AbuseIPDB » 195.63.27.89
195.63.27.89
This IP was reported 3 times. Confidence of
Abuse
is 4% : ?
ISP
3xK Tech GmbH
Usage Type
Data Center/Web Hosting/Transit
ASN
AS200373
Domain Name
3xktech.cloud
Country
π©πͺ
Germany
City
Berlin, State of Berlin
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 195.63.27.89 :
This IP address has been reported a total of
3
times from
2 distinct
sources.
195.63.27.89 was first reported on
March 12th 2026 , and the most recent report was
4 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
π¨π
backslash
2026-06-19 13:21:00
(4 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-03-13 19:47:07
(3 months ago)
(mod_security) mod_security (id:210350) triggered by 195.63.27.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 195.63.27.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 15:46:59.946190 2026] [security2:error] [pid 21887:tid 21887] [client 195.63.27.89:11578] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||hydrusdetergents.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hydrusdetergents.com"] [uri "/wp-login.php"] [unique_id "abRpsxLMIPk9d4Ix242oogAAAAI"], referer: https://hydrusdetergents.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-12 13:27:36
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 195.63.27.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 195.63.27.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 09:27:33.109100 2026] [security2:error] [pid 21785:tid 21785] [client 195.63.27.89:22754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aliciagrant.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aliciagrant.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abK_RQ6nDr78rdVSkbK9gwAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
3
of 3 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: