JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.22.165

65.111.22.165 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.22.165

Whois 65.111.22.165

IP Abuse Reports for 65.111.22.165:

This IP address has been reported a total of 19 times from 6 distinct sources. 65.111.22.165 was first reported on July 7th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-05 20:20:14 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 08:30:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:30:35.258029 2025] [security2:error] [pid 12050:tid 12050] [client 65.111.22.165:30909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ozarkshousing.com"] [uri "/.env"] [unique_id "aSa6qz-h1bnvx8wzHRWNaAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:12:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:12:06.513225 2025] [security2:error] [pid 7901:tid 7901] [client 65.111.22.165:43509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.hisfavorite.net"] [uri "/.git/HEAD"] [unique_id "aSaoRowoo5I9HXQd-gIa3gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:55:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:55:25.072716 2025] [security2:error] [pid 20482:tid 20482] [client 65.111.22.165:47371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lmjetservices.com"] [uri "/.svn/wc.db"] [unique_id "aSaWTRlQtVGy5hsTOhKxhwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:34:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:34:02.736080 2025] [security2:error] [pid 30420:tid 30420] [client 65.111.22.165:10967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.courthousebnb.com"] [uri "/.env"] [unique_id "aSaRSrnVmw1lxswwpEUKqgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:50:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:50:42.719199 2025] [security2:error] [pid 13113:tid 13189] [client 65.111.22.165:52125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jojocreative.com"] [uri "/.git/HEAD"] [unique_id "aSZ5EhhhwHzhmSuL6kh-8QAAAZA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:17:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:17:13.620151 2025] [security2:error] [pid 2197450:tid 2197450] [client 65.111.22.165:14725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.globalaccessau.com"] [uri "/.git/HEAD"] [unique_id "aSZVGSFBPh-HrPuSez21WQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:34:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:34:25.381986 2025] [security2:error] [pid 21963:tid 21963] [client 65.111.22.165:60367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "filardi.org"] [uri "/.git/HEAD"] [unique_id "aSVcASN5EdjQx-2uN4171AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:15:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:15:23.576062 2025] [security2:error] [pid 13864:tid 13864] [client 65.111.22.165:41423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ebys-de-listeerg-acctioned.rasuki.com"] [uri "/.env"] [unique_id "aST1G_ejKhK6gGq_a7PM-AAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:49:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:49:34.724803 2025] [security2:error] [pid 24452:tid 24452] [client 65.111.22.165:22489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.elpais.mx"] [uri "/.git/HEAD"] [unique_id "aSQcHjo8OfuewoG1LYyWWAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 18:54:55 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 13:54:48.388718 2025] [security2:error] [pid 25718:tid 25718] [client 65.111.22.165:37135] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.yalaz.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.yalaz.com"] [uri "/s3cmd.ini"] [unique_id "aRDjeMr3V6_CRJMN4eALYAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 EGP Abuse Dept	2025-10-27 07:28:21 (7 months ago)	Unauthorized connection to SSH port 22	Port Scan Hacking SSH
🇺🇸 TPI-Abuse	2025-02-14 01:31:23 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.22.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 13 20:31:17.777095 2025] [security2:error] [pid 18982:tid 18982] [client 65.111.22.165:3311] [client 65.111.22.165] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hadleymarketing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hadleymarketing.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z66c5TpZMga8la9fZerq2QAAAAo"], referer: https://hadleymarketing.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2024-11-25 10:33:56 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 65.111.22.165 2024-11-25T10:57:16+01: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 65.111.22.165 2024-11-25T10:57:16+01:00 vpn Access-Reject '8212' station: 65.111.22.165 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2024-11-25T10:57:59+01:00 vpn Access-Reject 'cernym' station: 65.111.22.165 auth-type: PAP realm: vse.cz nas: <redacted> called: <redacted> => address-pool: zam_pool msg: '<redacted>' show less	Brute-Force Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.0.238.206

🇬🇧 35.203.210.225

🇺🇸 20.65.195.46

🇹🇭 203.154.158.195

🇺🇸 185.180.142.144

🇵🇪 179.6.171.123

🇺🇸 162.216.150.37

🇨🇳 182.138.158.187

🇹🇼 61.222.27.183

🇸🇬 8.222.225.103

🇲🇩 178.175.167.68

🇨🇳 101.126.4.215

🇺🇸 74.48.84.136

🇻🇳 14.240.228.99

🇫🇷 2a02:4780:27:1065:0:6f1:936d:1

🇩🇪 213.209.159.226

🇺🇸 162.216.150.206

🇫🇷 140.99.202.70

🇮🇳 113.193.234.210

🇳🇱 91.92.42.243