JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.235.59.28

109.235.59.28 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 100%: ?

100%

ISP	Vautron Rechenzentrum AG
Usage Type	Data Center/Web Hosting/Transit
ASN	AS25504
Hostname(s)	mail.portal-genial.com
Domain Name	vautron.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.235.59.28

Whois 109.235.59.28

IP Abuse Reports for 109.235.59.28:

This IP address has been reported a total of 36 times from 28 distinct sources. 109.235.59.28 was first reported on June 15th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-06-19 11:02:08 (2 days ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇮🇹 Inartis	2026-06-19 04:50:12 (2 days ago)	109.235.59.28 - - [19/Jun/2026:06:50:11 +0200] "GET /administrator/components/com_jce/jce.xml HTTP/1 ... show more 109.235.59.28 - - [19/Jun/2026:06:50:11 +0200] "GET /administrator/components/com_jce/jce.xml HTTP/1.1" 302 7681 "-" "SecurityAudit/1.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 findlab	2026-06-19 03:40:01 (2 days ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 SiliSoftware	2026-06-19 02:26:42 (2 days ago)	/plugins/editors/jce/jce.xml	Web App Attack
🇬🇧 Mendip_Defender	2026-06-19 02:16:15 (2 days ago)	109.235.59.28 - - [19/Jun/2026:03:16:05 +0100] "GET /plugins/editors/jce/jce.xml HTTP/1.1" 301 4201 ... show more 109.235.59.28 - - [19/Jun/2026:03:16:05 +0100] "GET /plugins/editors/jce/jce.xml HTTP/1.1" 301 4201 "-" "SecurityAudit/1.0" 109.235.59.28 - - [19/Jun/2026:03:16:08 +0100] "GET /plugins/editors/jce/jce.xml HTTP/1.1" 404 51294 "-" "SecurityAudit/1.0" 109.235.59.28 - - [19/Jun/2026:03:16:09 +0100] "GET /administrator/components/com_jce/jce.xml HTTP/1.1" 301 4214 "-" "SecurityAudit/1.0" ... show less	Hacking Web App Attack
🇫🇷 Flo Flo	2026-06-18 23:16:58 (2 days ago)	109.235.59.28 - - - [19/Jun/2026:01:16:58 +0200] "flad.xyz" "GET /plugins/editors/jce/jce.xml HTTP/1 ... show more 109.235.59.28 - - - [19/Jun/2026:01:16:58 +0200] "flad.xyz" "GET /plugins/editors/jce/jce.xml HTTP/1.1" 444 0 "-" "SecurityAudit/1.0" 0.000 ... show less	Web App Attack
🇩🇪 Vegascosmetics	2026-06-18 21:10:28 (2 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇬🇧 AvonleaConsulting	2026-06-18 20:03:17 (2 days ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇩🇪 expandmade.com	2026-06-18 18:08:04 (2 days ago)	trolling for installation vulnerabilities [18/Jun/2026:18:08:04 "GET /plugins/editors/jce/jce.xml"]	Web App Attack
🇳🇱 Godert Jan van Manen	2026-06-18 14:30:29 (2 days ago)	Jun 18 16:27:46 odin dovecot: auth-worker(3431): sql([email protected],109.235.59.28,<ypDf+odUiKx ... show more Jun 18 16:27:46 odin dovecot: auth-worker(3431): sql([email protected],109.235.59.28,<ypDf+odUiKxt6zsc>): unknown user Jun 18 16:27:48 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=109.235.59.28, lip=178.162.131.122, session=<ypDf+odUiKxt6zsc> Jun 18 16:28:16 odin dovecot: auth-worker(3431): sql([email protected],109.235.59.28,<yGuq/IdUwu1t6zsc>): unknown user Jun 18 16:28:18 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=109.235.59.28, lip=178.162.131.122, session=<yGuq/IdUwu1t6zsc> Jun 18 16:30:28 odin dovecot: auth-worker(3431): sql([email protected],109.235.59.28,<SoyHBIhUys5t6zsc>): unknown user show less	Brute-Force
🇩🇪 ecs.ge	2026-06-18 14:08:26 (2 days ago)	Automatic Fail2Ban report from jail plesk-dovecot: multiple matching events detected.	Brute-Force
🇸🇬 drewf.ink	2026-06-18 14:03:43 (2 days ago)	[14:03] Port scanning. Port(s) scanned: TCP/110	Port Scan
🇳🇱 Godert Jan van Manen	2026-06-18 13:53:37 (2 days ago)	Jun 18 15:45:01 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<9E/7YYd ... show more Jun 18 15:45:01 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<9E/7YYdUOOpt6zsc>): unknown user Jun 18 15:45:03 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=109.235.59.28, lip=178.162.131.122, session=<9E/7YYdUOOpt6zsc> Jun 18 15:46:56 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<1WfTaIdU1pVt6zsc>): unknown user Jun 18 15:46:58 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=109.235.59.28, lip=178.162.131.122, session=<1WfTaIdU1pVt6zsc> Jun 18 15:53:37 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<6MC9gIdUCOJt6zsc>): unknown user show less	Brute-Force
🇧🇷 dominioz	2026-06-18 12:24:54 (2 days ago)	109.235.59.28 [1D00] 05:49:44 Authentication [POP3] - Result=0, [email protected], M ... show more 109.235.59.28 [1D00] 05:49:44 Authentication [POP3] - Result=0, [email protected], Method=0 109.235.59.28 [2E54] 07:00:36 Authentication [POP3] - Result=0, [email protected], Method=0 109.235.59.28 [2B94] 09:24:51 Authentication [POP3] - Result=0, [email protected], Method=0 ... show less	Brute-Force
🇳🇱 Godert Jan van Manen	2026-06-18 11:46:13 (3 days ago)	Jun 18 13:37:47 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<hfTzmoVUZs5t ... show more Jun 18 13:37:47 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<hfTzmoVUZs5t6zsc>): unknown user Jun 18 13:37:49 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=109.235.59.28, lip=178.162.131.122, session=<hfTzmoVUZs5t6zsc> Jun 18 13:43:02 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<lt+5rYVU5MRt6zsc>): unknown user Jun 18 13:43:04 odin dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=PLAIN, rip=109.235.59.28, lip=178.162.131.122, session=<lt+5rYVU5MRt6zsc> Jun 18 13:46:12 odin dovecot: auth-worker(20585): sql([email protected],109.235.59.28,<tjwSuYVUjpVt6zsc>): unknown user show less	Brute-Force

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.17

🇻🇳 171.231.195.144

🇺🇸 143.137.167.105

🇷🇺 94.230.136.33

🇺🇸 65.49.1.216

🇨🇳 42.224.191.240

🇬🇧 35.203.210.233

🇺🇸 2607:f8b0:4004:1001::126

🇨🇳 222.138.118.196

🇫🇮 178.20.210.152

🇫🇮 147.185.133.39

🇮🇳 136.233.167.11

🇸🇬 103.250.11.156

🇩🇪 45.135.193.193

🇩🇪 213.209.159.236

🇷🇺 213.180.203.95

🇦🇷 190.245.146.99

🇫🇷 185.208.207.227

🇧🇴 181.188.148.74

🇨🇳 36.144.74.33