JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.22.205

65.111.22.205 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.22.205

Whois 65.111.22.205

IP Abuse Reports for 65.111.22.205:

This IP address has been reported a total of 21 times from 11 distinct sources. 65.111.22.205 was first reported on July 10th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:45:19 (1 day ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 04:23:06 (4 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-17 05:07:05 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 kosada.com	2026-06-14 20:39:13 (1 week ago)	Web password guessing	Brute-Force
Anonymous	2026-06-02 18:35:07 (3 weeks ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇵🇱 dcnet	2026-03-08 00:00:00 (3 months ago)	SSL VPN brute force credential stuffing on FortiGate 100F - 4 failed login attempts (unknown users) ... show more SSL VPN brute force credential stuffing on FortiGate 100F - 4 failed login attempts (unknown users) over 7 days (2026-03-01 to 2026-03-08) show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-19 04:06:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:06:55.701669 2026] [security2:error] [pid 2180775:tid 2180775] [client 65.111.22.205:21107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittysalterations.com"] [uri "/.env.production"] [unique_id "aZaMX2oRtRCcWc0ggB8sfwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:21:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:21:24.443186 2026] [security2:error] [pid 20573:tid 20573] [client 65.111.22.205:34261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keyspring-niseko.com"] [uri "/wp/.git/config"] [unique_id "aZaBtASWD5AmFAUIb5Tu8QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-02-19 01:55:43 (4 months ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇬🇧 Swiptly	2026-02-19 00:09:59 (4 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 21:04:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 16:04:27.209132 2026] [security2:error] [pid 29710:tid 29710] [client 65.111.22.205:33657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tucek.org"] [uri "/.git/config"] [unique_id "aZYpW9_-luG4jbZi_MYPAQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:23:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:23:40.196969 2026] [security2:error] [pid 18741:tid 18741] [client 65.111.22.205:51231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetallships.com"] [uri "/app/.git/config"] [unique_id "aZYDrDT65SJoC5KG9YciAgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 16:19:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 11:19:19.334892 2026] [security2:error] [pid 23577:tid 23577] [client 65.111.22.205:45361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yogitunes.com"] [uri "/admin/.git/config"] [unique_id "aZXmh60w4781P6l1GjdAegAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 14:06:07 (4 months ago)	Scanning/Probing (22)	Brute-Force Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.206.229.41

🇺🇸 172.212.174.123

🇺🇸 64.62.156.153

🇺🇸 198.46.253.100

🇨🇴 186.147.162.215

🇺🇸 162.216.149.141

🇨🇳 101.70.232.28

🇸🇬 47.84.112.180

🇱🇹 45.227.254.170

🇷🇺 185.218.108.133

🇮🇳 182.70.114.131

🇷🇺 154.83.196.237

🇩🇪 138.68.84.213

🇨🇳 117.83.248.193

🇧🇩 113.11.48.254

🇫🇷 85.217.140.35

🇱🇻 81.30.98.49

🇬🇧 81.19.219.216

🇳🇱 81.19.216.124

🇺🇸 67.205.185.124