JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.13.59

65.111.13.59 was found in our database!

This IP was reported 67 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.13.59

Whois 65.111.13.59

IP Abuse Reports for 65.111.13.59:

This IP address has been reported a total of 67 times from 24 distinct sources. 65.111.13.59 was first reported on June 28th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:17:16 (6 days ago)	Web App Attack	Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:10 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:57:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:57:32.322980 2026] [security2:error] [pid 1603:tid 1603] [client 65.111.13.59:39127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teatrosohomadrid.com"] [uri "/.env.local"] [unique_id "aZG0rK-VKV8PzU1DdsPJcAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:34:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:34:39.572250 2026] [security2:error] [pid 9176:tid 9176] [client 65.111.13.59:62641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susansimmons.net"] [uri "/config/.env"] [unique_id "aZFa7__Y5MbTPwfvhz0I_AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-02-15 05:25:04 (4 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:59:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:59:12.118308 2026] [security2:error] [pid 21869:tid 21869] [client 65.111.13.59:19723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sullico.com"] [uri "/new/.git/config"] [unique_id "aZFSoPZBYOK1INvcd4WmIgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:14:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:14:24.161783 2026] [security2:error] [pid 2171:tid 2286] [client 65.111.13.59:21733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "straight8inc.com"] [uri "/.env.production"] [unique_id "aZFIIBdun7oDywmMCK4euwAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:35:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:35:18.484023 2026] [security2:error] [pid 22104:tid 22122] [client 65.111.13.59:19003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steedtimber.com"] [uri "/api/.git/config"] [unique_id "aZE-9pdbqspsQW1awXA4PAAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-15 02:46:24 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.13.59 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 65.111.13.59 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇳🇱 ParaBug	2026-02-15 02:31:36 (4 months ago)	65.111.13.59 - - [15/Feb/2026:03:31:36 +0100] "GET /.git/config HTTP/1.1" 404 4132 "-" "Mozilla/5.0 ... show more 65.111.13.59 - - [15/Feb/2026:03:31:36 +0100] "GET /.git/config HTTP/1.1" 404 4132 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:21:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:21:40.430894 2026] [security2:error] [pid 31656:tid 31656] [client 65.111.13.59:9439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "speedgo.mx"] [uri "/v2/.git/config"] [unique_id "aZEttG00D1ch742fc9CJkQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:57:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:57:06.004310 2026] [security2:error] [pid 2364503:tid 2364503] [client 65.111.13.59:39377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "southsideaccountingservices.com"] [uri "/frontend/.env"] [unique_id "aZEn8uIEP12mak6H_iRM2QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:24:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:24:08.696726 2026] [security2:error] [pid 24172:tid 24172] [client 65.111.13.59:24783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "murphylumber.ca"] [uri "/.env"] [unique_id "aZEgOCTOJx1NMI3XYfbxVwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 00:41:44 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 65.111.13.59 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-14 22:38:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:38:11.758763 2026] [security2:error] [pid 20185:tid 20185] [client 65.111.13.59:39229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lilachost.net"] [uri "/.env.local"] [unique_id "aZD5U9HPxXakqSes5EprcwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 67 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 92.118.39.77

🇸🇬 172.188.89.41

🇨🇳 125.124.226.217

🇵🇰 103.26.80.173

🇨🇦 99.245.87.30

🇩🇪 92.246.90.220

🇨🇭 80.74.153.84

🇵🇭 138.84.81.14

🇰🇷 121.131.220.152

🇨🇳 113.67.8.114

🇮🇳 106.76.236.70

🇮🇳 103.187.101.74

🇫🇷 85.217.140.47

🇧🇷 45.205.1.70

🇳🇱 45.148.10.152

🇨🇳 42.121.220.29

🇧🇪 34.34.189.3

🇬🇧 193.163.125.253

🇩🇪 185.30.32.114

🇦🇷 181.209.76.203