JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.28.23

65.111.28.23 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.28.23

Whois 65.111.28.23

IP Abuse Reports for 65.111.28.23:

This IP address has been reported a total of 20 times from 9 distinct sources. 65.111.28.23 was first reported on June 27th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-05-16 08:15:30 (2 weeks ago)	(wordpress) Failed wordpress login from 65.111.28.23 (IT/Italy/Lazio/Rome/-/[redacted]): (CF_ENABLE ... show more (wordpress) Failed wordpress login from 65.111.28.23 (IT/Italy/Lazio/Rome/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇫🇷 tecnicorioja	2026-05-15 22:00:51 (3 weeks ago)	wp-login attack [15/May/2026:20:54:22	Brute-Force Web App Attack
🇮🇹 [email protected]	2026-04-18 13:29:56 (1 month ago)	[Sat Apr 18 15:29:55.875035 2026] [authz_core:error] [pid 560721:tid 560739] [remote 65.111.28.23:19 ... show more [Sat Apr 18 15:29:55.875035 2026] [authz_core:error] [pid 560721:tid 560739] [remote 65.111.28.23:19017] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:07:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:07:06.104908 2026] [security2:error] [pid 30721:tid 30816] [client 65.111.28.23:44081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lauricella.us"] [uri "/site/.git/config"] [unique_id "aY8h-nn14D_6H7Jxr0d0yAAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:39:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:39:31.601881 2026] [security2:error] [pid 13748:tid 13748] [client 65.111.28.23:45999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microbikinitop.com"] [uri "/.env.production"] [unique_id "aY8bg3Likq-8BHMFFrb5UgAAAIA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:48:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:48:00.230037 2026] [security2:error] [pid 1129:tid 1129] [client 65.111.28.23:29753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "messengersforchrist.com"] [uri "/test/.git/config"] [unique_id "aY7lQJX0IlAv6bAJJEkkKwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:08:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:08:38.880932 2026] [security2:error] [pid 22593:tid 22593] [client 65.111.28.23:15893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menafert.com"] [uri "/.env.save"] [unique_id "aY7cBoTupn-gYtFqM8IU-QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 07:38:40 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:50:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:50:15.230561 2026] [security2:error] [pid 1908033:tid 1908081] [client 65.111.28.23:12273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "media928.com"] [uri "/new/.git/config"] [unique_id "aY7Jp07msqS-ZlYUbK7zewAAAYo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:17:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:17:42.079556 2026] [security2:error] [pid 29700:tid 29700] [client 65.111.28.23:47497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marshall-islands-boat-registration.com"] [uri "/frontend/.env"] [unique_id "aY6l5nOs4LlQcxaOGC49OwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:29:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:29:14.187671 2026] [security2:error] [pid 5900:tid 5900] [client 65.111.28.23:52835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "margroberts.com"] [uri "/api/.git/config"] [unique_id "aY6aivB0ClywXSpKgu647QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-13 03:20:55 (3 months ago)	(modsecurity) srv201 ModSecurity 65.111.28.23 (IT/Italy/-): 5 in the last 3600 secs; Ports: ; Direc ... show more (modsecurity) srv201 ModSecurity 65.111.28.23 (IT/Italy/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:12:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:12:00.812615 2026] [security2:error] [pid 31815:tid 31815] [client 65.111.28.23:21215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marat.info"] [uri "/app/.env"] [unique_id "aY6WgKzt4DJJSkArsM2s8AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:47:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:47:31.984579 2026] [security2:error] [pid 5607:tid 5607] [client 65.111.28.23:47179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manichri.com"] [uri "/frontend/.env"] [unique_id "aY6Qw17QO2EBBqzjMmE6ygAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 00:55:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 19:55:08.848059 2026] [security2:error] [pid 23453:tid 23453] [client 65.111.28.23:31823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madbanana.com"] [uri "/.env"] [unique_id "aY52bHSV9Ap_wrSu__4KQgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.157.163.203

🇸🇬 212.73.148.5

🇧🇷 205.210.31.163

🇮🇳 116.75.60.187

🇧🇷 108.165.230.100

🇲🇽 2806:107e:c:f21a:ca3a:35ff:fedd:a0e4

🇰🇷 221.156.126.1

🇹🇼 198.235.24.98

🇺🇸 162.216.150.91

🇺🇸 162.216.150.77

🇺🇸 162.216.149.47

🇺🇸 146.88.241.35

🇺🇸 98.97.106.89

🇫🇷 85.217.140.46

🇨🇳 61.185.30.170

🇺🇸 20.65.194.59

🇮🇩 202.145.0.18

🇫🇷 185.255.126.167

🇳🇱 185.242.226.102

🇬🇧 185.174.224.8