JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.16.66

195.63.16.66 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 36%: ?

36%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.16.66

Whois 195.63.16.66

IP Abuse Reports for 195.63.16.66:

This IP address has been reported a total of 9 times from 7 distinct sources. 195.63.16.66 was first reported on March 10th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Axel	2026-06-05 07:13:34 (1 day ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.old Ser ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.old Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇩🇪 FeG Deutschland	2026-06-05 01:23:45 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 mnsf	2026-06-04 08:07:47 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 Axel	2026-06-03 00:32:01 (3 days ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇫🇮 as211431.net	2026-05-30 17:35:23 (6 days ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /takehometest.sql UA: Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 tilellit.pro	2026-05-28 12:35:33 (1 week ago)	Fail2Ban banned 195.63.16.66 for security violations in jail wp-armour. Log: 2026/05/28 12:35:32 [er ... show more Fail2Ban banned 195.63.16.66 for security violations in jail wp-armour. Log: 2026/05/28 12:35:32 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 195.63.16.66 \| Target: wplogin" , client: 195.63.16.66, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 octageeks.com	2026-03-21 04:07:55 (2 months ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 TPI-Abuse	2026-03-13 14:31:05 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.16.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.16.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 10:30:55.021928 2026] [security2:error] [pid 32736:tid 32736] [client 195.63.16.66:48518] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|iconconstructors.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "iconconstructors.com"] [uri "/wp-login.php"] [unique_id "abQfnzCGzsZaCIP1pt94EwAAABQ"], referer: http://iconconstructors.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 12:15:47 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.16.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.16.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 08:15:42.746870 2026] [security2:error] [pid 3313:tid 3329] [client 195.63.16.66:42622] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|woofnrose.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "woofnrose.com"] [uri "/wp-login.php"] [unique_id "abALboJ_NxL3x3-KqIs02QAAAIg"], referer: https://woofnrose.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 176.29.167.18

🇩🇪 130.12.181.105

🇬🇹 45.228.234.84

🇺🇸 184.154.157.176

🇳🇱 158.94.211.49

🇭🇰 154.221.17.137

🇷🇺 81.211.72.167

🇧🇬 79.124.62.178

🇧🇷 45.163.173.239

🇹🇿 41.93.28.23

🇻🇳 27.71.230.31

🇷🇺 5.189.126.139

🇰🇷 211.193.245.27

🇺🇸 172.178.83.199

🇺🇸 146.88.241.115

🇧🇬 79.124.49.158

🇹🇼 60.249.207.150

🇧🇷 45.238.101.91

🇮🇳 43.251.217.140

🇨🇳 42.123.126.29