JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.56.28.140

193.56.28.140 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.56.28.140

Whois 193.56.28.140

IP Abuse Reports for 193.56.28.140:

This IP address has been reported a total of 21 times from 12 distinct sources. 193.56.28.140 was first reported on November 22nd 2020, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 bitblockit	2026-05-27 17:40:22 (2 weeks ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: P0f. Decoy ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: P0f. Decoy listen port: 8545/tcp. Observed event time: 2026-05-27 17:40:22 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇫🇷 masterguru	2026-03-30 05:21:18 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 193.56.28.140 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 193.56.28.140 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-28 10:25:24 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 193.56.28.140 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 193.56.28.140 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-24 09:23:00 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 08:13:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:13:41.829058 2026] [security2:error] [pid 2915:tid 2933] [client 193.56.28.140:24321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/48/c4863f8aa3c33675af0c02e4461c839a93e323"] [unique_id "aak7NWbdh7c6FWT9QFVNXQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-22 13:36:19 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-13 22:48:33 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-14 03:59:04 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.14 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 00:21:34 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.08 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-07 16:11:13 (8 months ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-01 18:52:33 (8 months ago)	193.56.28.140 (DE/Germany/-), 10 distributed sshd attacks on account [redacted]	Brute-Force SSH
Anonymous	2025-09-30 11:36:07 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-27 14:29:05 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.27 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 hostseries	2025-09-27 03:58:54 (8 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:150:13a5::100:16

🇬🇧 217.154.35.203

🇩🇪 194.88.98.86

🇩🇪 192.109.200.220

🇻🇳 160.30.113.59

🇺🇸 138.68.238.72

🇵🇪 38.25.98.221

🇺🇸 20.102.115.137

🇷🇺 217.8.226.227

🇰🇷 211.187.7.14

🇨🇳 183.56.243.176

🇮🇹 172.213.25.203

🇰🇷 118.39.230.40

🇺🇸 96.78.175.36

🇺🇦 91.228.122.153

🇭🇺 84.0.60.153

🇰🇷 59.12.212.38

🇳🇱 52.232.19.79

🇸🇬 47.84.138.34

🇨🇳 39.165.63.169