JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.21.22

65.111.21.22 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 58%: ?

58%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.21.22

Whois 65.111.21.22

IP Abuse Reports for 65.111.21.22:

This IP address has been reported a total of 38 times from 25 distinct sources. 65.111.21.22 was first reported on July 17th 2024, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 spamverify.com	2026-06-22 16:05:37 (5 hours ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇫🇷 pm33	2026-06-21 04:26:03 (1 day ago)	Wordpress login attempts	Brute-Force
🇳🇿 billyborsht	2026-06-20 09:31:36 (2 days ago)	2026-06-20T21:31:35.640474+12:00 southern wordpress(klezmer.co.nz)[1129530]: Authentication attempt ... show more 2026-06-20T21:31:35.640474+12:00 southern wordpress(klezmer.co.nz)[1129530]: Authentication attempt for unknown user administrator from 65.111.21.22 ... show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-06-18 16:54:39 (4 days ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
🇫🇷 tecnicorioja	2026-06-17 22:01:28 (5 days ago)	wp-login attack [17/Jun/2026:07:38:10	Brute-Force Web App Attack
🇬🇧 poundawebsiteltd	2026-06-16 17:19:12 (6 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.21.22 - - [16/Jun/2026:18:19:06 +0100] PO ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.21.22 - - [16/Jun/2026:18:19:06 +0100] POST /wp-login.php HTTP/1.1 200 7361 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 ELYAZ	2026-06-16 02:57:34 (6 days ago)	(y4) Failed scan -byebye- from 65.111.21.22 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇺🇸 dtorrer	2026-06-14 12:58:16 (1 week ago)	Brute-force general attack.	Brute-Force
🇩🇪 4server	2026-06-13 13:18:28 (1 week ago)	[SatJun1315:18:21.5663802026][security2:error][pid1155204:tid1155301][client65.111.21.22:0]ModSecuri ... show more [SatJun1315:18:21.5663802026][security2:error][pid1155204:tid1155301][client65.111.21.22:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"risparmiocasasuisse.ch\"][uri\"/xmlrpc.php\"][unique_id\"ai1YndQR_2L686OuBKXZ_wAAAMY\"]\,referer:https://www.facebook.com/ show less	Port Scan Brute-Force Web App Attack
🇫🇷 pm33	2026-06-10 16:21:50 (1 week ago)	Wordpress login attempts	Brute-Force
Anonymous	2026-06-10 00:10:52 (1 week ago)	[ns31.kdns.gr] httpd-login-spray-site: sites=inpv.gr; logs=/var/log/httpd/domains/inpv.gr.log; sampl ... show more [ns31.kdns.gr] httpd-login-spray-site: sites=inpv.gr; logs=/var/log/httpd/domains/inpv.gr.log; samples=site_wide=true \| distinct_ips=50 \| /wp-login.php show less	Hacking Web App Attack
🇳🇱 jjnxpct	2026-02-16 04:54:33 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /site/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:33:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.22 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:33:49.941740 2026] [security2:error] [pid 22386:tid 22386] [client 65.111.21.22:22349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "questiondezyn.com"] [uri "/.git/config"] [unique_id "aZG9LQ647wEWEK8cgtihqgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 12:14:14 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:03:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.21.22 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.21.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:03:46.061467 2026] [security2:error] [pid 11082:tid 11082] [client 65.111.21.22:40481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pandahh.com"] [uri "/api/.env"] [unique_id "aZG2It2YdMkkFV5RErsKEwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.49

🇺🇸 172.245.21.149

🇸🇬 167.172.93.203

🇮🇳 113.193.234.210

🇨🇳 111.229.24.171

🇨🇳 101.201.153.106

🇩🇪 65.111.26.242

🇩🇪 65.111.26.238

🇩🇪 65.111.26.209

🇩🇪 65.111.26.206

🇨🇳 60.175.91.53

🇺🇸 54.210.12.165

🇺🇸 45.79.214.23

🇺🇸 20.46.250.163

🇺🇸 13.222.12.22

🇺🇸 3.239.196.214

🇺🇸 3.94.62.11

🇺🇸 3.85.170.142

🇺🇸 3.84.157.183

🇮🇷 212.80.9.235