JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.28.193

195.63.28.193 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.28.193

Whois 195.63.28.193

IP Abuse Reports for 195.63.28.193:

This IP address has been reported a total of 7 times from 4 distinct sources. 195.63.28.193 was first reported on March 3rd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VINA	2026-06-10 15:20:17 (1 week ago)	Banned by SPAMHAUS ASN-DROP list (ASN: 200373)	DDoS Attack Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-12 19:53:55 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 15:53:49.080270 2026] [security2:error] [pid 19341:tid 19341] [client 195.63.28.193:51876] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|univey.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "univey.com"] [uri "/wp-login.php"] [unique_id "abMZzSfcEu6x2Hkjxeh83wAAAAY"], referer: http://univey.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-11 20:46:17 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 16:46:12.343855 2026] [security2:error] [pid 18916:tid 18916] [client 195.63.28.193:40160] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.digi-estudio.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.digi-estudio.com"] [uri "/wp-login.php"] [unique_id "abHUlAL_eCAHhiH3WfQ7mQAAACk"], referer: http://digi-estudio.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-03-11 18:46:43 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 01:11:02 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 21:10:54.119087 2026] [security2:error] [pid 11773:tid 11773] [client 195.63.28.193:43282] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jolankagroup.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jolankagroup.com"] [uri "/wp-login.php"] [unique_id "aa9vnlm2r-lhv3U6MbaBbQAAAAM"], referer: http://jolankagroup.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 01:29:18 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 195.63.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 20:29:15.729240 2026] [security2:error] [pid 6999:tid 6999] [client 195.63.28.193:58618] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thomasgardner.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thomasgardner.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aaeK6-sVli6IoORJU_A4XAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-03 18:34:35 (3 months ago)	Failed Wordpress login	Hacking Brute-Force Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.48.33

🇸🇪 185.246.130.20

🇺🇸 162.216.149.152

🇻🇳 116.110.146.181

🇺🇸 66.132.224.22

🇧🇷 45.173.226.60

🇸🇳 41.82.50.218

🇧🇪 198.235.24.174

🇹🇼 198.235.24.84

🇺🇸 142.93.181.239

🇪🇨 66.231.68.91

🇸🇬 172.104.60.248

🇧🇷 168.194.57.83

🇩🇪 144.31.74.139

🇺🇸 73.161.96.107

🇩🇪 45.3.44.151

🇭🇷 178.218.160.233

🇫🇮 147.185.133.27

🇩🇪 69.5.169.46

🇫🇷 46.105.48.30