JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.11.81

65.111.11.81 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.11.81

Whois 65.111.11.81

IP Abuse Reports for 65.111.11.81:

This IP address has been reported a total of 32 times from 13 distinct sources. 65.111.11.81 was first reported on July 23rd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-16 00:23:03 (1 month ago)	IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js ... show more IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js < 15.0.5/16.0.7 (CVE-2025-55182, CVE-2025-66478) MV:{"status": "resolved_model", "reason": 0, "_response": "$4", "value": "{\\"then\\":\\"$3:map\\",\\"0\\":{\\"then\\":\\"$B3\\"},\\"length\\":1}", "then": "$2:then"} show less	Hacking
🇳🇱 Site.eu	2026-03-20 06:04:30 (3 months ago)	Excessive 404/403 errors	Brute-Force
🇩🇪 Lino Project	2025-12-31 15:18:37 (5 months ago)	65.111.11.81 - - [31/Dec/2025:16:18:35 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 ... show more 65.111.11.81 - - [31/Dec/2025:16:18:35 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.111.11.81 - - [31/Dec/2025:16:18:35 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 65.111.11.81 - - [31/Dec/2025:16:18:36 +0100] "POST /xmlrpc.php HTTP/1.1" 403 3926 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-10 08:35:01 (6 months ago)	botnet	DDoS Attack
🇬🇧 Steve	2025-12-09 00:39:57 (6 months ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 17:34:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 12:34:35.648953 2025] [security2:error] [pid 26457:tid 26457] [client 65.111.11.81:60961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arogun.org"] [uri "/.env"] [unique_id "aTW6q-C8SNuyz3nyFcHpLAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:54:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:54:43.117980 2025] [security2:error] [pid 29317:tid 29317] [client 65.111.11.81:16511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "californiaappraisers.net"] [uri "/.git/HEAD"] [unique_id "aTQnk5FdXgJYbaGZN7hb6AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:26:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:26:49.761013 2025] [security2:error] [pid 7596:tid 7615] [client 65.111.11.81:59587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antidote-it.com"] [uri "/.env"] [unique_id "aTLdmREqLlODRlDzgQHPFwAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 12:49:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 07:48:59.540393 2025] [security2:error] [pid 16638:tid 16638] [client 65.111.11.81:26447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blindshine.com"] [uri "/.svn/wc.db"] [unique_id "aTLUu8AGZLMtX9mSrBl1MwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-29 21:18:04 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 19:07:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:07:11.312552 2025] [security2:error] [pid 26987:tid 26987] [client 65.111.11.81:48663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ahsigns.com"] [uri "/.env"] [unique_id "aSihX06Ea7Ds6NdPIeuZgwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:42:48 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:42:41.757851 2025] [security2:error] [pid 13524:tid 13524] [client 65.111.11.81:56495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.helstone.com"] [uri "/.svn/wc.db"] [unique_id "aSQagcA_t7GnJipXn3jvVAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:11:15 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:11:10.824686 2025] [security2:error] [pid 15650:tid 15650] [client 65.111.11.81:17011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mobilecasino.sidkha.com"] [uri "/.env"] [unique_id "aSQTHh7oTsmjJYxP-6sQKAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:23:36 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:23:29.886822 2025] [security2:error] [pid 4767:tid 4767] [client 65.111.11.81:20799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.trainingbysteve.pages4you.com"] [uri "/.svn/wc.db"] [unique_id "aSQH8SkFT9mW2LqBa00EWQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:34:59 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.11.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:34:54.799261 2025] [security2:error] [pid 22112:tid 22112] [client 65.111.11.81:12655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anamericanabroad.com"] [uri "/.svn/wc.db"] [unique_id "aSP8jiD4-IDTnzRo6HA-kQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 204.44.95.164

🇮🇳 203.145.143.163

🇹🇷 95.6.42.173

🇧🇬 79.124.56.146

🇺🇸 69.74.29.21

🇳🇱 45.148.10.141

🇺🇸 20.171.8.157

🇧🇷 201.86.46.145

🇨🇳 159.75.70.225

🇳🇱 91.92.40.24

🇨🇦 85.217.149.61

🇺🇸 44.249.198.226

🇦🇺 27.32.45.241

🇦🇹 2a03:e600:100::179

🇨🇳 116.179.32.49

🇨🇳 116.179.32.39

🇺🇸 66.228.47.151

🇨🇳 49.75.185.71

🇸🇬 43.173.181.199

🇺🇸 34.86.24.105