JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.13.214.65

45.13.214.65 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 100%: ?

100%

ISP	* WWW.RARECLOUD.IO *
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396073
Domain Name	rarecloud.io
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.13.214.65

Whois 45.13.214.65

IP Abuse Reports for 45.13.214.65:

This IP address has been reported a total of 55 times from 33 distinct sources. 45.13.214.65 was first reported on January 15th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇭🇺 DumaNet	2026-05-29 08:07:00 (1 week ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 May 28. 16:05:55 Source IP: 45.13. ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 May 28. 16:05:55 Source IP: 45.13.214.65 Portion of the log(s): 45.13.214.65 - [28/May/2026:16:05:53 +0200] "GET /api/v2/settings HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15" 45.13.214.65 - [28/May/2026:16:05:53 +0200] "GET /api/env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (iPad; CPU OS 17_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.7 Mobile/15E148 Safari/604.1" 45.13.214.65 - [28/May/2026:16:05:47 +0200] "GET /config/application.properties HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0" 45.13.214.65 - [28/May/2026:16:05:47 +0200] "GET /admin/.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6; rv:132.0) Gecko/20100101 Firefox/132.0" 45.13.214.65 - [28/May/2026:16:05:47 +0200] "GET /.env HTTP show less	Web App Attack Hacking
🇪🇸 alferez	2026-05-29 05:43:46 (1 week ago)	Searching .env files	Hacking Exploited Host Web App Attack
🇩🇪 dbmwebdesign	2026-05-29 05:10:10 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 Bedios GmbH	2026-05-29 03:33:47 (1 week ago)	Login credentials theft attempt	Hacking
🇷🇴 iulianh	2026-05-29 02:29:35 (1 week ago)	*	Brute-Force SSH
🇳🇱 Site.eu	2026-05-29 02:25:14 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 itsolon	2026-05-29 00:26:40 (1 week ago)	[29/May/2026:02:26:40 +0200] 178001440017.314533 45.13.214.65 38674 217.154.7.177 443 [29/May/2026:0 ... show more [29/May/2026:02:26:40 +0200] 178001440017.314533 45.13.214.65 38674 217.154.7.177 443 [29/May/2026:02:26:40 +0200] 178001440070.220646 45.13.214.65 38626 217.154.7.177 443 [29/May/2026:02:26:40 +0200] 178001440089.424497 45.13.214.65 38780 217.154.7.177 443 [29/May/2026:02:26:40 +0200] 17800144002.052882 45.13.214.65 38736 217.154.7.177 443 [29/May/2026:02:26:40 +0200] 178001440019.120366 45.13.214.65 38518 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇩🇪 4server	2026-05-28 23:36:07 (1 week ago)	[FriMay2901:36:00.6187942026][security2:error][pid1347731:tid1347798][client45.13.214.65:0]ModSecuri ... show more [FriMay2901:36:00.6187942026][security2:error][pid1347731:tid1347798][client45.13.214.65:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"monteco-suisse.ch\"][uri\"/public/.env\"][unique_id\"ahjRYCAY9_6gAz_WXWb2cQAAAIU\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-28 22:03:14 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-28	Web App Attack SSH Hacking
🇳🇱 e.fierstra	2026-05-28 20:48:38 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 SwinT	2026-05-28 20:00:03 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇹🇷 baku.hosting	2026-05-28 17:01:55 (1 week ago)	CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 45.13.214.65 (US/United States ... show more CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 45.13.214.65 (US/United States/-): 5 in the last 3600 secs show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 14:31:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.13.214.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.13.214.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 10:31:44.254432 2026] [security2:error] [pid 30533:tid 30533] [client 45.13.214.65:40734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelgardner.com"] [uri "/.env.test"] [unique_id "ahhR0HOeCRVs8EgqNp6fGQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 10:04:01 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.13.214.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.13.214.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 06:03:57.072357 2026] [security2:error] [pid 19354:tid 19354] [client 45.13.214.65:52224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jackierankin.com"] [uri "/.env.old"] [unique_id "ahgTDU8psQlHKXvzMVD7vwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-28 09:53:03 (1 week ago)	Bot / scanning and/or hacking attempts: GET /.ssh/id_ed25519 HTTP/1.1, GET /.well-known/jwks.json HT ... show more Bot / scanning and/or hacking attempts: GET /.ssh/id_ed25519 HTTP/1.1, GET /.well-known/jwks.json HTTP/1.1, GET /.env.local HTTP/1.1, GET /settings.py HTTP/1.1, GET /api/account HTTP/1.1, GET /env.json HTTP/1.1, GET /api/v1/config HTTP/1.1, GET /api/.env HTTP/1.1, GET /config/application.properties HTTP/1.1, GET /.env.staging HTTP/1.1, GET /__/firebase/init.json HTTP/1.1, GET /api/settings HTTP/1.1, GET /key.json HTTP/1.1, GET /backend/.env HTTP/1.1, GET /vault/secrets/config HTTP/1.1 show less	Hacking Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 118.99.102.207

🇩🇪 209.50.189.99

🇺🇸 208.68.37.246

🇷🇺 193.228.164.236

🇭🇰 180.131.168.114

🇺🇸 159.89.228.57

🇭🇰 118.193.47.155

🇺🇸 104.200.30.226

🇮🇳 103.206.97.180

🇮🇳 103.206.97.165

🇮🇩 103.193.178.119

🇸🇪 83.253.210.84

🇺🇸 66.228.53.174

🇺🇸 64.62.156.11

🇳🇱 45.148.10.147

🇺🇸 216.25.89.108

🇸🇬 188.166.235.56

🇺🇦 176.36.115.55

🇺🇸 151.240.55.244

🇫🇮 147.185.133.70