JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.111.15.6

65.111.15.6 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 21%: ?

21%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.111.15.6

Whois 65.111.15.6

IP Abuse Reports for 65.111.15.6:

This IP address has been reported a total of 40 times from 18 distinct sources. 65.111.15.6 was first reported on June 27th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 01:44:05 (2 days ago)	Web App Attack	Web App Attack
🇪🇸 pipeline.es	2026-06-06 23:59:42 (2 weeks ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇺🇸 nyt	2026-06-01 09:58:24 (3 weeks ago)	WP Author Enumeration	Web App Attack
Anonymous	2026-04-30 02:04:49 (1 month ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-04-01 16:27:48 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-27.65.111.15.6.web-spammers ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-27.65.111.15.6.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇧🇪 voormedia	2026-02-25 06:24:38 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇱🇻 garmtech.com	2026-02-16 15:35:56 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-11-27 03:10:55 (6 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/65.111.15.6 2025- ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/65.111.15.6 2025-11-26 17:33:07 /.git/HEAD show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:42:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:42:31.169095 2025] [security2:error] [pid 25699:tid 25699] [client 65.111.15.6:40405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dancingorchidvillas.c-w-a-m.com"] [uri "/.git/HEAD"] [unique_id "aSa9dyLWvjWOLteHoJ0DhQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:04:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:04:28.894153 2025] [security2:error] [pid 18428:tid 18428] [client 65.111.15.6:51359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.enterprisewindowtinting.com"] [uri "/.git/HEAD"] [unique_id "aSamfCQiWvewZOpldjWyUQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:14:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:14:46.098838 2025] [security2:error] [pid 27292:tid 27292] [client 65.111.15.6:37093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.davisllp.com"] [uri "/.svn/wc.db"] [unique_id "aSaa1oeh-ANjFY4t3XhfvQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:41:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:41:17.073033 2025] [security2:error] [pid 20270:tid 20270] [client 65.111.15.6:13725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.qualuedata.com"] [uri "/.git/HEAD"] [unique_id "aSZMrZPiwvnn7zEAVANvSAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:26:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:26:42.999431 2025] [security2:error] [pid 21314:tid 21314] [client 65.111.15.6:19407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.e-zschedule.com"] [uri "/.svn/wc.db"] [unique_id "aSUF0hkZwpBPdv-oMd68jQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:30:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 65.111.15.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:29:59.189931 2025] [security2:error] [pid 24423:tid 24423] [client 65.111.15.6:10849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.recollected.net"] [uri "/.git/HEAD"] [unique_id "aST4h8VL1JbC8ocZ0zZcoAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.160.3

🇳🇱 176.65.139.158

🇺🇸 45.8.19.99

🇩🇪 185.242.3.226

🇩🇪 161.35.65.86

🇨🇳 150.255.99.99

🇺🇸 141.11.88.3

🇧🇬 78.128.114.110

🇷🇴 2.57.122.177

🇬🇧 193.163.125.56

🇵🇹 181.214.37.154

🇺🇸 65.49.1.230

🇺🇸 64.62.156.52

🇮🇳 35.200.191.248

🇮🇪 2a05:d018:10df:d401:83c5:ca8d:d42d:b0c1

🇺🇸 2604:a880:400:d1:0:4:9e75:f001

🇺🇸 195.184.76.117

🇩🇪 193.46.232.244

🇮🇳 122.170.100.253

🇮🇪 54.246.131.71