JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.63.8.243

5.63.8.243 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 0%: ?

ISP	Faraso Samaneh Pasargad Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS57497
Hostname(s)	server20.nikan.co
Domain Name	faraso.org
Country	🇮🇷 Iran (Islamic Republic of)
City	Pasargad, Fars

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.63.8.243

Whois 5.63.8.243

IP Abuse Reports for 5.63.8.243:

This IP address has been reported a total of 41 times from 25 distinct sources. 5.63.8.243 was first reported on October 4th 2021, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2025-01-27 22:15:41 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 15	Exploited Host Web App Attack
🇩🇪 LRob.fr	2025-01-27 21:15:05 (1 year ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 Ba-Yu	2025-01-27 05:07:41 (1 year ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 MAGIC	2025-01-25 18:06:11 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Tha_14	2025-01-23 19:42:02 (1 year ago)	Attempt to log in with non-existing username: test	Bad Web Bot
🇨🇦 polycoda	2025-01-23 19:37:38 (1 year ago)	📄 Probes for wp-login.php and other inexistent URLs	Hacking Web App Attack
🇳🇱 maxxsense	2025-01-23 18:58:51 (1 year ago)	(wordpress) Failed wordpress login from 5.63.8.243 (IR/Iran/server20.nikan.co)	Brute-Force
🇩🇪 LRob.fr	2025-01-23 06:00:16 (1 year ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2025-01-22 19:34:51 (1 year ago)	apache-wordpress-login	Brute-Force Web App Attack
🇫🇷 tecnicorioja	2025-01-06 23:00:19 (1 year ago)	POST /xmlrpc.php [06/Jan/2025:04:38:54	Brute-Force Web App Attack
🇲🇹 Malta	2025-01-05 16:59:08 (1 year ago)	5.63.8.243 - - [05/Jan/2025:17:59:08 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Fedora; ... show more 5.63.8.243 - - [05/Jan/2025:17:59:08 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
Anonymous	2025-01-05 07:18:55 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-01-04 07:45:35 (1 year ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-01-04 07:34:52 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 5.63.8.243 (server20.nikan.co): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 5.63.8.243 (server20.nikan.co): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 04 02:34:45.177687 2025] [security2:error] [pid 25732:tid 25732] [client 5.63.8.243:45036] [client 5.63.8.243] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.medicalpdq.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.medicalpdq.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z3jkldK2kcgnPaSUH-lC6QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 Gem	2024-12-27 13:43:37 (1 year ago)	Unauthorized web scan.	Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.164

🇧🇷 205.210.31.140

🇨🇴 181.234.36.73

🇸🇬 159.89.195.134

🇨🇳 144.123.37.78

🇺🇸 104.243.133.18

🇺🇸 100.29.192.34

🇷🇺 92.100.10.31

🇳🇱 45.148.10.230

🇺🇸 18.211.150.95

🇺🇸 2604:a940:301:225:0:7::

🇰🇷 211.238.237.254

🇺🇸 205.210.31.106

🇺🇸 205.210.31.12

🇯🇵 203.25.124.97

🇲🇽 189.163.72.44

🇺🇸 181.214.13.169

🇺🇸 162.216.149.98

🇯🇵 160.251.233.37

🇸🇬 142.91.102.187