JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.13.176

65.111.13.176 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.13.176

Whois 65.111.13.176

IP Abuse Reports for 65.111.13.176:

This IP address has been reported a total of 23 times from 14 distinct sources. 65.111.13.176 was first reported on June 27th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-11 21:09:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 16:09:06.169271 2026] [security2:error] [pid 23359:tid 23359] [client 65.111.13.176:62513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "area52designs.com"] [uri "/api/.env"] [unique_id "aYzv8pYGLyaWQ8rUu_oPEwAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:12 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 15:28:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:27:58.902627 2026] [security2:error] [pid 1010:tid 1036] [client 65.111.13.176:52165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antidote-it.com"] [uri "/api/.git/config"] [unique_id "aYtOfk7dQRfGJhPfEEQuwwAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 15:06:49 (3 months ago)	Blocking for trying to access an exploit file: /wp/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-10 06:42:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:41:57.435167 2026] [security2:error] [pid 6770:tid 6770] [client 65.111.13.176:37501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kontikimotorcycles.com"] [uri "/v2/.git/config"] [unique_id "aYrTNfEir11tIxOacdXhnQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:04:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:04:27.762922 2026] [security2:error] [pid 12746:tid 12791] [client 65.111.13.176:23535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.live"] [uri "/admin/.git/config"] [unique_id "aYqgOy7qoT-4nEbOWPXnwAAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:49:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:49:00.745138 2026] [security2:error] [pid 244815:tid 244815] [client 65.111.13.176:58511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honweneedthis.com"] [uri "/app/.git/config"] [unique_id "aYpIPL2e3R-leXPgCe5zrQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:25 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-23 10:48:30 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-14 01:42:22 (5 months ago)	botnet	DDoS Attack
Anonymous	2025-11-14 18:11:18 (6 months ago)	ASWEEDCO WEBEXPLOIT 65.111.13.176 (65.111.13.176)	Web App Attack
Anonymous	2025-11-14 03:49:37 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇮🇹 Rosh	2025-10-19 05:33:19 (7 months ago)	[10/19/25 07:33:18] SSH: illegal login attempts	Brute-Force SSH
Anonymous	2025-10-06 07:19:39 (7 months ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.10.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.10.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-05 13:04:39 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.218.245.18

🇺🇸 192.153.76.69

🇧🇷 186.216.88.160

🇲🇹 141.8.67.235

🇪🇸 91.142.223.216

🇺🇸 74.125.80.144

🇮🇩 43.133.138.8

🇮🇩 36.95.194.52

🇬🇧 35.203.210.41

🇩🇪 213.209.159.227

🇨🇭 209.99.190.200

🇳🇬 197.210.71.241

🇲🇽 189.217.130.86

🇺🇸 165.154.206.124

🇫🇮 147.185.133.78

🇮🇳 123.58.203.202

🇷🇴 80.94.92.184

🇩🇪 69.5.169.212

🇪🇸 5.225.166.111

🇬🇧 2a06:4880:6000::70