JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.63.111.238

5.63.111.238 was found in our database!

This IP was reported 295 times. Confidence of Abuse is 100%: ?

100%

ISP	JSC Kazakhtelecom
Usage Type	Fixed Line ISP
ASN	AS9198
Domain Name	telecom.kz
Country	🇰🇿 Kazakhstan
City	Aktobe, Aktobe

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.63.111.238

Whois 5.63.111.238

IP Abuse Reports for 5.63.111.238:

This IP address has been reported a total of 295 times from 77 distinct sources. 5.63.111.238 was first reported on January 19th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bellovacorp	2026-06-18 00:03:02 (4 hours ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇫🇷 TheHoneyPotter	2026-06-17 09:56:16 (18 hours ago)	Honeypot [fc-honeypot]: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-Abu ... show more Honeypot [fc-honeypot]: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking
🇳🇱 Nerdscave Hosting	2026-06-17 08:26:23 (19 hours ago)	[SMB Honeypot Report] Timestamp: 2026-06-17 08:26:23 UTC Port: 59243 No credentials captured Attack ... show more [SMB Honeypot Report] Timestamp: 2026-06-17 08:26:23 UTC Port: 59243 No credentials captured Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-17 07:04:53 (21 hours ago)	[SMB Honeypot Report] Timestamp: 2026-06-17 07:04:53 UTC Port: 54331 No credentials captured Attack ... show more [SMB Honeypot Report] Timestamp: 2026-06-17 07:04:53 UTC Port: 54331 No credentials captured Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇦🇹 urnilxfgbez	2026-06-16 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 bellovacorp	2026-06-16 00:22:08 (2 days ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇩🇪 IP Analyzer	2026-06-15 11:30:18 (2 days ago)	Unauthorized connection attempt from IP address 5.63.111.238 on Port 445(SMB)	Port Scan
🇩🇪 Honeypot-EU-Fru	2026-06-15 07:36:04 (2 days ago)	1781508962 - 06/15/2026 09:36:02 Host: 5.63.111.238/5.63.111.238 Port: 445 TCP Blocked ...	Port Scan
🇫🇷 vtchost.com	2026-06-15 07:01:33 (2 days ago)	Jun 15 09:01:33 vtchost kernel: [258188.138117] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:1 ... show more Jun 15 09:01:33 vtchost kernel: [258188.138117] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:2a:b3:08:00 SRC=5.63.111.238 DST=161.97.181.152 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=14635 PROTO=TCP SPT=42067 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 IP Analyzer	2026-06-12 07:30:10 (5 days ago)	Unauthorized connection attempt from IP address 5.63.111.238 on Port 445(SMB)	Port Scan
🇬🇧 gbzret4d	2026-06-11 06:42:49 (6 days ago)	Honeypot [uk-production01]: SMB traffic on port 445	Hacking
🇩🇪 Luhte	2026-06-10 09:15:05 (1 week ago)	Unsolicited TCP connection from 5.63.111.238 to port 0 at 2026-06-10T09:15:05Z. Source IP completed ... show more Unsolicited TCP connection from 5.63.111.238 to port 0 at 2026-06-10T09:15:05Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
🇫🇷 vtchost.com	2026-06-10 07:58:42 (1 week ago)	Jun 10 09:58:42 vtchost kernel: [175241.198451] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:1 ... show more Jun 10 09:58:42 vtchost kernel: [175241.198451] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:2a:b3:08:00 SRC=5.63.111.238 DST=161.97.181.152 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=17009 PROTO=TCP SPT=61653 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 MPL	2026-06-10 07:01:23 (1 week ago)	tcp/445	Port Scan
🇳🇱 knock	2026-06-09 05:10:58 (1 week ago)	Knock-Knock honeypot brute-force: SMB (8 total hits)	Brute-Force

Showing 1 to 15 of 295 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 167.99.197.34

🇩🇪 194.113.233.117

🇵🇹 172.68.103.127

🇵🇹 172.68.103.86

🇮🇳 128.185.212.178

🇩🇪 90.187.250.141

🇷🇴 80.94.92.164

🇬🇧 35.203.211.212

🇸🇬 8.222.252.138

🇺🇸 172.217.96.91

🇺🇸 162.216.150.150

🇺🇸 150.107.38.252

🇺🇸 147.90.234.214

🇭🇰 103.103.245.61

🇯🇵 96.126.130.244

🇳🇱 94.156.33.203

🇧🇬 91.191.209.46

🇳🇱 91.92.40.7

🇺🇸 71.6.240.208

🇺🇸 23.238.82.26