JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 72.63.18.227

72.63.18.227 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 13%: ?

13%

ISP	UAB code200
Usage Type	Data Center/Web Hosting/Transit
ASN	AS30058
Domain Name	code200.global
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 72.63.18.227

Whois 72.63.18.227

IP Abuse Reports for 72.63.18.227:

This IP address has been reported a total of 4 times from 2 distinct sources. 72.63.18.227 was first reported on May 26th 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-12 18:35:33 (19 hours ago)	[Sat Jun 13 01:35:29.229917 2026] [security2:error] [pid 241229:tid 140091866470080] [client 72.63.1 ... show more [Sat Jun 13 01:35:29.229917 2026] [security2:error] [pid 241229:tid 140091866470080] [client 72.63.18.227:48336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.bmkg.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.bmkg.go.id found within REQUEST_HEADERS:Referer: https://www.bmkg.go.id/ request_line = GET / HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/"] [unique_id "aixRcaFCTbosRCMC2HociwAAgwE"], referer https://www.bmkg.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[241240] [rj2wvVIL58o] [aixRcaFCTbosRCMC2HociwAAgwE] keep_alive=[1] [2026-06-13 01:35:29.229921] [R:aixRcaFCTbosRCMC2HociwAAgwE] UA:'Mozilla/5.0 (Linux; Android 14; Pixel 6 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.119 Mobile Safari/537.36 OPR/81.2.4292.78581' Host:'staklim-jatim.bmkg.go ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-06-05 05:08:57 (1 week ago)	[Fri Jun 05 12:08:54.219400 2026] [security2:error] [pid 743010:tid 140063386769088] [client 72.63.1 ... show more [Fri Jun 05 12:08:54.219400 2026] [security2:error] [pid 743010:tid 140063386769088] [client 72.63.18.227:56570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yahoo.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yahoo.go.id found within REQUEST_HEADERS:Referer: https://www.yahoo.go.id/ request_line = GET /index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/informasi-iklim/buletin-1/buletin-informasi-iklim-dan-lingkungan"] [unique_id "aiJZ5kX8xbzFcPwWerG-wwABAwA"], referer https://www.yahoo.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[743011] [03k5qDqzLRs] [aiJZ5kX8xbzFcPwWerG-wwABAwA] keep_alive=[1] [2026-06-05 12:08:54.219415] [R:aiJZ5kX8xbzFcPwWerG-wwABAwA] UA:'Mozilla/5.0 (iPhone; CP ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-05-27 01:46:29 (2 weeks ago)	[Wed May 27 08:46:29.046856 2026] [security2:error] [pid 394406:tid 139875706701504] [client 72.63.1 ... show more [Wed May 27 08:46:29.046856 2026] [security2:error] [pid 394406:tid 139875706701504] [client 72.63.18.227:54174] ModSecurity: Access denied with code 403 (phase 1). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "815"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: GET found within REQUEST_HEADERS: 1 request_line = GET /index.php/profil/meteorologi/list-all-categories HTTP/2.0 Request URI RAW = /index.php/profil/meteorologi/list-all-categories Request Basename = list-all-categories"] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [hostname ... show less	Email Spam Hacking
🇸🇬 mypatricks	2026-05-26 23:33:23 (2 weeks ago)	72.63.18.227 \| Port: 10504 \| DNS: 72.63.18.227 2026-05-27T07:33:22+08:00 America/New_York \| Bad Beha ... show more 72.63.18.227 \| Port: 10504 \| DNS: 72.63.18.227 2026-05-27T07:33:22+08:00 America/New_York \| Bad Behavior Activity \| UA: Mozilla/5.0 (Linux; Android 14; Pixel 6 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.119 Mobile Safari/537.36 OPR/81.2.4292.78581 HTTP/1.1 443 GET \| URL: /jelly-cakes-double-fishes/?sei=vy0WapiiM4nOwt0P6IbpoQU \| Ref: - \| Country: US/United States/-08:00 IP City: Ashburn Android Mobile a020959cab4207dd-IAD/Ashburn, VA, United States 1 hits/0 secs Robots 2 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 61.219.156.91

🇺🇸 40.124.175.174

🇷🇺 193.164.150.141

🇭🇰 152.32.254.89

🇮🇩 103.149.176.34

🇱🇾 102.213.229.240

🇨🇳 101.34.69.37

🇯🇵 92.113.142.203

🇺🇸 70.120.203.193

🇫🇷 62.84.186.183

🇬🇧 57.129.133.221

🇭🇰 23.91.97.170

🇺🇸 2600:1900:4120:e3fb:0:75::

🇳🇱 193.176.31.231

🇩🇪 192.109.200.220

🇺🇸 184.105.247.247

🇨🇳 180.76.245.60

🇺🇸 96.227.207.146

🇫🇮 95.217.17.79

🇧🇬 94.155.124.98