JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 140.228.21.81

140.228.21.81 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities NA LLC
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	iana.org
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 140.228.21.81

Whois 140.228.21.81

IP Abuse Reports for 140.228.21.81:

This IP address has been reported a total of 26 times from 17 distinct sources. 140.228.21.81 was first reported on February 14th 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Sparxx	2026-03-25 12:22:53 (3 months ago)	2026-03-25T13:22:44.658179+01:00 srv postfix/submission/smtpd[1157663]: lost connection after CONNEC ... show more 2026-03-25T13:22:44.658179+01:00 srv postfix/submission/smtpd[1157663]: lost connection after CONNECT from unknown[140.228.21.81] 2026-03-25T13:22:47.485945+01:00 srv postfix/submission/smtpd[1157663]: warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: (reason unavailable), [email protected] 2026-03-25T13:22:53.225095+01:00 srv postfix/submission/smtpd[1157663]: warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	Brute-Force
🇧🇷 KingHost	2026-03-25 11:47:05 (3 months ago)		Brute-Force
🇫🇷 UM3	2026-03-25 11:29:07 (3 months ago)	Exim Auth Failed	Brute-Force
🇺🇸 bigscoots.com	2026-03-25 10:55:03 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 140.228.21.81 (CA/Canada/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 140.228.21.81 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-03-25 06:54:39 dovecot_plain authenticator failed for H=([10.12.18.95]) [140.228.21.81]:58958: 535 Incorrect authentication data ([email protected]) 2026-03-25 06:54:45 dovecot_login authenticator failed for H=([10.12.18.95]) [140.228.21.81]:58958: 535 Incorrect authentication data ([email protected]) 2026-03-25 06:54:57 dovecot_plain authenticator failed for H=([10.12.18.95]) [140.228.21.81]:37920: 535 Incorrect authentication data ([email protected]) 2026-03-25 06:54:59 dovecot_login authenticator failed for H=([10.12.18.95]) [140.228.21.81]:37920: 535 Incorrect authentication data ([email protected]) 2026-03-25 06:55:01 dovecot_plain authenticator failed for H=([10.12.18.95]) [140.228.21.81]:59133: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇨🇿 lp	2026-03-25 10:20:18 (3 months ago)	Email account brute force: 6 attempts were recorded from 140.228.21.81 2026-03-25T10:54:39+01:00 war ... show more Email account brute force: 6 attempts were recorded from 140.228.21.81 2026-03-25T10:54:39+01:00 warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-25T10:54:39+01:00 warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-25T10:54:40+01:00 warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-25T10:54:40+01:00 warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-25T10:54:48+01:00 warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-25T10:54:49+01:00 warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: authenticat show less	Brute-Force
🇺🇸 bigscoots.com	2026-02-13 09:54:58 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 140.228.21.81 (CA/Canada/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 140.228.21.81 (CA/Canada/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-02-13 04:54:21 dovecot_plain authenticator failed for H=([10.12.236.179]) [140.228.21.81]:57306: 535 Incorrect authentication data ([email protected]) 2026-02-13 04:54:27 dovecot_login authenticator failed for H=([10.12.236.179]) [140.228.21.81]:57306: 535 Incorrect authentication data ([email protected]) 2026-02-13 04:54:34 dovecot_plain authenticator failed for H=([10.12.236.179]) [140.228.21.81]:36693: 535 Incorrect authentication data ([email protected]) 2026-02-13 04:54:36 dovecot_login authenticator failed for H=([10.12.236.179]) [140.228.21.81]:36693: 535 Incorrect authentication data ([email protected]) 2026-02-13 04:54:56 dovecot_plain authenticator failed for H=([10.12.236.179]) [140.228.21.81]:54437: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 xmission.com	2026-01-27 01:22:08 (5 months ago)	Blocked by UFW (TCP on 52138) Source port: 12687 TTL: 51 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 52138) Source port: 12687 TTL: 51 Packet length: 60 TOS: 0x08 This report (for 140.228.21.81) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇱 Dolphi	2026-01-26 12:56:31 (5 months ago)	Mail server brute force	Email Spam Brute-Force
🇮🇩 sockominfo	2026-01-24 10:00:20 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5/10 (MEDIUM). Reported by TangerangK ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-24 08:00:21 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.2/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.2/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-01-24 07:00:02 (5 months ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 7.4/10 (HIGH). CVSS: 6.8/10 (Medium). ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 7.4/10 (HIGH). CVSS: 6.8/10 (Medium). Bayesian: 87%. MITRE: T1071. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Exploited Host
🇮🇩 sockominfo	2026-01-24 06:09:56 (5 months ago)	[WAZUH] Postfix: Multiple SASL authentication failures.	Hacking Web App Attack
🇨🇿 lp	2026-01-20 11:57:50 (5 months ago)	Email account brute force: 6 attempts were recorded from 140.228.21.81 2026-01-20T11:17:24+01:00 war ... show more Email account brute force: 6 attempts were recorded from 140.228.21.81 2026-01-20T11:17:24+01:00 warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-01-20T11:17:25+01:00 warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-01-20T11:17:27+01:00 warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-01-20T11:17:27+01:00 warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-01-20T11:17:59+01:00 warning: unknown[140.228.21.81]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-01-20T11:18:00+01:00 warning: unknown[140.228.21.81]: SASL LOGIN authentication failed: authen show less	Brute-Force
Anonymous	2026-01-20 10:19:42 (5 months ago)	(smtpauth) Failed SMTP AUTH login from 140.228.21.81 (CA/Canada/Quebec/Montreal/-/[redacted])	Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 37.221.138.52

🇨🇳 218.25.89.208

🇧🇷 190.115.84.25

🇲🇽 187.190.35.163

🇺🇸 143.42.0.20

🇳🇱 45.153.34.165

🇳🇱 45.148.10.239

🇨🇳 221.228.203.3

🇲🇽 187.191.48.4

🇬🇧 159.65.91.36

🇺🇸 146.70.195.99

🇨🇳 123.134.151.24

🇮🇳 117.216.210.246

🇨🇳 117.81.212.152

🇻🇳 116.110.14.140

🇭🇰 114.111.53.214

🇩🇪 87.106.210.86

🇸🇬 68.178.166.90

🇹🇼 61.220.235.10

🇨🇳 58.242.190.39