JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.29.26

65.111.29.26 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.29.26

Whois 65.111.29.26

IP Abuse Reports for 65.111.29.26:

This IP address has been reported a total of 22 times from 13 distinct sources. 65.111.29.26 was first reported on July 9th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 06:08:32 (1 week ago)	PSCSERV WPSCAN 65.111.29.26	Bad Web Bot Web App Attack
🇩🇪 MusicLibrary	2026-03-19 10:28:25 (2 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-12 06:32:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 01:32:52.049026 2026] [security2:error] [pid 819520:tid 819520] [client 65.111.29.26:14905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arttechnology.net"] [uri "/backup/.git/config"] [unique_id "aY10FKXFOyCXpg0jWEBJuwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:17:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:17:07.191905 2026] [security2:error] [pid 5043:tid 5043] [client 65.111.29.26:25169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artglass-jerusalem.net"] [uri "/backend/.env"] [unique_id "aY1UQ7RI-IVAcaIsolmWDgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:21 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 03:05:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:04:58.028565 2026] [security2:error] [pid 9829:tid 9832] [client 65.111.29.26:55903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.click"] [uri "/dev/.git/config"] [unique_id "aYqgWk2gXiz6axLwsMS7BAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 00:35:54 (3 months ago)	Blocking for trying to access an exploit file: /.env.staging	Hacking
🇺🇸 myagent.site	2026-02-09 22:37:26 (3 months ago)	Blocking for trying to access an exploit file: /admin/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 20:45:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:45:10.227239 2026] [security2:error] [pid 7925:tid 7925] [client 65.111.29.26:39757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honigcpa.com"] [uri "/site/.git/config"] [unique_id "aYpHVnd_UwJRpGZNweKcGQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:45:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:45:14.860674 2026] [security2:error] [pid 21412:tid 21412] [client 65.111.29.26:62675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homebuyerpros.com"] [uri "/frontend/.env"] [unique_id "aYo5SsqBY2MJ_eevhimfRAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 01:50:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.29.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 20:50:02.607406 2026] [security2:error] [pid 6994:tid 6994] [client 65.111.29.26:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perl-photo.com"] [uri "/.git/HEAD"] [unique_id "aWhHysMzwH5XlA4E-gVEvQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 03:16:05 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-12-09 23:02:55 (5 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 217.216.59.228

🇹🇬 156.38.73.89

🇰🇷 112.219.151.50

🇫🇮 74.125.112.26

🇳🇱 45.148.10.152

🇺🇸 44.195.145.102

🇰🇷 182.225.134.13

🇳🇱 80.82.77.139

🇺🇸 65.49.1.29

🇨🇳 60.16.218.6

🇷🇺 31.173.8.170

🇨🇳 221.227.118.139

🇺🇸 162.216.149.110

🇧🇬 79.124.58.142

🇺🇸 69.49.246.176

🇮🇩 39.194.4.187

🇻🇳 27.79.2.165

🇩🇪 178.16.52.139

🇯🇵 118.194.228.101

🇰🇷 106.246.89.72