JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.20.135

65.111.20.135 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.20.135

Whois 65.111.20.135

IP Abuse Reports for 65.111.20.135:

This IP address has been reported a total of 26 times from 16 distinct sources. 65.111.20.135 was first reported on June 27th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-16 12:28:35 (9 hours ago)	(y4) Failed scan -byebye- from 65.111.20.135 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇫🇷 tilellit.pro	2026-06-16 02:16:36 (20 hours ago)	Fail2Ban banned 65.111.20.135 for security violations in jail wp-armour. Log: 2026/06/16 02:16:36 [e ... show more Fail2Ban banned 65.111.20.135 for security violations in jail wp-armour. Log: 2026/06/16 02:16:36 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 65.111.20.135 \| Target: wplogin" , client: 65.111.20.135, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇬🇧 thetomtaylor.co.uk	2026-05-29 19:07:02 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-01 01:42:45 (1 month ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 17:27:17 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 12:27:13.139827 2026] [security2:error] [pid 18327:tid 18327] [client 65.111.20.135:44805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|churchtop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "churchtop.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZyN8c5ssp5SUR9z_k0DAgAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-12-22 06:24:15 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-02 20:32:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:32:48.936625 2025] [security2:error] [pid 15988:tid 15988] [client 65.111.20.135:17445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gatheringsattheschool.com"] [uri "/.svn/wc.db"] [unique_id "aS9M8O41naG2-bi-heXGlQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:29:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:29:54.708434 2025] [security2:error] [pid 3846:tid 3857] [client 65.111.20.135:43139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "strikeunosports.com"] [uri "/.env"] [unique_id "aS8F8nHloHpHKxIy6K6SsAAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:57:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:57:39.153173 2025] [security2:error] [pid 20837:tid 20837] [client 65.111.20.135:45367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matt-bechtel.com"] [uri "/.svn/wc.db"] [unique_id "aS7iQ6BWs1FY6MpLepG9SQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:19:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:19:13.581460 2025] [security2:error] [pid 22041:tid 22041] [client 65.111.20.135:59843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barillaequipment.com"] [uri "/.svn/wc.db"] [unique_id "aS6hAeRun6KEf4Oonv4iuAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:54:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:54:32.076337 2025] [security2:error] [pid 2432:tid 2432] [client 65.111.20.135:43215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jazziientertainment.com"] [uri "/.env"] [unique_id "aS5_GPHuSbE8R8JhCHFGUAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-25 06:00:52 (7 months ago)	2025-10-25T08:00:49.299932 localhost.localdomain sshd[899913]: pam_unix(sshd:auth): authentication f ... show more 2025-10-25T08:00:49.299932 localhost.localdomain sshd[899913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.111.20.135 2025-10-25T08:00:51.055112 localhost.localdomain sshd[899913]: Failed password for invalid user [email protected] from 65.111.20.135 port 23439 ssh2 ... show less	Brute-Force SSH
🇩🇪 SCHAPPY	2025-10-11 02:36:04 (8 months ago)	Brute-force attack to identify web exploits	Brute-Force Web App Attack
Anonymous	2025-03-21 17:48:07 (1 year ago)	65.111.20.135 (US/United States/-), 5 distributed imapd attacks on account [redacted]	Brute-Force
🇺🇸 hostseries	2025-03-03 02:57:38 (1 year ago)	Trigger: LF_MODSEC	Brute-Force

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.23.180.142

🇫🇷 157.173.100.92

🇸🇬 152.42.227.173

🇮🇪 52.169.217.131

🇧🇷 45.205.1.243

🇧🇴 190.181.44.194

🇫🇷 185.177.72.69

🇨🇳 180.108.197.113

🇧🇷 170.239.114.217

🇸🇬 128.199.64.40

🇬🇧 94.72.98.187

🇺🇸 91.230.168.104

🇨🇦 40.85.218.222

🇨🇳 218.75.165.74

🇭🇰 199.45.154.183

🇲🇽 189.162.54.218

🇦🇷 186.5.180.176

🇪🇨 186.3.240.236

🇸🇬 129.150.32.12

🇺🇸 104.223.21.30