JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.20.7

65.111.20.7 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.20.7

Whois 65.111.20.7

IP Abuse Reports for 65.111.20.7:

This IP address has been reported a total of 28 times from 10 distinct sources. 65.111.20.7 was first reported on June 27th 2024, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:50:11 (21 hours ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-03-02 21:08:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 16:08:13.054521 2026] [security2:error] [pid 3487:tid 3487] [client 65.111.20.7:30579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.trafficstopper.com"] [uri "/.git/HEAD"] [unique_id "aaX8Pcu2dsOZv0_6JCFT-gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-13 02:11:48 (4 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇪🇸 el-brujo	2026-01-01 15:38:05 (5 months ago)	[Thu Jan 01 16:38:03.886968 2026] [proxy_fcgi:error] [pid 3722907:tid 3723425] [remote 65.111.20.7:0 ... show more [Thu Jan 01 16:38:03.886968 2026] [proxy_fcgi:error] [pid 3722907:tid 3723425] [remote 65.111.20.7:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Thu Jan 01 16:38:05.090820 2026] [proxy_fcgi:error] [pid 3722907:tid 3723538] [remote 65.111.20.7:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:50:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:50:16.778226 2025] [security2:error] [pid 7136:tid 7136] [client 65.111.20.7:31249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thinkingepic.com"] [uri "/.git/HEAD"] [unique_id "aSbNWCyH3pIbuOgENuSVAQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 MaxSmartCode	2025-11-25 14:47:48 (6 months ago)	Credential brute-force attacks on webpage.	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-25 07:01:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:01:17.523345 2025] [security2:error] [pid 14701:tid 14701] [client 65.111.20.7:29411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.firstampersand.com"] [uri "/.svn/wc.db"] [unique_id "aSVUPUWwKdT-mCfHXKaVlAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:28:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:27.593775 2025] [security2:error] [pid 7072:tid 7072] [client 65.111.20.7:9449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.teknna.com"] [uri "/.git/HEAD"] [unique_id "aSVMiwh-9rvE-HvhiQW4PQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:36:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:36:45.908357 2025] [security2:error] [pid 26623:tid 26623] [client 65.111.20.7:57575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shermanrestoyoung.com.benshermanguitar.com"] [uri "/.git/HEAD"] [unique_id "aSUyXebJ_8aGAOuNgmy5tgAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:17:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:17:18.735783 2025] [security2:error] [pid 9192:tid 9192] [client 65.111.20.7:27527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hshr.com"] [uri "/.git/HEAD"] [unique_id "aSUfvthwzBz6JIy-GZ1GqQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:34:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:34:39.368989 2025] [security2:error] [pid 12201:tid 12201] [client 65.111.20.7:44259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brlospalosgrandes.turedinmobiliaria.com"] [uri "/.svn/wc.db"] [unique_id "aSUVv6MxUjWNmrgQm9CnEwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:22:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:22:24.791592 2025] [security2:error] [pid 17023:tid 17074] [client 65.111.20.7:15983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fnaandpartners.com"] [uri "/.svn/wc.db"] [unique_id "aSUE0L1hG8E8_fObGRhsTgAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:28:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:28:43.309490 2025] [security2:error] [pid 29911:tid 29911] [client 65.111.20.7:28003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.cajunpicasso.com"] [uri "/.svn/wc.db"] [unique_id "aST4O68Ly5p55sYT3WzdPwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:27:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:27:32.185822 2025] [security2:error] [pid 28211:tid 28211] [client 65.111.20.7:35631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.westoaksurgentcare.com"] [uri "/.git/HEAD"] [unique_id "aSQlBAMINhKkbDOrrdpCBwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:57:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.20.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:49:21.630379 2025] [security2:error] [pid 16329:tid 16329] [client 65.111.20.7:24683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.khodel.info"] [uri "/.git/HEAD"] [unique_id "aSQOAYrOFQiO_14CJY1QCwAAACE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 222.167.116.98

🇩🇪 194.88.98.90

🇩🇪 194.88.98.83

🇩🇪 69.5.169.84

🇺🇸 47.85.38.220

🇸🇬 45.78.204.254

🇺🇸 195.184.76.182

🇬🇧 194.50.235.144

🇧🇷 186.219.130.145

🇨🇳 106.75.237.200

🇱🇾 102.211.173.214

🇳🇱 91.92.40.200

🇳🇱 45.148.10.152

🇺🇸 44.217.173.230

🇺🇸 34.222.8.224

🇸🇬 23.111.14.185

🇵🇱 20.215.69.195

🇵🇱 20.215.49.97

🇰🇿 5.34.72.180

🇮🇳 223.233.85.193