JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.13.102

65.111.13.102 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.13.102

Whois 65.111.13.102

IP Abuse Reports for 65.111.13.102:

This IP address has been reported a total of 55 times from 24 distinct sources. 65.111.13.102 was first reported on June 27th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-06 11:29:03 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-04-02 21:07:28 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-03-28 09:38:00 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-25 18:33:27 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.13.102 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇩🇪 stinpriza	2026-03-22 00:03:00 (2 months ago)	Web App Attack	Web App Attack
🇱🇻 garmtech.com	2026-03-18 15:19:27 (2 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2026-03-18 15:19:20 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 05:14:10 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 00:14:06.265093 2026] [security2:error] [pid 9323:tid 9323] [client 65.111.13.102:12813] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cobbwebb.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZftnqniEhvs3OZnU-LRQAAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:22:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:22:40.091668 2026] [security2:error] [pid 6476:tid 6476] [client 65.111.13.102:19799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tipwhisperings.com"] [uri "/.env"] [unique_id "aZG6kAeZ9TEQweg3DfuikAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:42:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:42:05.879552 2026] [security2:error] [pid 15236:tid 15236] [client 65.111.13.102:47881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thomaschemicals.com"] [uri "/admin/.git/config"] [unique_id "aZGxDYlC27O_BycySN8EggAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-15 11:41:35 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:30:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:30:04.206533 2026] [security2:error] [pid 24896:tid 24896] [client 65.111.13.102:49569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taafe.net"] [uri "/.env"] [unique_id "aZFn7PCZ80CWW4Q4wXELaQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:59:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:59:44.307597 2026] [security2:error] [pid 24247:tid 24247] [client 65.111.13.102:14389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swurgentvet.com"] [uri "/api/.git/config"] [unique_id "aZFg0EyqnxVppc30YWl4VQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:44:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:44:51.759828 2026] [security2:error] [pid 13876:tid 13876] [client 65.111.13.102:9661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxwetworld.com"] [uri "/dev/.git/config"] [unique_id "aZFPQ6_fBo79HshK_OsoEQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:10:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:10:50.237322 2026] [security2:error] [pid 21089:tid 21089] [client 65.111.13.102:62155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stormstrips.info"] [uri "/frontend/.env"] [unique_id "aZFHSsS4YD9YYK2jPfhA7QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 60.191.44.170

🇺🇸 40.90.251.69

🇬🇧 35.203.210.252

🇹🇷 213.43.46.16

🇳🇱 195.178.110.30

🇧🇷 189.8.120.120

🇸🇪 178.73.224.79

🇳🇱 158.94.210.233

🇳🇱 104.233.31.167

🇫🇷 91.231.89.193

🇸🇬 20.157.117.15

🇺🇸 209.250.5.187

🇵🇰 139.135.60.80

🇦🇷 45.181.246.40

🇺🇸 38.248.6.208

🇺🇸 205.210.31.64

🇺🇸 147.185.132.63

🇷🇺 93.81.234.138

🇩🇪 88.214.25.125

🇺🇸 52.240.168.193