JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.22.59

65.111.22.59 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.22.59

Whois 65.111.22.59

IP Abuse Reports for 65.111.22.59:

This IP address has been reported a total of 18 times from 11 distinct sources. 65.111.22.59 was first reported on July 9th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-01 18:15:58 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.22.59 (GB/United Kingdom/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.22.59 (GB/United Kingdom/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇱🇻 garmtech.com	2026-03-23 11:19:53 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇩🇪 LRob.fr	2026-02-23 04:06:24 (3 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 21:00:00 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 15:59:57.379389 2026] [security2:error] [pid 19157:tid 19157] [client 65.111.22.59:35659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|zodiacwin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zodiacwin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZoczQL6YwRpvse0BqNUOAAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-20 15:35:32 (3 months ago)	Blocked user enumeration attempt	Hacking
🇲🇹 Malta	2025-12-31 13:41:52 (5 months ago)	65.111.22.59 - - [31/Dec/2025:14:41:52 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT ... show more 65.111.22.59 - - [31/Dec/2025:14:41:52 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	VPN IP Hacking Web App Attack
🇷🇴 clauss	2025-12-16 19:37:10 (5 months ago)	IP reached maximum auth failures for a one day block	Brute-Force
🇺🇸 TPI-Abuse	2025-12-02 22:27:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:26:59.291242 2025] [security2:error] [pid 11792:tid 11792] [client 65.111.22.59:10863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alissacaputo.com"] [uri "/.git/HEAD"] [unique_id "aS9ns6-9Mb1AKifyOUKyEQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 21:20:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:20:05.622827 2025] [security2:error] [pid 16781:tid 16781] [client 65.111.22.59:49279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "criticalthinkinginbusiness.com"] [uri "/.git/HEAD"] [unique_id "aS9YBa44JfeNmuzVhhCUwwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:20:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:20:46.264582 2025] [security2:error] [pid 25119:tid 25119] [client 65.111.22.59:46307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nathanburd.com"] [uri "/.env"] [unique_id "aS88Dt2TIN1rufNMsUnFRgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:41:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:41:38.086428 2025] [security2:error] [pid 4238:tid 4238] [client 65.111.22.59:54303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wilklass.com"] [uri "/.git/HEAD"] [unique_id "aS58Ev387Dn47NRdQaYp1gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:15:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:15:08.993487 2025] [security2:error] [pid 15351:tid 15351] [client 65.111.22.59:48405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hawaiireservations.com"] [uri "/.git/HEAD"] [unique_id "aS513CHPWXWDrV6ru38xMQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2024-11-19 18:31:17 (1 year ago)	RDWeb scan	Web App Attack
🇺🇸 PulseServers	2024-11-09 03:26:14 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host
🇺🇸 PulseServers	2024-11-08 00:44:28 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS2 ... show less	DDoS Attack Exploited Host

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 43.160.250.64

🇬🇧 35.203.210.73

🇪🇸 2a0c:5a84:7704:9800:39ae:ac51:fd66:8eae

🇺🇸 184.105.139.78

🇺🇸 172.245.225.106

🇩🇪 167.94.146.46

🇷🇴 92.118.39.236

🇳🇱 81.19.216.111

🇺🇸 66.146.10.35

🇨🇳 39.130.240.179

🇺🇸 34.23.107.131

🇺🇸 20.51.234.233

🇬🇧 193.163.125.114

🇺🇸 192.169.201.223

🇨🇳 111.228.14.125

🇫🇷 91.231.89.49

🇨🇳 27.186.229.236

🇷🇴 2.57.121.112

🇺🇸 134.122.113.179

🇭🇰 101.36.107.243