JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.29.253

65.111.29.253 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.29.253

Whois 65.111.29.253

IP Abuse Reports for 65.111.29.253:

This IP address has been reported a total of 18 times from 7 distinct sources. 65.111.29.253 was first reported on June 28th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 COMAITE	2026-02-06 05:49:17 (4 months ago)	Common web attack from 65.111.29.253.	Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 00:48:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 19:48:53.604250 2025] [security2:error] [pid 29371:tid 29371] [client 65.111.29.253:45277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kerrywoodandson.com"] [uri "/.svn/wc.db"] [unique_id "aTjDdXhftS2U4-NuBRtdqwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-09 13:18:19 (6 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:12:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:12:40.804395 2025] [security2:error] [pid 15678:tid 15752] [client 65.111.29.253:37995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howilearnedtodanceintherain.com"] [uri "/.svn/wc.db"] [unique_id "aTX72BWJcUgBRAkEe3F3lQAAAc0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 20:40:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 15:40:00.462361 2025] [security2:error] [pid 7068:tid 7068] [client 65.111.29.253:50833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lawrencehale.net"] [uri "/.env"] [unique_id "aTSUoC3LN_cA7B6ag0hPZwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:54:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:54:47.485558 2025] [security2:error] [pid 24183:tid 24183] [client 65.111.29.253:20415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intervinum.net"] [uri "/.env"] [unique_id "aTQnl5NuVIOvvDQD65XtQQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 02:50:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:50:31.504746 2025] [security2:error] [pid 28650:tid 28650] [client 65.111.29.253:23045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "borzoi-pedigree.info"] [uri "/.git/HEAD"] [unique_id "aTOZ992Tjt8y6Y2-OoRMmQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 12:45:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 07:44:55.144100 2025] [security2:error] [pid 9733:tid 9733] [client 65.111.29.253:37973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "district7vote.com"] [uri "/.git/HEAD"] [unique_id "aTLTx-wjiH1MYES70tFMpQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:38:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:38:34.620469 2025] [security2:error] [pid 19383:tid 19383] [client 65.111.29.253:11415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walkerweb.com"] [uri "/.env"] [unique_id "aTK2KqpY_AZNztZUVh9n_AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:44:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:43:58.508925 2025] [security2:error] [pid 13580:tid 13580] [client 65.111.29.253:36815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stressmyth.com"] [uri "/.git/HEAD"] [unique_id "aTJxHpE-0igGiqFtB-DaBAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mashamal	2025-10-27 23:44:16 (7 months ago)	Vulnerability Probe ...	Web App Attack
Anonymous	2025-10-10 20:44:49 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-02-19 05:36:06 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.29.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 19 00:35:59.040183 2025] [security2:error] [pid 4183:tid 4183] [client 65.111.29.253:31395] [client 65.111.29.253] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|northbalwynosteo.com.au\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "northbalwynosteo.com.au"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7Vtv-0ZtLYV83IhG6rnEgAAAAo"], referer: https://northbalwynosteo.com.au show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 [email protected]	2024-12-16 06:00:00 (1 year ago)	Invalid username or password - 1 times	Brute-Force
🇺🇸 [email protected]	2024-12-16 00:00:00 (1 year ago)	2024 @ 06:57:41.680	Brute-Force

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 143.14.66.65

🇩🇪 8.211.12.171

🇨🇱 200.89.69.247

🇳🇱 185.242.226.72

🇹🇭 165.154.51.90

🇳🇱 91.92.40.233

🇷🇴 2.57.122.177

🇬🇧 209.38.167.135

🇹🇼 203.121.237.231

🇺🇸 167.234.98.168

🇰🇷 112.167.99.220

🇺🇿 84.54.92.21

🇹🇼 61.216.49.121

🇫🇷 51.68.34.131

🇺🇸 45.33.80.243

🇬🇧 35.203.210.239

🇳🇱 200.162.151.184

🇲🇾 118.100.233.144

🇨🇦 85.217.149.34

🇺🇸 66.132.172.114