JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.22.84

65.111.22.84 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.22.84

Whois 65.111.22.84

IP Abuse Reports for 65.111.22.84:

This IP address has been reported a total of 25 times from 16 distinct sources. 65.111.22.84 was first reported on July 7th 2024, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-22 19:17:54 (7 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:11 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 island-freaks.com	2025-12-17 16:23:12 (6 months ago)	Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 65.111.22.84 \| Agent: Mozil ... show more Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 65.111.22.84 \| Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
Anonymous	2025-12-15 09:56:10 (6 months ago)	Honeytrap	Hacking Web App Attack
🇵🇱 sefinek.net	2025-12-07 15:28:51 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-03 09:07:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 04:07:20.283866 2025] [security2:error] [pid 32043:tid 32043] [client 65.111.22.84:47113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "communityofthecosmos.org"] [uri "/.env"] [unique_id "aS_9yO0FT71CtEvso-UsugAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2025-11-25 22:50:23 (6 months ago)	Kingcopy(AI-IDS):IP does Multiple AWS Environment Abuse	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:26:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:26:26.456331 2025] [security2:error] [pid 6588:tid 6588] [client 65.111.22.84:60485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.assistfeed.com"] [uri "/.env"] [unique_id "aSVMEkbK2ebS4FZij4MS6AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:53:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:53:47.714784 2025] [security2:error] [pid 29368:tid 29368] [client 65.111.22.84:53775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nodepot.com"] [uri "/.env"] [unique_id "aSUoS10q6o9_-iwyhCUlCQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:47:59.294136 2025] [security2:error] [pid 2887:tid 2887] [client 65.111.22.84:30485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.book-arts.com"] [uri "/.svn/wc.db"] [unique_id "aSUY38aEKGfQ2DmER1fzHQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:58:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:58:24.048816 2025] [security2:error] [pid 29782:tid 29782] [client 65.111.22.84:13927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.phlippo.com"] [uri "/.env"] [unique_id "aSUNQHheL_i1fuY7yOL8tQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:21:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.22.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:20:58.180220 2025] [security2:error] [pid 22187:tid 22187] [client 65.111.22.84:49019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.roachranch.com"] [uri "/.git/HEAD"] [unique_id "aSUEenFr8gFcMdgSiTpaCAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-14 20:51:29 (7 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-07 10:53:45 (7 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-11-03 21:21:09 (7 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 11/3/2025 9:21 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.140.214.23

🇸🇬 188.166.215.16

🇩🇪 172.104.241.98

🇺🇸 104.152.52.212

🇸🇬 94.231.206.206

🇫🇷 91.196.152.179

🇩🇪 69.5.169.179

🇺🇸 66.132.148.5

🇵🇭 49.145.171.37

🇯🇵 8.209.231.182

🇺🇸 2a04:c300:400::1b8

🇻🇳 180.93.138.150

🇳🇱 176.65.139.181

🇨🇳 140.255.69.115

🇨🇳 113.89.16.99

🇸🇬 94.231.206.159

🇰🇬 91.247.59.89

🇳🇱 91.92.40.7

🇬🇭 80.87.83.229

🇺🇸 45.55.42.31