JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.28.63

65.111.28.63 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.28.63

Whois 65.111.28.63

IP Abuse Reports for 65.111.28.63:

This IP address has been reported a total of 26 times from 13 distinct sources. 65.111.28.63 was first reported on June 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-20 02:11:12 (2 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇿 billyborsht	2026-06-19 21:15:43 (2 days ago)	2026-06-20T09:15:42.446734+12:00 southern wordpress(leanpolicy.org)[1102211]: Authentication attempt ... show more 2026-06-20T09:15:42.446734+12:00 southern wordpress(leanpolicy.org)[1102211]: Authentication attempt for unknown user wplogin from 65.111.28.63 ... show less	Hacking Web App Attack
🇫🇮 inlink.ltd	2026-05-15 06:27:26 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 myagent.site	2025-12-29 06:35:30 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-29 04:48:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:48:17.650082 2025] [security2:error] [pid 15604:tid 15604] [client 65.111.28.63:20219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yeswecanhandyservices.com"] [uri "/.env"] [unique_id "aVIIEWz048fSICsg4tg2JwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:06:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:06:05.255747 2025] [security2:error] [pid 28172:tid 28172] [client 65.111.28.63:53083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "commonwealthcateringky.com"] [uri "/.env"] [unique_id "aVH-LaQzVTMpx-4_Hys4DAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:17:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:17:31.077879 2025] [security2:error] [pid 1817000:tid 1817026] [client 65.111.28.63:9471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cosmetichouston.com.aafm.us"] [uri "/.git/HEAD"] [unique_id "aSU765iXM9qjzOaPIgQ5PAAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:36:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:35:57.049125 2025] [security2:error] [pid 19742:tid 19742] [client 65.111.28.63:14697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.butlerinc.net"] [uri "/.git/HEAD"] [unique_id "aSUyLYugMJPupKobA-2ItwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:01:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:01:32.857396 2025] [security2:error] [pid 15589:tid 15622] [client 65.111.28.63:47051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yt.kd9uri.com"] [uri "/.git/HEAD"] [unique_id "aSUqHCIjVFKa_KFJ49h4-QAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:13:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:13:30.175195 2025] [security2:error] [pid 18316:tid 18316] [client 65.111.28.63:41843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.batesstrategygroup.com"] [uri "/.svn/wc.db"] [unique_id "aSUe2oQxI8kUzo6dYN_rIgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:12:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:12:53.176365 2025] [security2:error] [pid 13929:tid 13929] [client 65.111.28.63:36865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.totalstorage.solutions"] [uri "/.env"] [unique_id "aSUQpRXf3qKVzPNH-Bu75QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:21:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:21:13.645167 2025] [security2:error] [pid 10190:tid 10190] [client 65.111.28.63:17689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pwilts.com"] [uri "/.git/HEAD"] [unique_id "aST2eex2e4l1u_QhZVJklQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:51:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:51:42.262656 2025] [security2:error] [pid 15696:tid 15696] [client 65.111.28.63:49901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ciptaconindotara.com"] [uri "/.git/HEAD"] [unique_id "aSQqrjJgc6Dk8nrjZP9U4AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:31:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.28.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:31:07.913461 2025] [security2:error] [pid 31668:tid 31668] [client 65.111.28.63:42425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.aquatech-ind.com"] [uri "/.git/HEAD"] [unique_id "aSP7q5uAb9gHzJONcGmk9gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-10-26 05:11:14 (7 months ago)	IM360 WAF: Attempt to upload malware	Hacking

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c1f::121

🇸🇪 65.99.181.123

🇫🇷 5.196.106.17

🇵🇱 194.180.49.104

🇫🇷 185.177.72.49

🇻🇳 171.231.180.249

🇺🇸 130.131.161.17

🇨🇳 124.174.36.222

🇨🇳 121.40.231.19

🇨🇳 118.81.207.181

🇨🇳 112.6.11.184

🇨🇦 99.235.87.46

🇳🇱 94.102.49.155

🇳🇱 91.92.40.50

🇩🇪 49.12.215.225

🇫🇷 45.81.243.62

🇮🇳 27.6.156.126

🇹🇳 197.2.246.150

🇲🇽 187.150.64.239

🇺🇸 165.154.173.169