JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2.63.234.138

2.63.234.138 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 85%: ?

85%

ISP	PJSC Rostelecom
Usage Type	Fixed Line ISP
ASN	AS201776
Domain Name	rt.ru
Country	🇺🇦 Ukraine
City	Donetsk, Donetsk

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2.63.234.138

Whois 2.63.234.138

IP Abuse Reports for 2.63.234.138:

This IP address has been reported a total of 55 times from 37 distinct sources. 2.63.234.138 was first reported on November 30th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-14 22:28:17 (2 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-13 22:27:59 (3 days ago)		Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-13 09:43:12 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-13 02:52:29 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 2.63.234.138 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 2.63.234.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 22:52:24.443449 2026] [security2:error] [pid 24967:tid 24967] [client 2.63.234.138:52788] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.63.234.138 (+1 hits since last alert)\|jeanniemorrislaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jeanniemorrislaw.com"] [uri "/xmlrpc.php"] [unique_id "aizF6BF6OQQVNXsaLaFaswAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 01:17:20 (4 days ago)	(wordpress) Failed wordpress login from 2.63.234.138 (RU/Russia/-)	Brute-Force
🇬🇧 Apache	2026-06-13 00:50:20 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 2.63.234.138 (UA/Ukraine/-): 5 in the last 300 ... show more (mod_security) mod_security (id:240335) triggered by 2.63.234.138 (UA/Ukraine/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 23:03:55 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 2.63.234.138 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 2.63.234.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 19:03:47.318999 2026] [security2:error] [pid 13779:tid 13803] [client 2.63.234.138:60301] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.63.234.138 (+1 hits since last alert)\|emehache.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "emehache.com"] [uri "/xmlrpc.php"] [unique_id "aiyQU_H4erGtdvIuhVFONQAAAVQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 23:03:35 (4 days ago)		Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-12 22:31:46 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TAY	2026-06-12 19:16:37 (4 days ago)	2.63.234.138 - - [13/Jun/2026:03:15:49 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6363 "-" "Jetpack/12.0 ... show more 2.63.234.138 - - [13/Jun/2026:03:15:49 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6363 "-" "Jetpack/12.0; WordPress/6.3; http://site10899784.com" 2.63.234.138 - - [13/Jun/2026:03:16:12 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6363 "-" "Jetpack/12.0; WordPress/6.1; http://site96898852.com" 2.63.234.138 - - [13/Jun/2026:03:16:36 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6363 "-" "Jetpack by WordPress.com" ... show less	Brute-Force
🇺🇸 Dave Hansen	2026-06-12 17:49:49 (4 days ago)	(wordpress) Failed wordpress login from 2.63.234.138 (UA/Ukraine/-)	Brute-Force
Anonymous	2026-06-12 09:40:40 (4 days ago)	Attac	Brute-Force
🇫🇷 masterguru	2026-06-12 01:39:28 (5 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 01:15:55 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 2.63.234.138 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 2.63.234.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:15:48.537333 2026] [security2:error] [pid 1661:tid 1661] [client 2.63.234.138:52652] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 2.63.234.138 (+1 hits since last alert)\|zerotaxlab.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "zerotaxlab.com"] [uri "/xmlrpc.php"] [unique_id "aitdxOQ1GbLDVqWVeqopoQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-11 22:26:56 (5 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-geofence-sus.	Bad Web Bot Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 197.153.57.103

🇨🇱 136.248.247.188

🇺🇸 193.19.109.77

🇦🇪 139.185.46.127

🇧🇩 103.179.198.19

🇮🇩 103.139.193.223

🇳🇱 91.229.105.132

🇳🇱 85.11.167.7

🇺🇸 64.62.197.54

🇺🇸 40.124.173.115

🇧🇪 34.79.189.93

🇺🇸 208.84.100.109

🇳🇱 176.65.149.67

🇳🇱 176.65.139.56

🇨🇦 142.44.247.134

🇨🇳 122.96.28.121

🇨🇳 117.132.5.139

🇵🇰 101.53.229.21

🇺🇸 91.230.168.116

🇷🇴 80.94.92.178