JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.28.190.200

139.28.190.200 was found in our database!

This IP was reported 172 times. Confidence of Abuse is 70%: ?

70%

ISP	AVATEL TELECOM, SA
Usage Type	Fixed Line ISP
ASN	AS200845
Domain Name	avatel.es
Country	🇪🇸 Spain
City	Malagon, Castille-La Mancha

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.28.190.200

Whois 139.28.190.200

IP Abuse Reports for 139.28.190.200:

This IP address has been reported a total of 172 times from 71 distinct sources. 139.28.190.200 was first reported on August 26th 2022, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-10-03 20:09:09 (8 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇨🇦 Mediashaker	2025-10-03 04:08:00 (8 months ago)	(pop3d) Failed POP3 login from 139.28.190.200 (-)	Brute-Force
Anonymous	2025-10-02 21:15:57 (8 months ago)	(imapd) Failed IMAP login from 139.28.190.200 (-): 2 in the last 3600 secs; Ports: ; Direction: ino ... show more (imapd) Failed IMAP login from 139.28.190.200 (-): 2 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: Oct 2 14:15:53 srv8 dovecot[342849]: imap-login: Login aborted: Connection closed (auth failed, 2 attempts in 13 secs) (auth_failed): user=<e1onb4x-007qaq-2n>, method=PLAIN, rip=139.28.190.200, lip=104.37.168.247, TLS, session=<AsetfDNAsq6LHL7I> show less	Brute-Force
🇺🇸 Rocky Mountain Bioengineering Symposium	2025-10-02 17:51:13 (8 months ago)	Oct 2 11:51:13 KORD-B dovecot: imap-login: Disconnected: Connection closed (auth failed, 3 attempts ... show more Oct 2 11:51:13 KORD-B dovecot: imap-login: Disconnected: Connection closed (auth failed, 3 attempts in 15 secs): user=<vb>, method=PLAIN, rip=139.28.190.200, lip=134.195.88.122, TLS, session=<SPeqoDBAB5yLHL7I> ... show less	Brute-Force
Anonymous	2025-09-29 04:30:49 (8 months ago)	Failed login attempt detected by Fail2Ban in recidive jail	Brute-Force
🇫🇷 Pycrolis	2025-09-28 10:56:46 (8 months ago)	SMTP - Brute Force	Brute-Force
🇩🇪 itak	2025-09-26 01:01:19 (8 months ago)	IMAP SASL Brute-Force Attack	Port Scan Hacking Brute-Force
🇩🇪 itak	2025-09-23 03:44:32 (8 months ago)	IMAP SASL Brute-Force Attack	Port Scan Hacking Brute-Force
🇺🇸 vestibtech	2025-09-23 02:55:07 (8 months ago)	Sep 22 20:55:07 Host-KLAX-C dovecot: imap-login: Disconnected (auth failed, 3 attempts in 15 secs): ... show more Sep 22 20:55:07 Host-KLAX-C dovecot: imap-login: Disconnected (auth failed, 3 attempts in 15 secs): user=<[email protected]>, method=PLAIN, rip=139.28.190.200, lip=185.198.26.44, TLS, session=<QypgD28/atyLHL7I> ... show less	Brute-Force
Anonymous	2025-09-20 16:02:08 (8 months ago)	Failed IMAP login	Hacking Brute-Force
🇦🇺 AWW-Admin	2025-09-12 17:27:03 (8 months ago)	(imapd) Failed IMAP login from 139.28.190.200 (-)	Brute-Force
🇨🇿 Honzas	2025-09-07 12:18:19 (8 months ago)	Automatic report:07.09.2025 12:18:19. Port:143	Brute-Force
🇨🇿 Honzas	2025-09-07 10:20:49 (8 months ago)	Brute Force Pop/IMAP AUTH Attack	Brute-Force
Anonymous	2025-09-04 12:45:54 (8 months ago)	2025-09-04T14:45:53.459449+02:00 soli-gate cyrus/imaps[1635021]: badlogin: [139.28.190.200] plaintex ... show more 2025-09-04T14:45:53.459449+02:00 soli-gate cyrus/imaps[1635021]: badlogin: [139.28.190.200] plaintext ([email protected]) [SASL(-13): authentication failure: checkpass failed] ... show less	Brute-Force
🇬🇧 gtabomber	2025-08-31 20:22:56 (9 months ago)	2025-08-31T21:22:39.852449 espaceonline.co.uk auth[11571]: pam_unix(dovecot:auth): authentication fa ... show more 2025-08-31T21:22:39.852449 espaceonline.co.uk auth[11571]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=chris rhost=139.28.190.200 2025-08-31T21:22:41.657171 espaceonline.co.uk dovecot[5130]: auth-worker(11571): pam(chris,139.28.190.200,<5LrwA6890oOLHL7I>): unknown user (given password: panafonic21) 2025-08-31T21:22:51.767382 espaceonline.co.uk auth[11507]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=chris rhost=139.28.190.200 ... show less	Brute-Force SSH

Showing 136 to 150 of 172 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 65.49.1.100

🇺🇸 216.73.163.40

🇺🇸 209.239.45.150

🇧🇪 198.235.24.129

🇺🇸 172.190.13.234

🇩🇪 69.5.169.36

🇺🇸 68.39.211.69

🇺🇸 66.132.172.97

🇺🇸 64.95.9.234

🇲🇾 49.124.152.12

🇲🇾 49.124.151.54

🇲🇾 49.124.148.19

🇸🇬 47.128.116.243

🇳🇱 45.153.34.235

🇨🇭 45.95.232.35

🇩🇿 41.96.160.53

🇮🇶 37.238.37.149

🇨🇳 1.83.125.193

🇺🇸 2600:3c02::2000:51ff:fe18:1a6c

🇺🇿 213.230.93.54