JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.18.11

195.63.18.11 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 37%: ?

37%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.18.11

Whois 195.63.18.11

IP Abuse Reports for 195.63.18.11:

This IP address has been reported a total of 16 times from 7 distinct sources. 195.63.18.11 was first reported on March 3rd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 bps-statistics	2026-06-17 22:42:11 (3 days ago)	WP Login Scan Activities: "2026-06-18T05:42:11.886+07:00" "/wp-login.php" "195.63.18.11" "Mozilla/5. ... show more WP Login Scan Activities: "2026-06-18T05:42:11.886+07:00" "/wp-login.php" "195.63.18.11" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0" show less	Web App Attack
🇮🇩 bps-statistics	2026-06-17 22:17:25 (3 days ago)	WP Login Scan Activities: "2026-06-18T05:17:25.052+07:00" "/wp-login.php" "195.63.18.11" "Mozilla/5. ... show more WP Login Scan Activities: "2026-06-18T05:17:25.052+07:00" "/wp-login.php" "195.63.18.11" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0" show less	Web App Attack
🇺🇸 mnsf	2026-06-16 00:08:17 (5 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 02:38:34 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 mnsf	2026-06-11 10:05:20 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 Axel	2026-06-11 06:23:05 (1 week ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇬🇧 Axel	2026-06-09 23:33:48 (1 week ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.backup ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.backup Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-06-09 18:15:17 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 195.63.18.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 195.63.18.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:15:13.338707 2026] [security2:error] [pid 20628:tid 20628] [client 195.63.18.11:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "guitarwisdom.com"] [uri "/.env.local"] [unique_id "aihYMRdJDFedVmyMO_5OGAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-09 00:07:24 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-06 11:05:44 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-05 01:05:17 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-04 21:59:26 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-04	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-03 18:05:51 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇩🇪 Lino Project	2026-06-03 11:18:41 (2 weeks ago)	195.63.18.11 - - [03/Jun/2026:13:18:39 +0200] "GET /.env.local HTTP/2.0" 403 253 "-" "Mozilla/5.0 (X ... show more 195.63.18.11 - - [03/Jun/2026:13:18:39 +0200] "GET /.env.local HTTP/2.0" 403 253 "-" "Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/ Firefox/3.6.15" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-11 12:01:42 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.18.11 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 195.63.18.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 08:01:34.827184 2026] [security2:error] [pid 5015:tid 5015] [client 195.63.18.11:30868] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.centrodentalsindolor.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.centrodentalsindolor.com"] [uri "/wp-login.php"] [unique_id "abFZnu1FEmaM7axWvS312QAAAA8"], referer: https://centrodentalsindolor.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.230

🇺🇸 138.197.26.254

🇨🇳 220.184.187.38

🇭🇰 219.78.170.126

🇺🇸 164.92.71.124

🇺🇸 159.223.172.163

🇪🇸 79.117.180.187

🇨🇳 59.61.184.197

🇩🇪 45.135.194.113

🇺🇸 34.48.35.220

🇬🇧 193.176.29.30

🇮🇳 150.107.190.162

🇫🇮 147.185.133.58

🇺🇸 64.62.197.84

🇩🇿 41.100.220.82

🇺🇸 40.124.174.245

🇺🇸 20.124.82.131

🇺🇸 20.15.201.64

🇩🇪 94.26.106.80

🇨🇦 85.217.149.23