JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.22.214.22

165.22.214.22 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇮🇳 India
City	Bashettihalli, Karnataka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.22.214.22

Whois 165.22.214.22

IP Abuse Reports for 165.22.214.22:

This IP address has been reported a total of 163 times from 68 distinct sources. 165.22.214.22 was first reported on May 25th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nationaleventpros.com	2026-06-20 11:31:06 (17 hours ago)	WordPress login attempt	Brute-Force
🇩🇪 Marc	2026-06-20 09:46:44 (19 hours ago)	165.22.214.22 - - [20/Jun/2026:08:44:40 +0200] "GET /wp-login.php HTTP/2.0" 200 3469 "-" "Mozilla/5. ... show more 165.22.214.22 - - [20/Jun/2026:08:44:40 +0200] "GET /wp-login.php HTTP/2.0" 200 3469 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 165.22.214.22 - - [20/Jun/2026:08:44:41 +0200] "POST /wp-login.php HTTP/2.0" 403 10696 "https://kurse.tortenatelier-schwanbeck.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 165.22.214.22 - - [20/Jun/2026:10:48:46 +0200] "GET /wp-login.php HTTP/2.0" 200 3927 "https://weiss-blau-hemer.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.214.22 - - [20/Jun/2026:11:46:43 +0200] "GET /wp-login.php HTTP/2.0" 200 3461 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 165.22.214.22 - - [20/Jun/2026:11:46:44 +0200] "POST /wp-login.php HTTP/2.0" 200 3394 "https://www.heckmann-elektro.de/wp- show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-20 00:27:09 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 cwytech	2026-06-20 00:26:49 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-geofence-sus.	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-19 18:30:03 (1 day ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 BlueWire Hosting	2026-06-19 16:14:58 (1 day ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇬🇷 setupgr	2026-06-19 15:41:48 (1 day ago)	(mod_security) mod_security (id:900001) triggered by 165.22.214.22 (IN/India/Karnataka/Bengaluru/-/[ ... show more (mod_security) mod_security (id:900001) triggered by 165.22.214.22 (IN/India/Karnataka/Bengaluru/-/[AS14061 DIGITALOCEAN-ASN]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 19 18:41:43.098554 2026] [security2:error] [pid 2278:tid 331704] [remote 165.22.214.22:47394] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: ftiaxtomonosou.gr"] [severity "CRITICAL"] [tag "security"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-login.php"] [unique_id "ajVjNwuYeXI6iTUJgvv1MwAAiR0"] show less	Port Scan
🇩🇪 FeG Deutschland	2026-06-19 11:52:04 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇩🇪 barbarella	2026-06-19 11:31:29 (1 day ago)	unauthorized access to Visual Studio Code - SFTP Extension (GET /wp-json/wp/v2/users?context=edit&pe ... show more unauthorized access to Visual Studio Code - SFTP Extension (GET /wp-json/wp/v2/users?context=edit&per_page=100&_fields=slug) show less	Hacking Web App Attack
🇺🇸 etu brutus	2026-06-19 04:37:59 (2 days ago)	165.22.214.22 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇩🇪 LRob.fr	2026-06-19 03:00:18 (2 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-18 22:21:22 (2 days ago)	165.22.214.22 - - [19/Jun/2026:00:21:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 165.22.214.22 - - [19/Jun/2026:00:21:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇫🇷 tecnicorioja	2026-06-18 22:00:46 (2 days ago)	wp-login attack [18/Jun/2026:13:44:58	Brute-Force Web App Attack
🇺🇸 nationaleventpros.com	2026-06-18 20:23:56 (2 days ago)	WordPress login attempt	Brute-Force
🇩🇪 F242	2026-06-18 20:20:55 (2 days ago)	Wordpress Login or XMLRPC abuse	Web App Attack

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.62

🇹🇭 150.107.29.128

🇸🇬 143.198.213.88

🇧🇷 170.150.110.93

🇺🇸 147.185.132.103

🇩🇪 64.89.163.165

🇨🇳 60.166.82.61

🇷🇺 5.188.37.14

🇦🇺 220.244.56.28

🇺🇸 203.88.119.100

🇹🇼 198.235.24.87

🇺🇸 172.110.223.179

🇳🇱 91.92.40.233

🇩🇪 69.5.169.105

🇸🇬 47.128.53.130

🇦🇺 45.134.20.133

🇺🇸 20.127.195.188

🇨🇭 212.25.19.21

🇬🇧 195.140.214.19

🇧🇩 122.50.11.193