JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.22.163

65.111.22.163 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 46%: ?

46%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.22.163

Whois 65.111.22.163

IP Abuse Reports for 65.111.22.163:

This IP address has been reported a total of 26 times from 16 distinct sources. 65.111.22.163 was first reported on July 9th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-18 16:33:15 (1 hour ago)	(y4) Failed scan -byebye- from 65.111.22.163 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-17 02:03:10 (1 day ago)	(y4) Failed scan -byebye- from 65.111.22.163 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇬🇧 poundawebsiteltd	2026-06-16 17:15:50 (2 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.22.163 - - [16/Jun/2026:18:15:47 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.22.163 - - [16/Jun/2026:18:15:47 +0100] POST /wp-login.php HTTP/1.1 200 7361 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 show less	Web App Attack
🇩🇪 london2038.com	2026-06-16 01:19:26 (2 days ago)	Detected by WP fail2ban 2026-06-16T03:19:25.477102+02:00 wordpress: Authentication attempt from 65.1 ... show more Detected by WP fail2ban 2026-06-16T03:19:25.477102+02:00 wordpress: Authentication attempt from 65.111.22.163 show less	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-15 20:12:10 (2 days ago)	(y4) Failed scan -byebye- from 65.111.22.163 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇺🇸 kosada.com	2026-06-14 21:00:04 (3 days ago)	Web password guessing	Brute-Force
🇬🇷 setupgr	2026-06-13 10:11:28 (5 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.22.163: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.22.163: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 13:11:28.262520 2026] [security2:error] [pid 705293:tid 705489] [client 65.111.22.163:59325] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0s0HxsrtCDMa-O0cIwqgAAAQw"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
Anonymous	2026-06-13 08:22:43 (5 days ago)	[server.tmg.gr] httpd-login-spray-site: sites=hacm.gr; logs=/var/log/httpd/domains/hacm.gr.log; samp ... show more [server.tmg.gr] httpd-login-spray-site: sites=hacm.gr; logs=/var/log/httpd/domains/hacm.gr.log; samples=site_wide=true \| distinct_ips=20 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 pm33	2026-06-12 14:06:38 (6 days ago)	Wordpress login attempts	Brute-Force
🇬🇷 setupgr	2026-06-12 01:07:47 (6 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.22.163: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.22.163: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 04:07:45.845351 2026] [security2:error] [pid 52837:tid 52985] [client 65.111.22.163:25597] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitb4axogjHUCwCkDflb3AAAAIU"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
🇺🇸 dtorrer	2026-06-11 18:08:38 (6 days ago)	Brute-force general attack.	Brute-Force
🇫🇷 ELYAZ	2026-06-09 18:07:56 (1 week ago)	(y4) Failed scan -byebye- from 65.111.22.163 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 homeshowdomain.nl	2025-11-25 22:59:11 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 09:39:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.163 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:39:01.644687 2025] [security2:error] [pid 20274:tid 20274] [client 65.111.22.163:21869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bmillernotary.com"] [uri "/.env"] [unique_id "aSQntTP30s4CxhhKl13nzQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 170.64.167.72

🇺🇸 162.216.149.242

🇪🇸 135.129.233.7

🇨🇳 101.89.148.7

🇲🇾 49.124.149.202

🇨🇳 39.100.83.160

🇺🇸 207.46.13.6

🇺🇸 152.32.234.39

🇫🇷 143.244.57.82

🇬🇧 87.236.176.176

🇷🇺 87.226.190.225

🇳🇱 45.9.2.48

🇨🇳 39.100.69.74

🇷🇺 37.204.22.234

🇺🇸 20.12.202.181

🇭🇰 14.0.226.48

🇩🇪 213.209.159.242

🇷🇴 193.46.255.86

🇺🇸 172.253.214.20

🇺🇸 143.244.167.233