JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.63.18.148

195.63.18.148 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 50%: ?

50%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.63.18.148

Whois 195.63.18.148

IP Abuse Reports for 195.63.18.148:

This IP address has been reported a total of 14 times from 8 distinct sources. 195.63.18.148 was first reported on March 10th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Axel	2026-06-11 10:20:02 (1 hour ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇩🇪 FeG Deutschland	2026-06-10 00:16:12 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack
🇺🇸 mnsf	2026-06-10 00:07:09 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-09 22:00:16 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-09	Web App Attack SSH Hacking
🇩🇪 Lino Project	2026-06-09 13:29:46 (1 day ago)	195.63.18.148 - - [09/Jun/2026:15:29:45 +0200] "GET /.env.production HTTP/1.1" 403 3806 "-" "Mozilla ... show more 195.63.18.148 - - [09/Jun/2026:15:29:45 +0200] "GET /.env.production HTTP/1.1" 403 3806 "-" "Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Lino Project	2026-06-04 19:45:24 (6 days ago)	195.63.18.148 - - [04/Jun/2026:21:45:23 +0200] "GET /.env.production HTTP/1.1" 403 3806 "-" "Mozilla ... show more 195.63.18.148 - - [04/Jun/2026:21:45:23 +0200] "GET /.env.production HTTP/1.1" 403 3806 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15" ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 08:20:05 (1 week ago)	suspicious request in access.log	Web App Attack
🇺🇸 mnsf	2026-06-04 05:06:18 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇫🇮 inlink.ltd	2026-06-04 03:15:51 (1 week ago)	dot file probe	Web App Attack
🇩🇪 FeG Deutschland	2026-06-03 11:33:53 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 05:53:39 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 01:53:31.161192 2026] [security2:error] [pid 19115:tid 19126] [client 195.63.18.148:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mindgardens.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mindgardens.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "agv6278A0NH7i_iVSbn5VAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-12 16:58:24 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 12:58:08.119471 2026] [security2:error] [pid 16701:tid 16701] [client 195.63.18.148:45776] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.nekstlevel.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nekstlevel.com"] [uri "/wp-login.php"] [unique_id "abLwoNj8LZ9AUInGFidPeAAAAAo"], referer: https://www.nekstlevel.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-11 17:10:18 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 13:10:12.105801 2026] [security2:error] [pid 7083:tid 7083] [client 195.63.18.148:60182] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cesmat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cesmat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abGh9M__6vzm-T7l4IIQ3wAAAA4"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 04:31:52 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 195.63.18.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:31:46.464616 2026] [security2:error] [pid 6036:tid 6036] [client 195.63.18.148:15388] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.indiahouseportland.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.indiahouseportland.com"] [uri "/wp-login.php"] [unique_id "aa-esm_Dj4Cjlmfy5SVqjAAAAAg"], referer: https://www.indiahouseportland.com/wp-login.php show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 172.233.92.204

🇬🇧 144.126.205.140

🇸🇬 101.47.27.73

🇨🇳 183.64.251.178

🇺🇸 172.253.93.214

🇳🇬 152.32.140.39

🇨🇳 123.245.84.166

🇨🇭 104.244.76.136

🇭🇺 89.134.210.182

🇬🇧 68.183.38.177

🇨🇳 59.52.179.193

🇨🇳 58.220.39.200

🇬🇧 46.101.95.56

🇨🇳 43.143.98.95

🇵🇰 36.255.33.93

🇮🇳 34.93.128.179

🇨🇳 27.19.239.242

🇨🇳 27.18.170.101

🇰🇷 210.183.21.53

🇬🇧 188.166.169.229