JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.54.62.2

149.54.62.2 was found in our database!

This IP was reported 2,365 times. Confidence of Abuse is 100%: ?

100%

ISP	Government Communications Network
Usage Type	Fixed Line ISP
ASN	AS55330
Domain Name	afghantelecom.af
Country	🇦🇫 Afghanistan
City	Lashkar Gah, Helmand

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.54.62.2

Whois 149.54.62.2

IP Abuse Reports for 149.54.62.2:

This IP address has been reported a total of 2,365 times from 341 distinct sources. 149.54.62.2 was first reported on September 8th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-19 10:34:21 (2 weeks ago)	2026-05-19T12:34:19.128576+02:00 gollum postfix/smtps/smtpd[4088143]: warning: unknown[149.54.62.2]: ... show more 2026-05-19T12:34:19.128576+02:00 gollum postfix/smtps/smtpd[4088143]: warning: unknown[149.54.62.2]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2026-05-19T12:34:19.999485+02:00 gollum postfix/smtps/smtpd[4088143]: lost connection after AUTH from unknown[149.54.62.2] 2026-05-19T12:34:19.999607+02:00 gollum postfix/smtps/smtpd[4088143]: disconnect from unknown[149.54.62.2] ehlo=1 auth=0/1 commands=1/2 ... show less	DDoS Attack Brute-Force
Anonymous	2026-05-19 09:45:40 (2 weeks ago)	SMTP brute force - auth failed	Brute-Force Exploited Host
🇺🇸 chrisj	2026-05-19 07:05:53 (2 weeks ago)	2026-05-19T07:05:52.460563+00:00 aws postfix/smtps/smtpd[538173]: warning: unknown[149.54.62.2]: SAS ... show more 2026-05-19T07:05:52.460563+00:00 aws postfix/smtps/smtpd[538173]: warning: unknown[149.54.62.2]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=marketing 2026-05-19T07:05:53.105660+00:00 aws postfix/smtps/smtpd[538173]: lost connection after AUTH from unknown[149.54.62.2] 2026-05-19T07:05:53.105782+00:00 aws postfix/smtps/smtpd[538173]: disconnect from unknown[149.54.62.2] ehlo=1 auth=0/1 commands=1/2 ... show less	Brute-Force
🇩🇪 EGP Abuse Dept	2026-05-19 05:13:08 (2 weeks ago)	Numeric HELO: 207.164.113.20	Email Spam Exploited Host
🇧🇾 hbars.by	2026-05-19 04:33:23 (2 weeks ago)	2026-05-19T07:11:32.764777+03:00 radionet dovecot: auth: passwd-file([email protected],149.54.62.2): un ... show more 2026-05-19T07:11:32.764777+03:00 radionet dovecot: auth: passwd-file([email protected],149.54.62.2): unknown user 2026-05-19T07:33:23.146707+03:00 radionet dovecot: auth: passwd-file([email protected],149.54.62.2): unknown user show less	Brute-Force
🇩🇪 Paul Smith	2026-05-19 03:11:11 (2 weeks ago)	Email Auth Brute force attack 7/7 in last day	Brute-Force
🇫🇷 EDSL	2026-05-19 01:24:46 (2 weeks ago)	[mail.edsl.fr] Blocked by SysWarden Firewall (Mail Service Attack)	Brute-Force Port Scan Email Spam
🇫🇷 tecnicorioja	2026-05-18 22:00:32 (2 weeks ago)	SASL LOGIN authentication failed May 18 22:42:12	Brute-Force
🇬🇧 Aetherweb Ark	2026-05-18 21:53:03 (2 weeks ago)	149.54.62.2 (AF/Afghanistan/-), N distributed smtpauth attacks on account in the last X secs	Brute-Force
🇸🇮 basing	2026-05-18 18:22:12 (2 weeks ago)	2026-05-18 19:22:12 z4 SASL PLAIN auth failed: rhost=149.54.62.2...	Brute-Force
🇩🇪 jasperedv.de	2026-05-18 18:09:37 (2 weeks ago)	Failed SMTP Login - Brutforcing	Email Spam Brute-Force
Anonymous	2026-05-18 17:24:06 (2 weeks ago)	(UserAttack) User Attack From 149.54.62.2 (AF/Afghanistan/-): 1 in the last 3600 secs; Ports: ; Di ... show more (UserAttack) User Attack From 149.54.62.2 (AF/Afghanistan/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-18 17:24:02 auth_login authenticator failed for ([142.54.235.12]) [149.54.62.2]: 535 Incorrect authentication data ([email protected]) show less	Port Scan
🇫🇷 Provost-info	2026-05-18 14:55:43 (2 weeks ago)	mail server - multiple authentication attempt with unknown username or bad password	Brute-Force Spoofing
🇫🇷 tecnicorioja	2026-05-18 14:03:22 (2 weeks ago)	SASL LOGIN authentication failed May 18 15:22:26	Brute-Force
Anonymous	2026-05-18 12:11:28 (2 weeks ago)	This IP was detected by CrowdSec triggering local/abuseipdb-watchlist	Port Scan

Showing 121 to 135 of 2365 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 45.70.10.206

🇺🇸 165.154.182.85

🇬🇧 45.129.18.215

🇨🇿 2a02:598:64:8a00::3100:19

🇺🇸 162.216.149.218

🇺🇸 137.184.92.164

🇧🇷 131.0.123.127

🇨🇳 101.71.192.115

🇭🇰 47.238.224.91

🇧🇪 198.235.24.254

🇧🇦 185.18.152.83

🇬🇧 135.136.23.252

🇨🇳 111.20.172.234

🇭🇰 103.230.240.59

🇳🇱 45.94.31.119

🇺🇸 43.130.12.43

🇰🇷 8.230.16.5

🇩🇪 213.209.159.56

🇷🇴 193.32.162.82

🇨🇳 183.196.128.46