JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.15.4

65.111.15.4 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.15.4

Whois 65.111.15.4

IP Abuse Reports for 65.111.15.4:

This IP address has been reported a total of 37 times from 20 distinct sources. 65.111.15.4 was first reported on July 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-19 02:34:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:34:43.283124 2026] [security2:error] [pid 26871:tid 26891] [client 65.111.15.4:40247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kd9uri.com"] [uri "/app/.env"] [unique_id "aZZ2wxLLnt_94dW2WxeWQwAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-02-19 00:36:42 (3 months ago)	Blocked by CSF 13 firewall - Rule: config-dotfile US/United States/-	Web App Attack
🇮🇹 VHosting	2026-02-18 22:11:32 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-18 13:41:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:41:25.750959 2026] [security2:error] [pid 22880:tid 22880] [client 65.111.15.4:21855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woahmanatee.com"] [uri "/.env"] [unique_id "aZXBheEXvZcpkwd6wISwpgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:25:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:25:42.841685 2026] [security2:error] [pid 25094:tid 25094] [client 65.111.15.4:44525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdryer.com"] [uri "/admin/.git/config"] [unique_id "aZWvxq0bkvrJfjeAagoQYgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:06:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:06:10.750949 2026] [security2:error] [pid 26602:tid 26602] [client 65.111.15.4:36883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watongacommunitycats.org"] [uri "/config/.env"] [unique_id "aZWrMhd0niiMqya4RLNFfgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:46:42.527114 2026] [security2:error] [pid 5453:tid 5453] [client 65.111.15.4:16961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterceron.com"] [uri "/admin/.git/config"] [unique_id "aZWmos56K5On2w3Utr9_eQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:44 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇳🇱 maxxsense	2025-12-28 14:01:04 (5 months ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 65.111.15.4 (US/United S ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 65.111.15.4 (US/United States/-) show less	Port Scan
🇺🇸 TPI-Abuse	2025-12-27 23:51:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:51:00.130517 2025] [security2:error] [pid 27953:tid 27953] [client 65.111.15.4:53085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livingminimal.com"] [uri "/.git/HEAD"] [unique_id "aVBw5B8RwPiieYzNt0U07wAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:54:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:54:40.438485 2025] [security2:error] [pid 18382:tid 18382] [client 65.111.15.4:42537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mukau.com"] [uri "/.env"] [unique_id "aVBjsLyVJnfTaFoMIwdJNgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:34:28 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:34:25.315685 2025] [security2:error] [pid 22962:tid 22962] [client 65.111.15.4:35293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alohaarts.com"] [uri "/.env"] [unique_id "aVAmsfwsJJPYo8ea_Hr9CwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2025-12-21 20:47:07 (5 months ago)	(modsecurity) srv201 ModSecurity 65.111.15.4 (US/United States/-): 5 in the last 3600 secs; Ports: * ... show more (modsecurity) srv201 ModSecurity 65.111.15.4 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 Aetherweb Ark	2025-12-14 04:24:24 (5 months ago)	(mod_security) mod_security (id:949110) triggered by 65.111.15.4 (US/United States/-): N in the last ... show more (mod_security) mod_security (id:949110) triggered by 65.111.15.4 (US/United States/-): N in the last X secs show less	Web App Attack
🇬🇧 SilverZippo	2025-12-03 18:40:10 (6 months ago)	Web App Attack	Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 141.11.1.134

🇮🇳 125.16.27.190

🇨🇳 120.85.182.245

🇮🇳 103.55.89.5

🇺🇸 91.230.168.127

🇷🇺 89.175.252.170

🇺🇸 52.128.40.94

🇮🇳 43.241.66.87

🇸🇬 34.21.251.115

🇮🇳 14.140.218.210

🇺🇸 2602:fb54:1400::2f

🇺🇸 216.75.132.108

🇧🇷 187.0.238.73

🇨🇳 182.201.244.26

🇺🇸 150.136.214.177

🇨🇳 220.197.78.59

🇺🇸 144.172.94.169

🇺🇸 143.198.73.73

🇰🇷 122.202.250.160

🇷🇴 80.94.92.171