JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.13.95

65.111.13.95 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.13.95

Whois 65.111.13.95

IP Abuse Reports for 65.111.13.95:

This IP address has been reported a total of 26 times from 12 distinct sources. 65.111.13.95 was first reported on July 7th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 as211431.net	2026-05-26 05:52:14 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /index.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.2 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇸🇬 ipidentify	2026-01-08 15:44:39 (5 months ago)	2026-01-08T15:44:39Z GET /.env	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:12:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:12:01.562947 2025] [security2:error] [pid 29386:tid 29386] [client 65.111.13.95:57739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "infinite-a.com"] [uri "/.git/HEAD"] [unique_id "aVINoZm44XAiGitnrPjPiAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 00:48:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 19:48:31.736591 2025] [security2:error] [pid 31829:tid 31829] [client 65.111.13.95:24921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kerrywoodandson.com"] [uri "/.svn/wc.db"] [unique_id "aTjDX4I-YaDXKKIJ6kUFAQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:50:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:50:18.690252 2025] [security2:error] [pid 28485:tid 28509] [client 65.111.13.95:12091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "possibilitywhisperer.com"] [uri "/.svn/wc.db"] [unique_id "aTMNSnLg7_5isPQjckseCAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:29:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:29:40.397084 2025] [security2:error] [pid 26568:tid 26568] [client 65.111.13.95:31219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mapleleaf-marketing.com"] [uri "/.svn/wc.db"] [unique_id "aTKmBCjYdYHA5RH3bJ4YgwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:18:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:18:22.419828 2025] [security2:error] [pid 28284:tid 28284] [client 65.111.13.95:10381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tedharris.com"] [uri "/.svn/wc.db"] [unique_id "aTKVThCXwnpJwc6eHdAq-gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:41:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:41:06.310338 2025] [security2:error] [pid 5230:tid 5230] [client 65.111.13.95:32263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailsara.com"] [uri "/.env"] [unique_id "aTJwcrUhNDjPIGfP8MNhLAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:08:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:08:32.391884 2025] [security2:error] [pid 15742:tid 15742] [client 65.111.13.95:32925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itecsis.com"] [uri "/.svn/wc.db"] [unique_id "aTI-oDOAjphSYaxqMBTQjgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:53:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:53:16.388416 2025] [security2:error] [pid 17896:tid 17896] [client 65.111.13.95:31725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.incrp.org"] [uri "/.svn/wc.db"] [unique_id "aSPkvAdiVDEyMz1Z35yLMAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:28:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.13.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:28:28.859467 2025] [security2:error] [pid 4209:tid 4209] [client 65.111.13.95:48511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.wordandspiritministrycenter.com"] [uri "/.git/HEAD"] [unique_id "aSPe7Jzx-KHpJ7Z6SGfV8wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-21 02:59:27 (6 months ago)	Forum/form spam	Web Spam
Anonymous	2025-11-02 14:58:31 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:15:53	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-10-30 14:17:04 (7 months ago)	WordPress Brute Force	Brute-Force
Anonymous	2025-10-29 05:16:20 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.79.218.164

🇳🇱 178.128.248.249

🇺🇸 147.185.132.241

🇨🇳 120.48.114.235

🇭🇰 103.45.68.123

🇺🇸 64.62.156.123

🇺🇸 64.62.156.122

🇮🇪 54.78.155.243

🇮🇩 36.64.190.82

🇺🇸 34.186.42.196

🇯🇵 8.216.6.189

🇺🇸 2607:f8b0:4001:c5f::123

🇺🇸 2607:f8b0:4001:c56::121

🇰🇷 210.118.224.138

🇧🇷 205.210.31.148

🇭🇰 199.45.154.123

🇩🇪 185.242.3.231

🇺🇸 162.216.149.216

🇩🇪 162.62.58.193

🇻🇳 125.212.217.143