JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.30.152

195.63.30.152 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.30.152

Whois 195.63.30.152

IP Abuse Reports for 195.63.30.152:

This IP address has been reported a total of 9 times from 3 distinct sources. 195.63.30.152 was first reported on March 11th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 zXero	2026-06-18 21:11:38 (6 hours ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-06-09 12:55:59 (1 week ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-06-03 12:32:17 (2 weeks ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-05-29 12:26:33 (2 weeks ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-05-23 07:45:54 (3 weeks ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇺🇸 TPI-Abuse	2026-03-11 21:23:29 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 195.63.30.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 195.63.30.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 17:23:24.122244 2026] [security2:error] [pid 17885:tid 17885] [client 195.63.30.152:39862] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|donnysimonton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "donnysimonton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abHdTBRJIH2N1p2jennEvwAAABE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-11 16:40:55 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 195.63.30.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 195.63.30.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 12:40:52.428512 2026] [security2:error] [pid 17980:tid 17980] [client 195.63.30.152:32328] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|heinzmail.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "heinzmail.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abGbFDHFiUK-kVL64vCVjwAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-03-11 14:19:41 (3 months ago)	Blocked user enumeration attempt	Hacking
🇺🇸 TPI-Abuse	2026-03-11 13:04:17 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.30.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 195.63.30.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 09:04:12.690545 2026] [security2:error] [pid 4470:tid 4470] [client 195.63.30.152:29768] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.texaslawman.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.texaslawman.net"] [uri "/wp-login.php"] [unique_id "abFoTMusLVS2CE6RWgjjygAAAAQ"], referer: http://texaslawman.net/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.244.66.197

🇰🇷 211.223.107.86

🇳🇱 203.159.90.204

🇸🇪 157.22.18.67

🇹🇼 128.14.236.41

🇳🇱 45.198.224.18

🇧🇪 34.38.97.56

🇨🇳 222.86.158.37

🇷🇺 213.180.203.226

🇳🇱 185.224.128.16

🇳🇱 45.148.10.151

🇺🇸 2620:18c:0:192::e0:188

🇩🇪 193.124.20.247

🇳🇱 192.42.116.93

🇺🇸 173.248.26.192

🇻🇳 157.66.26.151

🇯🇵 137.220.191.43

🇨🇳 119.53.253.2

🇻🇳 116.118.44.131

🇸🇪 83.191.176.93