JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.8.83

65.111.8.83 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.8.83

Whois 65.111.8.83

IP Abuse Reports for 65.111.8.83:

This IP address has been reported a total of 42 times from 24 distinct sources. 65.111.8.83 was first reported on July 10th 2024, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇭🇺 bcsaba	2026-06-12 23:23:57 (11 hours ago)	CMS (WordPress or Joomla) login attempt. 65.111.8.83 - - [13/Jun/2026:01:23:55 +0200] "POST /wp-logi ... show more CMS (WordPress or Joomla) login attempt. 65.111.8.83 - - [13/Jun/2026:01:23:55 +0200] "POST /wp-login.php HTTP/1.1" 200 3521 "https://REDACTED/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Brute-Force Web App Attack
🇲🇽 octageeks.com	2026-06-11 04:12:21 (2 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 mnsf	2026-06-05 05:07:41 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-08 22:50:24 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 oncord	2026-05-08 13:44:58 (1 month ago)	Form spam	Web Spam
🇨🇭 4server	2026-05-01 08:18:06 (1 month ago)	[FriMay0110:18:01.4381552026][security2:error][pid2599092:tid2599599][client65.111.8.83:0]ModSecurit ... show more [FriMay0110:18:01.4381552026][security2:error][pid2599092:tid2599599][client65.111.8.83:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"buonviaggio.ch\"][uri\"/Contatti/\"][unique_id\"afRhubF3cRiYD0ecVjC9qQAAAQ8\"]\,referer:http://buonviaggio.ch/Contatti/ show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 01:50:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 20:50:00.964936 2026] [security2:error] [pid 8300:tid 8300] [client 65.111.8.83:11277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bearssd.org"] [uri "/.svn/wc.db"] [unique_id "aaePyKepI0MG0B5bInU6yQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-03 03:15:13 (3 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-03-02 23:00:38 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-02	Web App Attack SSH Hacking
🇮🇹 VHosting	2026-02-18 22:11:29 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:47 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:03:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:03:06.710517 2025] [security2:error] [pid 5969:tid 5969] [client 65.111.8.83:21533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.maverickhousellc.com"] [uri "/.svn/wc.db"] [unique_id "aSbeavEKtutPSXtZaIp_4wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:41:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:41:46.789811 2025] [security2:error] [pid 23270:tid 23270] [client 65.111.8.83:14397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.easterbilby.net"] [uri "/.env"] [unique_id "aSa9Sl8QKXgu7klr8SErcwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:44:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:44:32.778539 2025] [security2:error] [pid 24898:tid 24898] [client 65.111.8.83:36553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.politicallycorrecteconomics.com"] [uri "/.git/HEAD"] [unique_id "aSah0P6eJRLqeUVUGphzsQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:07:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.8.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:07:45.415349 2025] [security2:error] [pid 5183:tid 5183] [client 65.111.8.83:57151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.quantrics.com"] [uri "/.env"] [unique_id "aSaZMUOZof8LUpTvHknASQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 202.91.41.65

🇺🇸 147.185.132.12

🇹🇼 123.240.65.249

🇨🇦 85.217.149.26

🇹🇼 49.158.200.4

🇿🇦 41.193.163.245

🇵🇰 39.60.240.215

🇺🇸 34.148.82.197

🇻🇳 14.177.66.19

🇮🇳 13.232.43.19

🇦🇱 217.21.155.173

🇨🇦 198.100.155.155

🇦🇷 181.28.132.114

🇭🇰 165.154.41.182

🇺🇸 135.237.125.118

🇺🇸 129.146.55.131

🇨🇳 106.74.26.242

🇫🇷 91.121.33.230

🇨🇦 85.217.149.18

🇸🇬 47.79.200.76