JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.2.105

195.63.2.105 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.2.105

Whois 195.63.2.105

IP Abuse Reports for 195.63.2.105:

This IP address has been reported a total of 5 times from 2 distinct sources. 195.63.2.105 was first reported on March 7th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 zXero	2026-06-09 12:55:46 (20 hours ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-06-03 12:32:05 (6 days ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-05-30 09:49:52 (1 week ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇺🇸 TPI-Abuse	2026-03-11 15:16:58 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.2.105 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.2.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 11:16:55.183151 2026] [security2:error] [pid 15465:tid 15465] [client 195.63.2.105:44458] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jolankagroup.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jolankagroup.com"] [uri "/wp-login.php"] [unique_id "abGHZ-E1npE5hgVYlrkzUwAAAAE"], referer: http://jolankagroup.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-07 08:36:45 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.2.105 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.2.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 03:36:40.729379 2026] [security2:error] [pid 17382:tid 17382] [client 195.63.2.105:24368] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.mfleetservice.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mfleetservice.com"] [uri "/wp-login.php"] [unique_id "aavjmIl9AvCT6rrnzyq0SwAAABA"], referer: http://mfleetservice.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 185.84.91.196

🇨🇳 157.0.0.10

🇩🇪 46.224.76.22

🇺🇸 195.184.76.107

🇺🇸 195.184.76.94

🇹🇷 176.237.195.50

🇧🇷 170.231.122.226

🇮🇳 122.187.186.26

🇩🇪 85.214.161.104

🇷🇺 5.101.64.7

🇲🇽 200.77.172.159

🇦🇷 190.19.52.130

🇪🇨 186.4.240.226

🇬🇧 185.53.211.215

🇺🇸 172.214.45.244

🇨🇦 172.105.3.121

🇨🇳 116.255.235.104

🇺🇸 91.230.168.170

🇷🇺 91.221.176.151

🇳🇱 77.83.39.55