JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.20.15

195.63.20.15 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.20.15

Whois 195.63.20.15

IP Abuse Reports for 195.63.20.15:

This IP address has been reported a total of 7 times from 4 distinct sources. 195.63.20.15 was first reported on March 1st 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 sms.ru	2026-06-22 17:51:46 (5 days ago)	/wp-admin/admin-ajax.php	Web App Attack
🇩🇪 FeG Deutschland	2026-06-22 16:54:44 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇮🇩 bps-statistics	2026-06-17 07:35:55 (1 week ago)	WP Login Scan Activities: "2026-06-17T14:35:55.712+07:00" "/wp-login.php" "195.63.20.15" "Mozilla/5. ... show more WP Login Scan Activities: "2026-06-17T14:35:55.712+07:00" "/wp-login.php" "195.63.20.15" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0" show less	Web App Attack
🇮🇩 bps-statistics	2026-06-16 18:32:42 (1 week ago)	WP Login Scan Activities: "2026-06-17T01:32:42.602+07:00" "/wp-login.php" "195.63.20.15" "Mozilla/5. ... show more WP Login Scan Activities: "2026-06-17T01:32:42.602+07:00" "/wp-login.php" "195.63.20.15" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 09:26:22 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.20.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.20.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 05:26:18.181566 2026] [security2:error] [pid 7673:tid 7673] [client 195.63.20.15:24330] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|iconconstructors.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "iconconstructors.com"] [uri "/wp-login.php"] [unique_id "aa_jupcpOiVnXJwBBgha1AAAAAc"], referer: http://iconconstructors.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 03:59:37 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.20.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.20.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 22:59:32.924669 2026] [security2:error] [pid 5388:tid 5388] [client 195.63.20.15:42990] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jolankagroup.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jolankagroup.com"] [uri "/wp-login.php"] [unique_id "aaj_pE30-Lhh_iP18iBL-AAAAAk"], referer: http://jolankagroup.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-01 20:30:54 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.20.15 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.20.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 15:30:48.389342 2026] [security2:error] [pid 29613:tid 29613] [client 195.63.20.15:60024] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|cadimpressions.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "cadimpressions.com"] [uri "/wp-login.php"] [unique_id "aaSh-Neqa4VglMaeQ4hmwwAAAAY"], referer: https://cadimpressions.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 195.154.40.137

🇱🇹 194.165.16.164

🇧🇷 177.126.132.44

🇺🇸 165.154.182.174

🇭🇰 161.81.121.171

🇺🇸 147.185.132.66

🇺🇸 20.169.107.206

🇺🇸 205.210.31.104

🇺🇸 204.154.216.122

🇬🇧 193.8.186.31

🇧🇷 187.183.44.136

🇬🇧 185.247.137.194

🇬🇧 185.216.145.168

🇺🇸 167.99.115.3

🇨🇳 119.102.238.36

🇨🇳 106.75.237.200

🇮🇳 103.174.243.226

🇰🇿 88.204.254.197

🇬🇧 87.236.176.188

🇩🇪 69.5.169.222