JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.20.56

65.111.20.56 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.20.56

Whois 65.111.20.56

IP Abuse Reports for 65.111.20.56:

This IP address has been reported a total of 25 times from 14 distinct sources. 65.111.20.56 was first reported on July 9th 2024, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-06-11 15:51:45 (19 hours ago)	65.111.20.56 - - [11/Jun/2026:17:51:45 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 65.111.20.56 - - [11/Jun/2026:17:51:45 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇲🇽 octageeks.com	2026-06-11 04:12:26 (1 day ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 dtorrer	2026-06-10 09:54:43 (2 days ago)	Brute-force general attack.	Brute-Force
Anonymous	2026-06-10 01:29:06 (2 days ago)	[osotir.org] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide ... show more [osotir.org] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=12 \| /wp-login.php show less	Hacking Web App Attack
Anonymous	2026-06-09 19:16:40 (2 days ago)	Web attack blocked by Wordfence on limburgsekunstkring.nl (1 hit). Reported by CRMON.	Web App Attack
🇬🇧 openstrike.co.uk	2026-02-16 06:12:49 (3 months ago)	12 attacks on VC URLs, password grabbing URLs, env grabbing URLs: GET /api/.git/config HTTP/1.1 GET ... show more 12 attacks on VC URLs, password grabbing URLs, env grabbing URLs: GET /api/.git/config HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /config/.env HTTP/1.1 show less	Hacking
🇳🇱 jjnxpct	2026-02-16 04:54:48 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.production (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇬🇧 consul.to	2026-02-15 12:49:54 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:56:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:56:36.162630 2026] [security2:error] [pid 27414:tid 27426] [client 65.111.20.56:40091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teanaunz.com"] [uri "/.git/config"] [unique_id "aZG0dEV2BEPC1KLHD0agIQAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:21:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:21:21.305595 2026] [security2:error] [pid 7436:tid 7436] [client 65.111.20.56:35645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetribehouse.com"] [uri "/site/.git/config"] [unique_id "aZGsMbLpqE3OfpFbdAe9kAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:35:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:35:31.568422 2026] [security2:error] [pid 24008:tid 24008] [client 65.111.20.56:30723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taekwondoit.com"] [uri "/.env"] [unique_id "aZFpMyRKrBmFK2ExY3sZkgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:47:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:47:00.378717 2026] [security2:error] [pid 3998:tid 3998] [client 65.111.20.56:27583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sublimationconsultants.com"] [uri "/v2/.git/config"] [unique_id "aZFPxD9AROBB_gMmFY5jHAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:22:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:22:22.927956 2026] [security2:error] [pid 9984:tid 9984] [client 65.111.20.56:51181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starthreadingsalon.com"] [uri "/frontend/.env"] [unique_id "aZE77kFcavPLlJCfkHnt1wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:47:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:47:25.353799 2026] [security2:error] [pid 2407049:tid 2407049] [client 65.111.20.56:23647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springmeadowventures.com"] [uri "/dev/.git/config"] [unique_id "aZEzvfdWuQ4dDkyPRUL3AAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:39:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:39:27.025572 2026] [security2:error] [pid 29444:tid 29444] [client 65.111.20.56:49777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mwtemperature.com"] [uri "/.env"] [unique_id "aZEjz4mfmGbLmmgVmiyhBAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a00:1450:4009:c02::127

🇸🇬 129.227.75.98

🇳🇱 45.142.193.168

🇫🇮 2.27.47.54

🇨🇳 220.165.85.39

🇮🇳 168.144.126.241

🇳🇱 138.226.239.10

🇵🇰 110.37.95.41

🇮🇪 98.71.8.129

🇩🇪 69.5.169.172

🇧🇪 34.79.33.28

🇮🇳 20.193.141.133

🇵🇸 212.14.247.121

🇺🇸 195.184.76.177

🇨🇴 186.146.235.58

🇩🇪 167.94.146.34

🇨🇳 118.212.120.193

🇮🇳 103.138.9.90

🇸🇬 101.47.159.125

🇩🇪 13.140.135.239