JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.15.15

65.111.15.15 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 46%: ?

46%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.15.15

Whois 65.111.15.15

IP Abuse Reports for 65.111.15.15:

This IP address has been reported a total of 42 times from 22 distinct sources. 65.111.15.15 was first reported on June 27th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-18 08:25:32 (1 day ago)	Brute force	Brute-Force
🇫🇷 ELYAZ	2026-06-15 20:13:26 (4 days ago)	(y4) Failed scan -byebye- from 65.111.15.15 (US/United States/-): (CF_ENABLE)	Hacking
🇺🇸 dtorrer	2026-06-14 12:57:07 (5 days ago)	Brute-force general attack.	Brute-Force
🇩🇪 4server	2026-06-14 12:12:28 (5 days ago)	[SunJun1414:12:22.1655392026][security2:error][pid2397640:tid2397717][client65.111.15.15:0]ModSecuri ... show more [SunJun1414:12:22.1655392026][security2:error][pid2397640:tid2397717][client65.111.15.15:0]ModSecurity:Accessdeniedwithcode403$phase1$.Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"gmint.ch\"][uri\"/xmlrpc.php\"][unique_id\"ai6aphdi3Jy3jZW4V58vnQAAAJA\"]\,referer:https://duckduckgo.com/ show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-14 08:54:24 (5 days ago)	WordPress Brute Force	Brute-Force
🇬🇷 setupgr	2026-06-13 10:06:33 (6 days ago)	(mod_security) mod_security (id:900001) triggered by 65.111.15.15: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 65.111.15.15: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 13:06:28.545369 2026] [security2:error] [pid 705255:tid 705497] [client 65.111.15.15:48175] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0rpPdQuR8_1cu8D1hJ_wAAANg"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇧🇪 cmbplf	2026-06-12 23:36:04 (1 week ago)	3.629 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2026-06-12 05:44:54 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=aegeanpvdforum.com; logs=/var/log/httpd/domains/aegean ... show more [server.tmg.gr] httpd-login-spray-site: sites=aegeanpvdforum.com; logs=/var/log/httpd/domains/aegeanpvdforum.com.log; samples=site_wide=true \| distinct_ips=15 \| /wp-login.php show less	Hacking Web App Attack
🇩🇪 4server	2026-04-27 00:00:35 (1 month ago)	[MonApr2702:00:30.1067542026][security2:error][pid2744053:tid2744220][client65.111.15.15:0]ModSecuri ... show more [MonApr2702:00:30.1067542026][security2:error][pid2744053:tid2744220][client65.111.15.15:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap$\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"www.restaurantgandria.ch\"][uri\"/wp-login.php\"][unique_id\"ae6nHkeBCnxZvViAhSSGVAAAAQI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 Penny Packer	2026-04-17 13:18:18 (2 months ago)	Fail2Ban apache-tripwires	Web App Attack
Anonymous	2025-11-14 21:19:02 (7 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-12 02:55:20 (7 months ago)	IM360 WAF: Infectors: Suspicious access attempt (webshell)	FTP Brute-Force Open Proxy Brute-Force
Anonymous	2025-10-29 12:10:48 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-27 08:10:48 (7 months ago)	WP Admin Scan Activities	Web App Attack
Anonymous	2025-10-27 02:29:33 (7 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.90.252.4

🇮🇩 103.99.214.16

🇺🇸 75.249.132.143

🇬🇧 195.206.182.205

🇬🇧 194.50.235.150

🇮🇶 185.166.25.150

🇺🇸 167.160.70.253

🇺🇸 147.185.132.254

🇩🇪 85.214.143.22

🇺🇸 81.22.131.253

🇩🇪 69.5.169.233

🇩🇪 69.5.169.230

🇱🇹 62.60.130.129

🇺🇸 57.141.0.50

🇿🇦 41.157.105.92

🇺🇸 16.58.56.214

🇮🇪 207.254.28.5

🇩🇪 194.88.98.119

🇦🇴 102.213.34.99

🇬🇧 35.203.211.163