JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.29.154

65.111.29.154 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 26%: ?

26%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.29.154

Whois 65.111.29.154

IP Abuse Reports for 65.111.29.154:

This IP address has been reported a total of 28 times from 12 distinct sources. 65.111.29.154 was first reported on August 21st 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-03 06:00:09 (2 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-05-30 16:27:27 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇦🇺 oncord	2026-05-26 14:00:02 (3 weeks ago)	Form spam	Web Spam
🇧🇾 Quincy	2026-05-12 05:55:00 (1 month ago)	Form spam	Web Spam Blog Spam
🇦🇺 oncord	2026-05-10 23:06:19 (1 month ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-05-10 19:32:56 (1 month ago)	(From [email protected]) Hi there, I’m offering something valuable completely free... Nothing hi ... show more (From [email protected]) Hi there, I’m offering something valuable completely free... Nothing hidden. Tap here to enter before spots are gone: https://suniljaindvg.systeme.io/6850adaf About 10 seconds. Could land with you. Join now. If you don’t want to receive messages from me, please use the form on my website show less	Phishing Web Spam
🇬🇧 PeravixGroup	2026-05-07 11:04:34 (1 month ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-13 13:51:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:51:15.069506 2026] [security2:error] [pid 2983205:tid 2983205] [client 65.111.29.154:56611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leagueloch.com"] [uri "/backend/.env"] [unique_id "aY8sUxh5Qr_NxE5gCJRrBwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:21:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:21:23.736016 2026] [security2:error] [pid 27743:tid 27743] [client 65.111.29.154:52805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "miles2go.net"] [uri "/site/.git/config"] [unique_id "aY8lU9TI6_b8wUFFps5cGQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:43:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:43:38.430577 2026] [security2:error] [pid 9003:tid 9003] [client 65.111.29.154:18125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microscopicpablo.com"] [uri "/.env.staging"] [unique_id "aY8cehsXNsHUFpw7eLkuRAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 12:34:39 (4 months ago)	Blocking for trying to access an exploit file: /api/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-13 06:45:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:45:18.460617 2026] [security2:error] [pid 12986:tid 12986] [client 65.111.29.154:37971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medgi.co"] [uri "/.env"] [unique_id "aY7IfkAve1YBrQiqFECEOwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:19:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:18:59.252508 2026] [security2:error] [pid 8020:tid 8020] [client 65.111.29.154:28473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matterofbritain.com"] [uri "/backup/.git/config"] [unique_id "aY60Qz8flf3xAaUNanxoOQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:20:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:20:21.081597 2026] [security2:error] [pid 19329:tid 19329] [client 65.111.29.154:59291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martaaizenman.com"] [uri "/test/.git/config"] [unique_id "aY6mhSPHnp9XMmOOZG9AMgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:06:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:06:50.462590 2026] [security2:error] [pid 24119:tid 24119] [client 65.111.29.154:25065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mapleleaf-marketing.com"] [uri "/.env.local"] [unique_id "aY6VSp0iNXli2HecWHmYPwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 176.240.124.66

🇩🇪 139.162.186.99

🇮🇳 136.232.157.230

🇨🇳 119.98.79.125

🇺🇸 65.49.1.53

🇵🇰 39.48.85.236

🇻🇳 27.78.70.85

🇺🇸 8.34.210.33

🇳🇿 219.89.197.82

🇳🇱 176.65.139.232

🇷🇺 152.32.227.23

🇨🇳 120.48.148.35

🇨🇳 117.81.34.36

🇧🇬 91.191.209.118

🇲🇦 81.192.46.49

🇳🇱 45.148.10.151

🇳🇱 185.242.226.73

🇰🇿 91.147.100.71

🇨🇦 85.217.149.43

🇻🇳 27.71.21.70