JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.21.200

65.111.21.200 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.21.200

Whois 65.111.21.200

IP Abuse Reports for 65.111.21.200:

This IP address has been reported a total of 15 times from 8 distinct sources. 65.111.21.200 was first reported on July 9th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-11-25 05:41:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:40:49.897674 2025] [security2:error] [pid 580:tid 580] [client 65.111.21.200:48895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.intermixx.net"] [uri "/.svn/wc.db"] [unique_id "aSVBYWf9JROZO_BTdZCJMwAAAFo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:16:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:16:33.739773 2025] [security2:error] [pid 31570:tid 31570] [client 65.111.21.200:38259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.styxfreeworld.com"] [uri "/.env"] [unique_id "aSU7sVUy26VvfRN_fkeduAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:40:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:40:17.215057 2025] [security2:error] [pid 7246:tid 7246] [client 65.111.21.200:42493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mitchellamazing.com"] [uri "/.svn/wc.db"] [unique_id "aSUzMdNd2IzeqWEln6Nr4wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:05:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:05:21.519613 2025] [security2:error] [pid 2739:tid 2739] [client 65.111.21.200:17529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.furfriend-z.com"] [uri "/.env"] [unique_id "aSUrAUyjCIOotqaDfOiFPwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 04:00:58 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:20:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:20:50.296523 2025] [security2:error] [pid 22011:tid 22011] [client 65.111.21.200:30275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.topnotchupholstery.com"] [uri "/.svn/wc.db"] [unique_id "aSUEcj9E3eIB3byPeZSBegAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:24:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:24:21.262535 2025] [security2:error] [pid 1416453:tid 1416531] [client 65.111.21.200:21557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gelatoconsapevole.com"] [uri "/.svn/wc.db"] [unique_id "aST3NU3b9nF_ETk_BjbAuQAAAlQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2025-10-25 17:10:23 (7 months ago)	MYH: Web Attack POST /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-02-10 15:18:03 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇭 SOC [GOLINE SA]	2025-02-01 10:01:36 (1 year ago)	FortiGate detected brute force login from IP 65.111.21.200	Brute-Force
🇺🇸 quicksand	2025-01-25 06:05:38 (1 year ago)	Malicious URI path [GET /cgi-bin/1737785135-ror_session_fixation.nasl] [Mozilla/4.0 (compatible; MSI ... show more Malicious URI path [GET /cgi-bin/1737785135-ror_session_fixation.nasl] [Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)] show less	Bad Web Bot Web App Attack
Anonymous	2025-01-23 15:28:19 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.01.23 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.01.23 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2024-07-18 00:26:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-13 00:07:19 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-07-09 00:03:27 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 185.15.170.221

🇯🇵 34.104.136.62

🇮🇳 34.14.185.223

🇨🇳 171.15.131.165

🇨🇳 120.55.194.141

🇭🇰 118.193.35.202

🇱🇹 81.30.98.142

🇩🇪 69.5.169.202

🇨🇦 34.130.30.95

🇸🇬 212.73.148.36

🇱🇻 185.113.139.84

🇮🇹 185.63.135.236

🇩🇪 167.94.146.63

🇩🇪 167.94.146.55

🇭🇰 152.32.209.127

🇫🇷 143.244.57.86

🇺🇸 134.33.73.4

🇨🇱 34.176.88.237

🇬🇧 34.153.164.221

🇺🇸 205.210.31.108