JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.218.243.59

213.218.243.59 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 63%: ?

63%

ISP	GCI Network Solutions Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60781
Domain Name	nasstar.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.218.243.59

Whois 213.218.243.59

IP Abuse Reports for 213.218.243.59:

This IP address has been reported a total of 15 times from 10 distinct sources. 213.218.243.59 was first reported on June 7th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 walnuts	2026-06-07 11:43:50 (4 hours ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 10:03:24 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 06:03:16.679672 2026] [security2:error] [pid 12336:tid 12336] [client 213.218.243.59:65332] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.yourbrandhere.com"] [uri "/.env"] [unique_id "aiVB5A_Wxvaay78eUYUyDgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 08:04:00 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:03:55.480265 2026] [security2:error] [pid 11073:tid 11073] [client 213.218.243.59:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.env"] [unique_id "aiUl6xXr5VjrioEh0WcFqAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-06-07 06:54:03 (8 hours ago)	Probing for .env file: 213.218.243.59 - - [07/Jun/2026:08:54:01 +0200] "GET /.env HTTP/1.1" 403 146 ... show more Probing for .env file: 213.218.243.59 - - [07/Jun/2026:08:54:01 +0200] "GET /.env HTTP/1.1" 403 146 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" show less	Web App Attack
🇺🇸 mnsf	2026-06-07 06:06:26 (9 hours ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 05:15:01 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:14:52.723038 2026] [security2:error] [pid 9355:tid 9355] [client 213.218.243.59:62138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nnrentacar.com"] [uri "/.env"] [unique_id "aiT-TO0s57WWL7AkA6qAmAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 penjaga BRIN	2026-06-07 05:00:10 (10 hours ago)	Suspicious malicious activity	Hacking
🇮🇩 securejdprop	2026-06-07 03:53:00 (11 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access. WAF block: crowdsecurit ... show more This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access. WAF block: crowdsecurity/vpatch-env-access from 213.218.243.59 (172.18.0.2) show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 03:15:49 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:15:42.250230 2026] [security2:error] [pid 7911:tid 7911] [client 213.218.243.59:58135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mjaaforum.org"] [uri "/.env"] [unique_id "aiTiXjwWfbfm7yuqlJVOUwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 02:46:33 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 213.218.243.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 22:46:25.079333 2026] [security2:error] [pid 11665:tid 11665] [client 213.218.243.59:55603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thebradleyclinic.com"] [uri "/.env"] [unique_id "aiTbgYt6NzoMwnplyUa0hQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 02:15:01 (13 hours ago)	suspicious request in access.log	Web App Attack
🇩🇪 london2038.com	2026-06-07 01:45:32 (14 hours ago)	Probing for exploits 213.218.243.59 - - [07/Jun/2026:03:45:28 +0200] "GET /.env HTTP/1.1" 422 0 "-" ... show more Probing for exploits 213.218.243.59 - - [07/Jun/2026:03:45:28 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" 213.218.243.59 - - [07/Jun/2026:03:45:27 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" show less	Hacking Web App Attack
🇩🇪 MusicLibrary	2026-06-07 01:44:20 (14 hours ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-07 01:23:32 (14 hours ago)	IM360 WAF: Laravel Apps Leaking Secrets exploit attempt MV:androxgh0st	Web App Attack
🇱🇻 garmtech.com	2026-06-07 01:06:51 (14 hours ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.181.24.82

🇮🇱 212.199.105.109

🇺🇸 66.132.172.224

🇮🇳 59.144.79.102

🇧🇪 2a00:1450:400c:c1d::121

🇮🇹 188.213.175.41

🇵🇾 181.123.62.210

🇭🇰 152.32.216.28

🇺🇸 100.50.17.159

🇺🇸 64.62.156.67

🇮🇷 31.7.66.163

🇨🇦 20.151.116.141

🇮🇳 203.192.232.180

🇨🇳 118.196.142.135

🇮🇳 103.186.236.24

🇳🇱 89.124.80.251

🇵🇱 87.251.64.176

🇮🇳 49.204.74.149

🇳🇱 45.148.10.151

🇩🇪 36.255.97.48