JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.28.49.183

139.28.49.183 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 23%: ?

23%

ISP	Telecom SY
Usage Type	Fixed Line ISP
ASN	AS216472
Domain Name	highspeed-sy.com
Country	🇸🇾 Syrian Arab Republic
City	Aleppo, Aleppo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.28.49.183

Whois 139.28.49.183

IP Abuse Reports for 139.28.49.183:

This IP address has been reported a total of 22 times from 20 distinct sources. 139.28.49.183 was first reported on December 1st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 A000Z	2026-05-27 09:00:42 (2 weeks ago)	Fail2Ban: 139.28.49.183 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5. ... show more Fail2Ban: 139.28.49.183 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36 show less	Bad Web Bot
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 9c411121-8fd1-46b8-8a52-8723b89f4b10	DDoS Attack
🇺🇸 ipblock.com	2026-05-10 12:20:00 (1 month ago)	IPBlock protected site ID [1365-l]. Rogue crawler, does not respect robots.txt	Bad Web Bot
🇨🇳 ThreatBook.io	2026-05-03 00:04:59 (1 month ago)	ThreatBook Intelligence: Zombie,Mobile more details on https://threatbook.io/ip/139.28.49.183	SSH
🇺🇸 MPL	2026-05-01 19:06:58 (1 month ago)	tcp/23	Port Scan
🇩🇪 Hazzard	2026-04-07 17:28:45 (2 months ago)	139.28.49.183 (TR/Türkiye/-/-/-/[redacted]	Brute-Force
🇩🇪 NoaQT	2026-04-05 22:09:51 (2 months ago)	139.28.49.183 - - [05/Apr/2026:17:51:05 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com ... show more 139.28.49.183 - - [05/Apr/2026:17:51:05 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:53:06 +0200] "GET /web/login HTTP/1.1" 499 0 "https://news.prime.io/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:57:37 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:59:52 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.whatsapp.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:18:00:08 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.google.com/" "Mozilla/5.0 (Macintos ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 16:00:08 (2 months ago)	139.28.49.183 - - [05/Apr/2026:17:51:05 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com ... show more 139.28.49.183 - - [05/Apr/2026:17:51:05 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:53:06 +0200] "GET /web/login HTTP/1.1" 499 0 "https://news.prime.io/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:53:06 +0200] "GET /web/login HTTP/1.1" 499 0 "https://news.prime.io/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:57:37 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 139.28.49.183 - - [05/Apr/2026:17:57:37 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.facebook.com/" "Mozilla/5.0 (X11 ... show less	DDoS Attack
🇳🇱 maxxsense	2026-04-01 19:33:48 (2 months ago)	139.28.49.183 (TR/Türkiye/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇮🇹 IRT@Unisi	2026-03-29 06:46:31 (2 months ago)	anomaly:tcp_dst_session,1001>threshold1000,repeats2312timessincelastlog	DDoS Attack
🇺🇸 kosada.com	2026-03-12 10:19:12 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇨🇭 backslash	2026-03-08 03:12:01 (3 months ago)	block ruleset SQL-Injections with typical fingerprints FD77349DE692F8D05B4EE282DE6A5198C42AB90F	SQL Injection
🇪🇸 el-brujo	2026-03-01 00:16:17 (3 months ago)	Cloudflare WAF: Request Path: /hacking/curso-completo-de-hacking-etico/msg2255366%27%29%2C%28CAST%28 ... show more Cloudflare WAF: Request Path: /hacking/curso-completo-de-hacking-etico/msg2255366%27%29%2C%28CAST%28%27~%27%7C%7C%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%285174=5174%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FELSE%2F%2A%2A%2F0%2F%2A%2A%2FEND%29%29::text%7C%7C%27~%27%2F%2A%2A%2FAS%2F%2A%2A%2FNUMERIC%29%29--%20-/ Request Query: ?PHPSESSID=0b0iidtss66g8idflk5a2uap7r Host: forum.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: HS-SYR Country: SY Method: GET Timestamp: 2026-03-01T00:16:17Z ruleId: 6ec5ecf52c094330aff99a38743e66b1. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇫🇷 pyrogoto	2026-02-28 18:14:04 (3 months ago)	Attempting SQL code injection on url parameters : 0'/!50000AND/GTID_SUBSET(/!50000CONCAT/(%27~%2 ... show more Attempting SQL code injection on url parameters : 0'/!50000AND/GTID_SUBSET(/!50000CONCAT/(%27~%27,(/!50000SELECT/(ELT(1249=1249,1))),%27~%27),1249)-- - show less	SQL Injection
🇵🇱 cheatmaster.store	2026-02-25 23:23:35 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: Syria Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 115.127.180.98

🇷🇺 90.150.172.17

🇫🇷 85.217.140.13

🇪🇹 196.188.187.59

🇺🇸 71.6.241.168

🇫🇷 45.81.243.62

🇳🇱 34.178.86.210

🇪🇸 196.196.150.6

🇻🇳 113.163.64.166

🇷🇴 92.118.39.236

🇺🇸 91.230.168.134

🇿🇦 41.181.156.205

🇮🇳 36.50.167.81

🇭🇰 218.190.8.165

🇹🇭 159.192.144.204

🇺🇸 150.136.214.177

🇨🇳 117.69.235.236

🇺🇸 107.174.153.85

🇻🇳 103.69.193.110

🇧🇩 103.65.240.34