JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.22.95.96

165.22.95.96 was found in our database!

This IP was reported 702 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.22.95.96

Whois 165.22.95.96

IP Abuse Reports for 165.22.95.96:

This IP address has been reported a total of 702 times from 169 distinct sources. 165.22.95.96 was first reported on June 7th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 zXero	2026-06-09 12:53:18 (1 week ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
Anonymous	2026-06-04 20:34:11 (1 week ago)	Failed Wordpress Logins	Web App Attack
🇨🇦 zXero	2026-06-03 12:29:33 (2 weeks ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-05-29 12:24:10 (2 weeks ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇮🇳 evicky2002	2026-05-29 06:52:29 (2 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 TAY	2026-05-27 02:06:14 (3 weeks ago)	165.22.95.96 - - [27/May/2026:09:56:40 +0800] "POST /wp-login.php HTTP/1.1" 200 2982 "https://autism ... show more 165.22.95.96 - - [27/May/2026:09:56:40 +0800] "POST /wp-login.php HTTP/1.1" 200 2982 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [27/May/2026:10:04:57 +0800] "POST /wp-login.php HTTP/1.1" 200 2975 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [27/May/2026:10:06:13 +0800] "POST /wp-login.php HTTP/1.1" 200 2975 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇬🇧 andypiper	2026-05-27 01:00:21 (3 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 london2038.com	2026-05-27 00:20:40 (3 weeks ago)	Probing for exploits 165.22.95.96 - - [26/May/2026:22:32:50 +0200] "GET /wp-login.php HTTP/2.0" 301 ... show more Probing for exploits 165.22.95.96 - - [26/May/2026:22:32:50 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [27/May/2026:02:20:36 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇩🇪 Marc	2026-05-27 00:04:29 (3 weeks ago)	165.22.95.96 - - [26/May/2026:23:14:54 +0200] "GET /wp-login.php HTTP/2.0" 200 3978 "-" "Mozilla/5.0 ... show more 165.22.95.96 - - [26/May/2026:23:14:54 +0200] "GET /wp-login.php HTTP/2.0" 200 3978 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [26/May/2026:23:14:59 +0200] "POST /wp-login.php HTTP/2.0" 403 11157 "https://saatschule.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [26/May/2026:23:53:14 +0200] "GET /wp-login.php HTTP/2.0" 200 3978 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 165.22.95.96 - - [26/May/2026:23:53:15 +0200] "POST /wp-login.php HTTP/2.0" 403 11166 "https://saatschule.de/wp-login.php" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 165.22.95.96 - - [27/May/2026:02:04:28 +0200] "GET /wp-login.php HTTP/2.0" 200 3819 "https://weiss-blau-hemer.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) show less	Brute-Force Web App Attack
🇺🇸 TAY	2026-05-26 23:43:13 (3 weeks ago)	165.22.95.96 - - [27/May/2026:07:35:09 +0800] "POST /wp-login.php HTTP/1.1" 200 2975 "https://autism ... show more 165.22.95.96 - - [27/May/2026:07:35:09 +0800] "POST /wp-login.php HTTP/1.1" 200 2975 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [27/May/2026:07:37:14 +0800] "POST /wp-login.php HTTP/1.1" 200 2976 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 165.22.95.96 - - [27/May/2026:07:43:12 +0800] "POST /wp-login.php HTTP/1.1" 200 2980 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇩🇪 Viveronese	2026-05-26 23:26:26 (3 weeks ago)	Wordpress vulnerability scanning	Web App Attack
🇺🇸 WeekendWeb	2026-05-26 22:22:43 (3 weeks ago)	Wordpress Vunerability attack	Web App Attack
🇫🇷 tecnicorioja	2026-05-26 22:01:27 (3 weeks ago)	wp-login attack [26/May/2026:12:37:47	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 19:50:50 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 165.22.95.96 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 165.22.95.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 15:50:44.994646 2026] [security2:error] [pid 6930:tid 6930] [client 165.22.95.96:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|local639.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "local639.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ahX5lDw7F02llpltXxQMFwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 KIsmay	2026-05-26 19:21:47 (3 weeks ago)	May 26 09:42:14 www4 WPAudit[815211]: 165.22.95.96 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Wi ... show more May 26 09:42:14 www4 WPAudit[815211]: 165.22.95.96 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:[email protected] FAIL May 26 11:05:15 www4 WPAudit[824273]: 165.22.95.96 terratherma.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:pass FAIL May 26 14:26:39 www4 WPAudit[814086]: 165.22.95.96 valhallasafety.com "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" valhalla:Valhalla08 FAIL May 26 15:06:39 www4 WPAudit[846815]: 165.22.95.96 terratherma.com "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" sbd-admin:sbd-admin36 FAIL May 26 15:21:46 www4 WPAudit[848248]: 165.22.95.96 bestnelson.org "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" katietabor-developer:katietabor-developer! FAIL ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 702 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 165.154.120.30

🇱🇹 81.30.98.62

🇺🇸 209.97.149.35

🇺🇸 204.93.116.102

🇺🇸 107.150.105.116

🇨🇦 72.251.8.119

🇺🇸 70.59.194.138

🇺🇸 69.118.80.116

🇮🇳 49.43.35.73

🇨🇳 47.109.203.22

🇬🇧 35.203.210.184

🇬🇧 35.203.210.157

🇺🇸 23.95.137.106

🇫🇷 13.140.183.247

🇦🇪 2a00:f29:110a:a18b:f551:e202:d9f0:babb

🇵🇰 223.123.125.178

🇨🇦 217.181.83.8

🇺🇸 216.180.246.163

🇺🇸 195.63.12.56

🇺🇸 184.174.30.186