JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.28.49

65.111.28.49 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.28.49

Whois 65.111.28.49

IP Abuse Reports for 65.111.28.49:

This IP address has been reported a total of 19 times from 9 distinct sources. 65.111.28.49 was first reported on June 27th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 Antinson	2026-06-07 00:36:45 (1 week ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇺🇸 mnsf	2026-06-04 19:09:35 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇫🇷 Security_Whaller	2026-04-20 15:32:42 (1 month ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
🇨🇭 backslash	2026-01-04 22:40:06 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-12-02 15:38:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:38:04.933329 2025] [security2:error] [pid 32368:tid 32368] [client 65.111.28.49:38135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manatawnycreekfarm.com"] [uri "/.env"] [unique_id "aS8H3P1s9GGZ0X6clvsoqAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:33:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:33:50.118729 2025] [security2:error] [pid 1220:tid 1220] [client 65.111.28.49:56953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heathbartley.com"] [uri "/.git/HEAD"] [unique_id "aS7qvp-w3Vv4Fr-BCn7TEQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:31:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:31:34.595458 2025] [security2:error] [pid 1283:tid 1387] [client 65.111.28.49:17229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woadwellness.com"] [uri "/.env"] [unique_id "aS7cJgJcrirdPLKKutv_ywAAAQ4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:45:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:45:50.041413 2025] [security2:error] [pid 5171:tid 5171] [client 65.111.28.49:36585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbyimc.com"] [uri "/.git/HEAD"] [unique_id "aS6ZLlmUgihR8gNY9Ri1WAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:29:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:28:57.196568 2025] [security2:error] [pid 10824:tid 10824] [client 65.111.28.49:52103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darvintyne.com"] [uri "/.env"] [unique_id "aS55GaJhSzfOhmI9rxUgZgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:09:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:09:19.685079 2025] [security2:error] [pid 20174:tid 20174] [client 65.111.28.49:57985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mplsmedia.com"] [uri "/.env"] [unique_id "aS5mbyW3T7OKdtonnI8VoAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-26 09:00:14 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-01-23 18:12:50 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.01.23 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.01.23 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2024-11-18 21:56:02 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2024-09-25 13:01:01 (1 year ago)	WP Login Scan Activities	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.162

🇸🇦 188.51.161.33

🇻🇳 113.173.238.155

🇫🇷 5.49.97.13

🇩🇪 2.26.1.31

🇨🇳 223.100.37.11

🇧🇷 205.210.31.136

🇺🇸 205.210.31.89

🇳🇱 195.178.110.155

🇺🇸 146.190.124.238

🇭🇰 103.49.135.232

🇫🇷 91.231.89.201

🇺🇸 91.230.168.186

🇫🇷 85.112.201.196

🇺🇸 45.140.207.174

🇺🇸 18.221.173.172

🇩🇪 216.26.246.87

🇨🇳 117.23.103.107

🇮🇳 103.70.167.42

🇺🇸 91.230.168.184