JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.63.239.143

194.63.239.143 was found in our database!

This IP was reported 1,117 times. Confidence of Abuse is 100%: ?

100%

ISP	Greek School Network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8248
Hostname(s)	webhost3.sch.gr
Domain Name	sch.gr
Country	🇬🇷 Greece
City	Athens, Attica

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.63.239.143

Whois 194.63.239.143

IP Abuse Reports for 194.63.239.143:

This IP address has been reported a total of 1,117 times from 208 distinct sources. 194.63.239.143 was first reported on October 21st 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 07:44:28 (6 hours ago)	[Wed Jun 17 09:44:26.583953 2026] [authz_core:error] [pid 97318:tid 97368] [client 194.63.239.143:49 ... show more [Wed Jun 17 09:44:26.583953 2026] [authz_core:error] [pid 97318:tid 97368] [client 194.63.239.143:49456] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php [Wed Jun 17 09:44:26.723071 2026] [authz_core:error] [pid 97318:tid 97369] [client 194.63.239.143:49456] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php, referer: https://pre.cimt-precision.de/wp-login.php [Wed Jun 17 09:44:26.723071 2026] [authz_core:error] [pid 97318:tid 97369] [client 194.63.239.143:49456] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php, referer: https://pre.cimt-precision.de/wp-login.php ... show less	Brute-Force Web App Attack
Anonymous	2026-06-17 07:33:13 (6 hours ago)	(PERMBLOCK) 194.63.239.143 (GR/Greece/webhost3.sch.gr) has had more than 4 temp blocks	Hacking
🇦🇺 FSB.ru - Is it?	2026-06-17 07:12:01 (7 hours ago)	Brute force login for honeypot user accounts	Brute-Force Web App Attack
🇨🇦 KIsmay	2026-06-17 07:02:36 (7 hours ago)	Jun 17 02:31:21 www4 WPAudit[2227089]: 194.63.239.143 www.bestnelson.org "Mozilla/5.0 (X11; Fedora; ... show more Jun 17 02:31:21 www4 WPAudit[2227089]: 194.63.239.143 www.bestnelson.org "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" sbd-admin:sbd-admin38 FAIL Jun 17 02:40:55 www4 WPAudit[2228168]: 194.63.239.143 www.lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" sbd-admin:sbdadmin19 FAIL Jun 17 02:54:47 www4 WPAudit[2230020]: 194.63.239.143 amandasrestaurant.ca "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" gina:Gina@2018 FAIL Jun 17 02:59:34 www4 WPAudit[2228552]: 194.63.239.143 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ncs-admin:Ncsadmin@123456 FAIL Jun 17 03:02:35 www4 WPAudit[2228596]: 194.63.239.143 www.servicesfyi.ca "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 S ... show less	Brute-Force Web App Attack
Anonymous	2026-06-17 07:00:44 (7 hours ago)	[Wed Jun 17 07:06:07.663012 2026] [authz_core:error] [pid 97381:tid 97458] [client 194.63.239.143:56 ... show more [Wed Jun 17 07:06:07.663012 2026] [authz_core:error] [pid 97381:tid 97458] [client 194.63.239.143:56018] AH01630: client denied by server configuration: /var/www/wordp/wp-login.php [Wed Jun 17 07:06:07.883072 2026] [authz_core:error] [pid 97381:tid 97440] [client 194.63.239.143:56018] AH01630: client denied by server configuration: /var/www/wordp/wp-login.php, referer: https://akcurate.de/wp-login.php [Wed Jun 17 09:00:41.829880 2026] [authz_core:error] [pid 97318:tid 97362] [client 194.63.239.143:58732] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php [Wed Jun 17 09:00:43.423899 2026] [authz_core:error] [pid 97318:tid 97351] [client 194.63.239.143:58732] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php, referer: https://pre.cimt-precision.de/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 05:17:25 (8 hours ago)	(mod_security) mod_security (id:225170) triggered by 194.63.239.143 (webhost3.sch.gr): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 194.63.239.143 (webhost3.sch.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 01:17:17.677493 2026] [security2:error] [pid 14038:tid 14038] [client 194.63.239.143:46970] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|velocitymech.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "velocitymech.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajIt3ZNKBosnAEBCVJLGvAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 factor1	2026-06-17 05:16:09 (8 hours ago)	Fail2ban at churndash Reports Abuse.	Brute-Force Web App Attack
🇦🇺 AWW-Admin	2026-06-17 04:49:49 (9 hours ago)	(wordpress) Failed wordpress login from 194.63.239.143 (GR/Greece/webhost3.sch.gr)	Brute-Force
🇪🇸 alferez	2026-06-17 04:46:17 (9 hours ago)	Multiple WP Login Attack	Hacking Exploited Host Web App Attack
🇺🇸 etu brutus	2026-06-17 04:45:08 (9 hours ago)	194.63.239.143 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇺🇸 TAY	2026-06-17 04:35:35 (9 hours ago)	194.63.239.143 - - [17/Jun/2026:12:30:30 +0800] "POST /wp-login.php HTTP/1.1" 200 2677 "https://www. ... show more 194.63.239.143 - - [17/Jun/2026:12:30:30 +0800] "POST /wp-login.php HTTP/1.1" 200 2677 "https://www.littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 194.63.239.143 - - [17/Jun/2026:12:30:58 +0800] "POST /wp-login.php HTTP/1.1" 200 2981 "https://www.autism-cvc.org/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 194.63.239.143 - - [17/Jun/2026:12:35:14 +0800] "POST /wp-login.php HTTP/1.1" 200 2638 "https://athenscross.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" ... show less	Brute-Force
🇫🇷 Yepngo	2026-06-17 04:23:35 (9 hours ago)	194.63.239.143 - - [17/Jun/2026:06:23:34 +0200] "POST /wp-login.php HTTP/2.0" 200 12098 "https://dev ... show more 194.63.239.143 - - [17/Jun/2026:06:23:34 +0200] "POST /wp-login.php HTTP/2.0" 200 12098 "https://dev.yepngo.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 04:17:57 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 194.63.239.143 (webhost3.sch.gr): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 194.63.239.143 (webhost3.sch.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 00:17:49.010742 2026] [security2:error] [pid 30845:tid 30845] [client 194.63.239.143:39760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|test.high5-vr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "test.high5-vr.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajIf7crmEq3l4nmQJz7OEgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-17 04:15:31 (10 hours ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇩🇪 Viveronese	2026-06-17 03:24:24 (10 hours ago)	Wordpress vulnerability scanning	Web App Attack

Showing 1 to 15 of 1117 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.112.192.170

🇩🇪 213.209.159.56

🇺🇸 195.184.76.38

🇺🇸 159.203.140.159

🇬🇧 158.220.86.73

🇧🇬 149.62.236.44

🇨🇳 111.57.85.31

🇺🇦 92.253.214.224

🇫🇷 88.142.46.185

🇧🇷 45.186.103.160

🇸🇬 45.78.198.199

🇸🇬 34.142.239.108

🇺🇸 20.168.116.70

🇻🇪 200.75.154.140

🇹🇭 184.22.246.231

🇫🇷 91.231.89.241

🇮🇷 85.198.19.239

🇺🇸 64.62.156.179

🇫🇷 212.227.27.47

🇨🇱 179.60.65.112