JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.22.182

65.111.22.182 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.22.182

Whois 65.111.22.182

IP Abuse Reports for 65.111.22.182:

This IP address has been reported a total of 17 times from 10 distinct sources. 65.111.22.182 was first reported on July 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-05 20:01:28 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 14:58:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 09:58:52.482001 2025] [security2:error] [pid 22479:tid 22479] [client 65.111.22.182:24037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rgvatvrepair.com"] [uri "/.env"] [unique_id "aTmKrNWYn1QVS876qnNahQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 20:51:53 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 15:51:47.023210 2025] [security2:error] [pid 3399:tid 3399] [client 65.111.22.182:35335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sharonmauldin.com"] [uri "/.git/HEAD"] [unique_id "aTXo47IKPenhWwBczF7GEAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 14:20:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:20:02.915264 2025] [security2:error] [pid 18301:tid 18301] [client 65.111.22.182:36729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newlife12steprecovery.org"] [uri "/.git/HEAD"] [unique_id "aTWNEsqZiZL0uBbSe6YISgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 18:38:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 13:37:55.762956 2025] [security2:error] [pid 24735:tid 24735] [client 65.111.22.182:38127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "impressionista.net"] [uri "/.svn/wc.db"] [unique_id "aTR4A-LIRHIBS_26AN7zPwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:39:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:39:14.621787 2025] [security2:error] [pid 28217:tid 28217] [client 65.111.22.182:28037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buyperfumeonline.net"] [uri "/.git/HEAD"] [unique_id "aTQyAkZzpKRYUmHQz8hjjQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 14:34:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:33:58.535749 2025] [security2:error] [pid 32060:tid 32060] [client 65.111.22.182:32605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gwdailey.com"] [uri "/.env"] [unique_id "aTLtVqpMxV432IoJR515gQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-01 02:11:57 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 ps-center	2025-10-19 06:29:28 (7 months ago)	C1-W: TCP-Scanner. Port: 22	Port Scan
🇺🇸 octageeks.com	2025-10-19 04:07:43 (7 months ago)	Wordpress malicious attack:[sshd]	Web App Attack
🇫🇷 dynamix	2025-10-16 13:29:39 (7 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 bsoft.de	2025-10-16 06:32:20 (7 months ago)	65.111.22.182 - - [16/Oct/2025:08:32:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 ... show more 65.111.22.182 - - [16/Oct/2025:08:32:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0" 65.111.22.182 - - [16/Oct/2025:08:32:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0" 65.111.22.182 - - [16/Oct/2025:08:32:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_2 like Mac OS X) AppleWebKit/604.3.5 (KHTML, like Gecko) Version/11.0 Mobile/15B202 Safari/604.1" show less	Web App Attack
🇺🇸 TPI-Abuse	2025-02-04 10:06:11 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.22.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 04 05:06:06.930243 2025] [security2:error] [pid 3895125:tid 3895125] [client 65.111.22.182:58323] [client 65.111.22.182] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|waynejarvi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "waynejarvi.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z6HmjrSfPhtHz3XFV6a7BgAAAAM"], referer: https://waynejarvi.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 hostseries	2024-10-26 18:35:45 (1 year ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 193.24.211.107

🇺🇸 147.185.132.28

🇱🇹 81.30.98.158

🇳🇱 45.198.224.143

🇳🇱 45.156.87.34

🇧🇪 34.62.89.229

🇩🇪 2620:171:f8:f0:9999::206

🇺🇸 162.216.149.167

🇻🇳 160.250.186.97

🇭🇰 101.36.109.176

🇷🇴 80.94.92.184

🇨🇳 39.154.5.175

🇳🇱 5.255.122.176

🇧🇴 190.181.44.194

🇺🇸 144.202.92.17

🇷🇴 92.118.39.236

🇯🇵 92.113.142.203

🇺🇸 73.80.120.88

🇺🇸 70.120.203.193

🇮🇳 27.123.104.142