JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.83.91

185.213.83.91 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Packethub S.A.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS147049
Domain Name	packethub.net
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.83.91

Whois 185.213.83.91

IP Abuse Reports for 185.213.83.91:

This IP address has been reported a total of 15 times from 11 distinct sources. 185.213.83.91 was first reported on July 11th 2023, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-04-22 12:00:43 (2 months ago)	Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 6.6/10 (HIGH). Confidence: 55 ... show more Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 6.6/10 (HIGH). Confidence: 55%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 96%. MITRE ATT&CK: T1083 (File and Directory Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-22 11:00:49 (2 months ago)	Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 6.9/10 (HIGH). Confidence: 55 ... show more Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 6.9/10 (HIGH). Confidence: 55%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 99%. MITRE ATT&CK: T1083 (File and Directory Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-22 10:00:47 (2 months ago)	Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 7/10 (HIGH). Confidence: 65%. ... show more Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 7/10 (HIGH). Confidence: 65%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 98%. MITRE ATT&CK: T1083 (File and Directory Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-22 09:00:13 (2 months ago)	Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 6/10 (MEDIUM). Reported by Ta ... show more Zimbra: Login failures from malicious IP: 185.213.83.91. Threat Score: 6/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇺🇸 mnsf	2026-04-17 00:15:53 (2 months ago)	Too many Status 40X (31)	Brute-Force Web App Attack
🇮🇩 kadosmekaten	2025-10-17 14:06:00 (8 months ago)	185.213.83.91 - - [17/Oct/2025:21:03:50 +0700] "GET /jurnal/classes/security/form/AuthSourceUpdateFo ... show more 185.213.83.91 - - [17/Oct/2025:21:03:50 +0700] "GET /jurnal/classes/security/form/AuthSourceUpdateForm.inc.php HTTP/2.0" 403 319 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇪🇸 10dencehispahard SL	2025-05-28 05:51:47 (1 year ago)	DDOS fasthttp	DDoS Attack
Anonymous	2025-05-26 08:13:05 (1 year ago)	Ports: 2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOM ... show more Ports: 2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less	Brute-Force SSH
Anonymous	2024-12-09 23:50:05 (1 year ago)	Purchased fraud hosting account	Fraud Orders
🇧🇷 hostseries	2024-11-29 05:52:57 (1 year ago)	Trigger: LF_DISTATTACK	Brute-Force
🇦🇺 MAGIC	2024-11-28 00:13:59 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2024-11-27 11:29:36 (1 year ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_CPANEL	Brute-Force SSH
🇮🇩 hermawan	2024-11-14 04:09:42 (1 year ago)	[Thu Nov 14 11:05:49.138598 2024] [authz_core:error] [pid 998831:tid 132685699741376] [client 185.21 ... show more [Thu Nov 14 11:05:49.138598 2024] [authz_core:error] [pid 998831:tid 132685699741376] [client 185.213.83.91:11940] AH01630: client denied by server configuration: /var/www/administrator/index.php [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[999031] [0SfEkG8E+bw] [ZzV3HYJ5XxgRDnIgCXEPwQAABHw] keep_alive=[0] [2024-11-14 11:05:49.138604] [R:ZzV3HYJ5XxgRDnIgCXEPwQAABHw] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' COOKIE:'fb66df88cff4414b0afe6309464db212=29ikbvi4bsd35eevad7lp9thuf' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8' Accept-Encoding:'gzip, deflate Accept-Language:'en-US,en;q=0.9 Upgrade-Insecure-Requests:'1 ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-02-15 12:06:15 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 185.213.83.91 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 185.213.83.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 07:06:07.172845 2024] [security2:error] [pid 1737019:tid 47530079467264] [client 185.213.83.91:43282] [client 185.213.83.91] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dcsindo.dcs.co.id"] [uri "/.env"] [unique_id "Zc3-L51aWBhl4OtRhaOAhAAAAVg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-07-11 02:43:22 (2 years ago)		Web Spam Email Spam Blog Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.85.247.230

🇦🇺 120.157.197.6

🇨🇦 24.212.56.34

🇩🇪 213.176.114.39

🇰🇷 211.200.98.61

🇪🇬 197.63.170.90

🇲🇽 187.190.186.229

🇺🇸 147.185.132.87

🇭🇰 124.156.129.246

🇰🇷 119.195.102.159

🇮🇳 103.38.219.22

🇱🇻 81.30.98.62

🇺🇸 74.125.17.180

🇫🇷 51.210.223.209

🇸🇪 20.91.188.128

🇺🇸 20.65.192.66

🇺🇸 205.186.137.75

🇯🇵 203.25.124.190

🇲🇳 203.23.199.89

🇹🇷 185.85.205.86