JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.13.73

65.111.13.73 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.13.73

Whois 65.111.13.73

IP Abuse Reports for 65.111.13.73:

This IP address has been reported a total of 32 times from 15 distinct sources. 65.111.13.73 was first reported on July 12th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-05-18 19:47:32 (2 weeks ago)	[MonMay1821:47:27.1864002026][security2:error][pid1746097:tid1746123][client65.111.13.73:0]ModSecuri ... show more [MonMay1821:47:27.1864002026][security2:error][pid1746097:tid1746123][client65.111.13.73:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"www.giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"agtszxJDUpjo7yU9gMaTmgAAAFc\"] show less	Hacking Web App Attack
🇪🇸 librebit	2026-05-17 04:15:07 (3 weeks ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-15 00:26:49 (3 weeks ago)	RDWeb scan	Web App Attack
🇨🇭 backslash	2026-05-01 10:27:00 (1 month ago)		Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:59:01 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 08:17:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 03:17:32.808883 2025] [security2:error] [pid 16903:tid 16903] [client 65.111.13.73:26855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "namadiscount.com"] [uri "/.env"] [unique_id "aTksnA70D8vP3ruz288ZmQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 18:51:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 13:51:02.397331 2025] [security2:error] [pid 28724:tid 28724] [client 65.111.13.73:57463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brbcash.com"] [uri "/.svn/wc.db"] [unique_id "aThvlj0yeKQZD13j16F66QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 23:22:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:22:15.690795 2025] [security2:error] [pid 4330:tid 4330] [client 65.111.13.73:9009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlinepetsuperstore.com"] [uri "/.env"] [unique_id "aTYMJ92kIs6LsPycRazhgAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:00:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:00:40.109978 2025] [security2:error] [pid 23262:tid 23262] [client 65.111.13.73:22045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mark.rawlings.name"] [uri "/.svn/wc.db"] [unique_id "aTQM2KpdKbGnOyDlDNITKgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 21:18:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 16:18:27.243955 2025] [security2:error] [pid 13389:tid 13389] [client 65.111.13.73:51301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myllc.email"] [uri "/.git/HEAD"] [unique_id "aTNMI_a0GuSHSk2zRD1g2wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 15:16:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:16:12.246031 2025] [security2:error] [pid 889:tid 889] [client 65.111.13.73:52637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegameforeverybody.com"] [uri "/.git/HEAD"] [unique_id "aTL3PBulwnwGHSOJ8_eoZAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:39:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:39:21.823979 2025] [security2:error] [pid 9179:tid 9179] [client 65.111.13.73:27955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eworld-media.com"] [uri "/.svn/wc.db"] [unique_id "aTJwCdhOVJ7t8swEJIfGKwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 techboy117	2025-11-14 00:36:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
Anonymous	2025-10-16 12:58:07 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-13 18:26:38 (7 months ago)	GlobalProtect login attempts with user ctunstall.	VPN IP Brute-Force

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4003:c04::120

🇳🇱 185.223.235.52

🇨🇳 182.204.179.153

🇲🇽 138.122.97.81

🇨🇳 111.26.63.87

🇺🇸 108.35.129.132

🇺🇸 100.29.192.109

🇷🇺 91.149.70.230

🇩🇪 78.111.67.238

🇹🇿 41.59.176.169

🇩🇪 34.185.228.106

🇧🇷 200.204.243.202

🇬🇧 195.96.139.126

🇪🇸 185.120.142.233

🇨🇳 112.28.240.40

🇷🇺 90.188.38.227

🇷🇴 80.94.95.211

🇷🇺 77.37.179.158

🇺🇸 71.12.241.225

🇺🇸 66.132.186.243