JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.207.41.213

109.207.41.213 was found in our database!

This IP was reported 113 times. Confidence of Abuse is 77%: ?

77%

ISP	TRUF d.o.o.
Usage Type	Fixed Line ISP
ASN	AS52026
Domain Name	kbcnet.rs
Country	🇷🇸 Serbia
City	Ovca, Central Serbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.207.41.213

Whois 109.207.41.213

IP Abuse Reports for 109.207.41.213:

This IP address has been reported a total of 113 times from 60 distinct sources. 109.207.41.213 was first reported on June 10th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 D3monite	2026-06-17 07:50:00 (3 days ago)	Attempted Brute Force (dovecot)	Brute-Force
🇷🇴 INTEQ	2026-06-16 06:32:31 (4 days ago)	Brute force attack from 109.207.41.213	Brute-Force
🇧🇷 dominioz	2026-06-15 07:15:02 (5 days ago)	109.207.41.213 [0B8C] 04:14:57 Authentication [IMAP] - Result=0, [email protected] ... show more 109.207.41.213 [0B8C] 04:14:57 Authentication [IMAP] - Result=0, [email protected], Method=0 109.207.41.213 [0B8C] 04:15:01 Authentication [IMAP] - Result=0, [email protected], Method=0 ... show less	Brute-Force
🇺🇸 vestibtech	2026-06-14 22:38:03 (5 days ago)	2026-06-14T16:38:02.730394-06:00 Host-KLAX-C dovecot[1147]: imap-login: Disconnected: Connection clo ... show more 2026-06-14T16:38:02.730394-06:00 Host-KLAX-C dovecot[1147]: imap-login: Disconnected: Connection closed (auth failed, 3 attempts in 15 secs): user=<[email protected]>, method=PLAIN, rip=109.207.41.213, lip=185.198.26.44, TLS, session=<xYDsWz5U1NxtzynV> ... show less	Brute-Force
Anonymous	2026-06-14 21:22:01 (5 days ago)	2026-06-14T23:22:01.119558+02:00 soli-gate cyrus/imaps[466032]: badlogin: [109.207.41.213] plaintext ... show more 2026-06-14T23:22:01.119558+02:00 soli-gate cyrus/imaps[466032]: badlogin: [109.207.41.213] plaintext ([email protected]) [SASL(-13): authentication failure: checkpass failed] ... show less	Brute-Force
🇧🇷 dominioz	2026-06-13 00:08:17 (1 week ago)	109.207.41.213 [23A8] 21:07:31 Authentication [IMAP] - Result=0, [email protected] ... show more 109.207.41.213 [23A8] 21:07:31 Authentication [IMAP] - Result=0, [email protected], Method=0 109.207.41.213 [23A8] 21:07:35 Authentication [IMAP] - Result=0, [email protected], Method=0 109.207.41.213 [23A8] 21:07:39 Authentication [IMAP] - Result=0, [email protected], Method=0 ... show less	Brute-Force
🇺🇸 kosada.com	2026-06-11 19:47:19 (1 week ago)	IMAP password guessing	Brute-Force
🇺🇸 etu brutus	2026-06-07 22:31:25 (1 week ago)	109.207.41.213 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇩🇪 ksol-hostmaster	2026-06-06 22:22:08 (1 week ago)	Jun 7 00:22:07 ksol dovecot[791]: auth-worker(26138): conn unix:auth-worker (uid=143): auth-worker< ... show more Jun 7 00:22:07 ksol dovecot[791]: auth-worker(26138): conn unix:auth-worker (uid=143): auth-worker<4>: sql(anonymized@email,109.207.41.213,<dwYvNZ1TvtttzynV>): unknown user (given password: I-AM-A-SUCKER-USING-A-WRONG-PASSWORD) ... show less	Brute-Force
🇩🇪 Tamsy	2026-06-05 10:19:02 (2 weeks ago)	SMTP - Brute-force attack	Brute-Force
🇩🇪 FeG Deutschland	2026-06-04 21:08:02 (2 weeks ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇦🇺 FireGuard Server	2026-06-03 22:30:14 (2 weeks ago)	Blocked by OPNsense firewall; 3 hits, proto=tcp, ports=143	Port Scan Hacking
🇩🇪 filstal.org	2026-06-01 04:40:59 (2 weeks ago)	Brute-force/Enumeration: Multiple login attempts for non-existent mail accounts (Honeytrap).	Email Spam Brute-Force
Anonymous	2026-05-30 19:40:45 (2 weeks ago)	(imapd) Failed IMAP login from 109.207.41.213 (RS/Serbia/-/-/-)	Brute-Force
🇬🇧 adnscom.net	2026-05-30 16:30:59 (2 weeks ago)	IPS trigger: IMAP scanning/attack	Brute-Force Port Scan Hacking

Showing 1 to 15 of 113 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.108.174.4

🇳🇱 81.19.216.70

🇺🇸 66.132.172.145

🇺🇸 44.188.57.34

🇬🇧 35.203.211.129

🇵🇱 194.180.49.217

🇨🇳 125.39.93.73

🇧🇬 79.124.59.78

🇳🇱 45.198.224.138

🇺🇸 44.241.154.126

🇯🇵 20.243.208.191

🇯🇵 8.216.5.114

🇩🇪 5.252.153.10

🇮🇷 2.180.32.104

🇷🇴 2.57.122.238

🇺🇸 2607:f8b0:4023:1004::12a

🇺🇸 198.46.134.148

🇬🇧 188.240.59.25

🇨🇴 179.32.33.161

🇺🇸 47.254.43.235