JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.15.42

65.111.15.42 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.15.42

Whois 65.111.15.42

IP Abuse Reports for 65.111.15.42:

This IP address has been reported a total of 42 times from 15 distinct sources. 65.111.15.42 was first reported on September 27th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-13 22:45:58 (4 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇫🇮 6kilowatti	2026-03-17 08:48:06 (2 months ago)	65.111.15.42 - - [16/Mar/2026:07:21:24 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29&Q ... show more 65.111.15.42 - - [16/Mar/2026:07:21:24 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29&QfjM=7738%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_cmdshell%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23 HTTP/1.1" 200 3643 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" 65.111.15.42 - - [16/Mar/2026:07:21:41 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29%20AND%201445%3D8618--%20gJLl HTTP/1.1" 200 3346 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" 65.111.15.42 - - [16/Mar/2026:07:21:42 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29%20AND%203668%3D3668--%20PVGL HTTP/1.1" 200 3343 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Ch ... show less	Web App Attack
🇫🇮 6kilowatti	2026-03-16 05:47:36 (2 months ago)	65.111.15.42 - - [16/Mar/2026:07:21:24 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29&Q ... show more 65.111.15.42 - - [16/Mar/2026:07:21:24 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29&QfjM=7738%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_cmdshell%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23 HTTP/1.1" 200 3643 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" 65.111.15.42 - - [16/Mar/2026:07:21:41 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29%20AND%201445%3D8618--%20gJLl HTTP/1.1" 200 3346 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" 65.111.15.42 - - [16/Mar/2026:07:21:42 +0200] "GET /index.php?sid=ad5f8808de478288dea9198fa4addd29%20AND%203668%3D3668--%20PVGL HTTP/1.1" 200 3343 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Ch ... show less	Web App Attack
🇫🇷 conseilgouz	2026-03-04 23:29:13 (3 months ago)	upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=artic ... show more upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=article&id=100&catid=8%27%3BSELECT%20PG_SLEEP%285%29-...(') show less	Hacking
🇫🇷 conseilgouz	2026-02-27 10:13:59 (3 months ago)	upe-13 : Block SQL injections=>/index.php?option=com_content&view=article&id=161%20ORDER%20B ... show more upe-13 : Block SQL injections=>/index.php?option=com_content&view=article&id=161%20ORDER%20BY%201--%20lKRu&catid=8( ) show less	Hacking
🇦🇺 MAGIC	2026-02-27 01:29:37 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-09 19:17:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:17:52.138076 2026] [security2:error] [pid 19341:tid 19440] [client 65.111.15.42:59479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "g3-contracting.com"] [uri "/dev/.git/config"] [unique_id "aYoy4EYsChRAU7ugYZ3JOAAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:38:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:37:54.916499 2026] [security2:error] [pid 174437:tid 174514] [client 65.111.15.42:50485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gafm.org"] [uri "/.env.staging"] [unique_id "aYm5Ap6BO_Ujr-6P95I4WAAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:30:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:30:08.347957 2026] [security2:error] [pid 21276:tid 21276] [client 65.111.15.42:28285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fulltime-life.com"] [uri "/app/.env"] [unique_id "aYmpIEHFSk47tEsfJvolQgAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2025-12-29 06:03:55 (5 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:35:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:35:08.117134 2025] [security2:error] [pid 20716:tid 20716] [client 65.111.15.42:41185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "30daysout.com"] [uri "/.git/HEAD"] [unique_id "aVITDEcWiqiZe8Ej7EhoqgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:42:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:41:54.711843 2025] [security2:error] [pid 16848:tid 16865] [client 65.111.15.42:14449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "williampower.com"] [uri "/.svn/wc.db"] [unique_id "aVIGkuY3Wlk-Bgm76UqvXAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:52:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:52:45.863494 2025] [security2:error] [pid 18946:tid 18946] [client 65.111.15.42:60591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jacinc.net"] [uri "/.env"] [unique_id "aTQ1LcunzxTJpPmseRhJvQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:27:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:27:32.910604 2025] [security2:error] [pid 21015:tid 21015] [client 65.111.15.42:55687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terazon.net"] [uri "/.svn/wc.db"] [unique_id "aTQhNFbXCYYO59ljfGd7mgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:54:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:54:07.791207 2025] [security2:error] [pid 19528:tid 19528] [client 65.111.15.42:22235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tek-front.com"] [uri "/.git/HEAD"] [unique_id "aTLH36X__84dYr-ieQVCwAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 101.47.155.9

🇳🇱 91.103.152.35

🇩🇪 69.5.169.123

🇳🇱 45.148.10.157

🇳🇱 45.148.10.141

🇳🇱 193.176.31.227

🇩🇪 193.124.20.234

🇨🇳 183.172.247.74

🇪🇨 181.78.242.87

🇲🇾 165.154.147.69

🇧🇩 103.4.145.50

🇿🇦 102.223.47.171

🇺🇸 64.62.197.204

🇨🇦 51.222.95.243

🇬🇧 35.203.210.21

🇺🇸 20.169.104.246

🇳🇱 5.61.209.224

🇮🇳 2409:40c4:10fc:2256:259c:2ded:9201:1c8a

🇹🇳 197.5.145.114

🇲🇽 186.96.145.241