-login.php"] [unique_id "aiwncGm9gdo9fuJjoHgWdgAAAUA"], referer: https://mail.pankoskal.gr/wp-login.php show less	Port Scan
🇺🇸 dtorrer	2026-06-11 18:11:06 (1 week ago)	Brute-force general attack.	Brute-Force
🇲🇹 Malta	2026-06-11 15:52:46 (1 week ago)	65.111.28.198 - - [11/Jun/2026:17:52:46 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubun ... show more 65.111.28.198 - - [11/Jun/2026:17:52:46 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" show less	Hacking Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.76.120.30

🇻🇳 183.91.186.36

🇨🇴 181.63.25.136

🇺🇸 172.202.118.18

🇭🇰 152.32.171.73

🇨🇳 114.228.118.190

🇬🇧 81.19.219.231

🇺🇸 74.7.227.51

🇰🇷 59.12.212.38

🇺🇸 50.247.189.189

🇨🇴 45.65.235.231

🇺🇸 216.25.89.125

🇹🇼 211.75.198.60

🇺🇸 209.50.172.21

🇺🇸 205.210.31.89

🇧🇪 198.235.24.145

🇳🇱 185.107.80.93

🇩🇪 178.27.90.142

🇺🇸 173.255.212.137

🇺🇸 162.216.149.22