JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.189.209.21

1.189.209.21 was found in our database!

This IP was reported 493 times. Confidence of Abuse is 13%: ?

13%

ISP	China Unicom Heilongjiang province network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Harbin, Heilongjiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.189.209.21

Whois 1.189.209.21

IP Abuse Reports for 1.189.209.21:

This IP address has been reported a total of 493 times from 160 distinct sources. 1.189.209.21 was first reported on August 20th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 avgsmoe	2026-06-07 23:37:53 (2 weeks ago)	REPEAT offender. Observed 3400 times.	Port Scan Brute-Force
🇨🇭 YF	2026-05-17 20:32:56 (1 month ago)	Pays blacklisté (CN)	Brute-Force Web App Attack
🇺🇸 avgsmoe	2026-05-16 20:59:05 (1 month ago)	REPEAT offender. Observed 1334 times.	Port Scan Brute-Force
🇮🇳 evicky2002	2026-04-30 13:02:46 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇩🇪 Paul Smith	2026-04-16 13:03:16 (2 months ago)	Email Auth Brute force attack 4/4 in last day	Brute-Force
🇸🇰 KZP	2026-04-15 19:00:05 (2 months ago)	Automatic report from KZP firewall log.	Port Scan Hacking Brute-Force
🇸🇪 triplecode	2026-04-15 13:51:02 (2 months ago)	Reported from hMailServer	Email Spam
🇩🇪 Paul Smith	2026-04-15 13:02:30 (2 months ago)	Email Auth Brute force attack 5/5 in last day	Brute-Force
🇩🇪 FeG Deutschland	2026-04-15 12:46:03 (2 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇩🇪 EGP Abuse Dept	2026-04-15 12:30:00 (2 months ago)	SMTP AUTH attack	Brute-Force
Anonymous	2026-04-15 05:25:32 (2 months ago)	IMAP password guessing	Brute-Force
🇹🇭 thaizone.com	2026-04-15 02:33:51 (2 months ago)	Mail credential brute-force attack (SM5) #2	Email Spam Brute-Force
🇺🇦 MakselPr	2026-04-14 23:29:49 (2 months ago)	Apr 14 10:15:38 mail postfix/smtps/smtpd[1918627]: warning: unknown[1.189.209.21]: SASL LOGIN authen ... show more Apr 14 10:15:38 mail postfix/smtps/smtpd[1918627]: warning: unknown[1.189.209.21]: SASL LOGIN authentication failed: (reason unavailable), [email protected] Apr 15 02:29:49 mail postfix/smtps/smtpd[2068036]: warning: unknown[1.189.209.21]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	Brute-Force
🇺🇸 chrisj	2026-04-14 17:22:45 (2 months ago)	2026-04-14T17:22:45.321292+00:00 aws postfix/smtps/smtpd[198956]: warning: unknown[1.189.209.21]: SA ... show more 2026-04-14T17:22:45.321292+00:00 aws postfix/smtps/smtpd[198956]: warning: unknown[1.189.209.21]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=mailer-daemon 2026-04-14T17:22:45.476535+00:00 aws postfix/smtps/smtpd[198956]: lost connection after AUTH from unknown[1.189.209.21] 2026-04-14T17:22:45.476631+00:00 aws postfix/smtps/smtpd[198956]: disconnect from unknown[1.189.209.21] ehlo=1 auth=0/1 commands=1/2 ... show less	Brute-Force
🇬🇧 cticom.ms	2026-04-14 17:18:46 (2 months ago)	Email Auth Brute force attack 3/3 in last day	Brute-Force

Showing 1 to 15 of 493 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.21

🇨🇴 179.32.200.247

🇭🇰 152.32.252.94

🇫🇮 147.185.133.173

🇫🇮 147.185.133.14

🇩🇪 69.5.169.152

🇺🇸 52.180.146.167

🇳🇱 45.148.10.147

🇸🇬 43.160.214.230

🇰🇷 43.155.214.159

🇺🇸 20.98.166.120

🇩🇴 200.88.152.165

🇺🇸 195.184.76.46

🇳🇱 192.109.200.78

🇷🇴 141.98.83.240

🇲🇽 140.84.190.45

🇰🇷 115.160.96.109

🇨🇦 72.251.5.158

🇺🇸 64.62.156.20

🇹🇭 49.48.109.35