JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.56.28.159

193.56.28.159 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.56.28.159

Whois 193.56.28.159

IP Abuse Reports for 193.56.28.159:

This IP address has been reported a total of 46 times from 23 distinct sources. 193.56.28.159 was first reported on November 23rd 2020, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-11 02:04:51 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 nowyouknow	2026-05-16 06:16:25 (1 month ago)	(From [email protected]) Hi Northwest Chiropractic Center, I wanted to bump this in ... show more (From [email protected]) Hi Northwest Chiropractic Center, I wanted to bump this in case you missed it — I built an AI agent just for Northwest Chiropractic Center, trained on your website, Google info, and everything I could find. It’s ready to answer customer questions, book appointments, and even follow up automatically. On average, our agents help increase leads by 17% without any work needed on your part. Again, this isn’t a pitch — just 20 minutes to test-drive your new AI employee. Here’s the link to book a time: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇦🇺 MAGIC	2026-04-23 00:11:40 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-20 19:57:16 (2 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-02-16 05:26:21 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2025-12-31 01:51:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 20:51:12.438237 2025] [security2:error] [pid 988727:tid 988752] [client 193.56.28.159:55361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.selecttech.org"] [uri "/.env"] [unique_id "aVSBkF8-FV7n5yAh1JEtTgAAAJc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-12-30 23:04:44 (5 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/193.56.28.159 202 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/193.56.28.159 2025-12-30 14:53:03 /.env show less	Web App Attack
Anonymous	2025-12-30 08:34:47 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 OceanTreasure	2025-12-29 09:05:08 (5 months ago)	tcp/80; AWS dotfile access attempt: "GET /.aws/credentials" @ 2025-12-29T09:04:12Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:52:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:52:50.521488 2025] [security2:error] [pid 19886:tid 19886] [client 193.56.28.159:36131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grsquared.com"] [uri "/.git/HEAD"] [unique_id "aVJBYgZAasMgj1XOS_nmYgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:34:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:34:01.986401 2025] [security2:error] [pid 32078:tid 32078] [client 193.56.28.159:14317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shahngalu.com"] [uri "/.svn/wc.db"] [unique_id "aVIg2c1u9Yz-lZDUl19xZwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:04:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:04:25.723960 2025] [security2:error] [pid 11537:tid 11558] [client 193.56.28.159:46889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koublacat.com"] [uri "/.svn/wc.db"] [unique_id "aVH9yQ3ECO-hzvoa_YiXiwAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 02:10:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:10:45.162833 2025] [security2:error] [pid 16354:tid 16354] [client 193.56.28.159:47505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vitality-web.com"] [uri "/.env"] [unique_id "aVCRpewDCkNLJmd00NLwqgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:47:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.56.28.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:47:26.608890 2025] [security2:error] [pid 10124:tid 10124] [client 193.56.28.159:57217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rebelhollowfarm.com"] [uri "/.svn/wc.db"] [unique_id "aVBT7jz_LJ7ckeLl6Y_6JAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 183.179.164.210

🇸🇬 152.42.219.80

🇸🇬 82.38.180.254

🇫🇷 13.140.144.145

🇳🇱 176.65.139.183

🇸🇬 152.42.190.92

🇫🇮 147.185.133.81

🇸🇬 145.223.130.27

🇺🇸 107.172.219.221

🇳🇱 88.210.63.9

🇮🇩 41.216.178.119

🇬🇧 35.203.211.121

🇺🇸 172.172.196.177

🇺🇸 162.216.150.203

🇧🇷 152.32.200.213

🇪🇸 82.223.165.9

🇺🇸 67.207.85.103

🇩🇰 62.66.151.143

🇳🇱 20.160.86.7

🇰🇿 2.135.121.157