JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.28.194.139

202.28.194.139 was found in our database!

This IP was reported 75 times. Confidence of Abuse is 100%: ?

100%

ISP	Office of Info.Tech. Admin. for Educational Development
Usage Type	Fixed Line ISP
ASN	AS4621
Domain Name	uni.net.th
Country	🇹🇭 Thailand
City	Khon Kaen, Khon Kaen

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.28.194.139

Whois 202.28.194.139

IP Abuse Reports for 202.28.194.139:

This IP address has been reported a total of 75 times from 41 distinct sources. 202.28.194.139 was first reported on September 17th 2023, and the most recent report was 54 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 AetherFox	2026-05-25 15:49:18 (1 week ago)	AetherFox VoidGuard detected: [Mon May 25 15:49:15.408500 2026] [authz_core:error] [pid 1572331:tid ... show more AetherFox VoidGuard detected: [Mon May 25 15:49:15.408500 2026] [authz_core:error] [pid 1572331:tid 1572336] [client 202.28.194.139:60795] AH01630: client denied by server configuration: proxy:http://[MASKED]/, referer: http://draconigen.net/ [Mon May 25 15:49:15.408693 2026] [authz_core:error] [pid 1572331:tid 1572336] [client 202.28.194.139:60795] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: http://draconigen.net/ [Mon May 25 15:49:16.643713 2026] [authz_core:error] [pid 1572331:tid 1572334] [client 202.28.194.139:33450] AH01630: client denied by server configuration: proxy:http://[MASKED]/, referer: http://draconigen.net/ [Mon May 25 15:49:16.643961 2026] [authz_core:error] [pid 1572331:tid 1572334] [client 202.28.194.139:33450] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: http://draconigen.net/ [Mon May 25 15:49:17.557705 2026] [authz_core:error] [pid 1639291:tid ... show less	Bad Web Bot Web App Attack
🇩🇪 Ivan Rezinkin	2026-05-25 12:22:26 (1 week ago)	DDoS attack against sub.cocooloco.ru (181.214.231.116) - L7 connection flood, observed sustained SYN ... show more DDoS attack against sub.cocooloco.ru (181.214.231.116) - L7 connection flood, observed sustained SYN traffic causing TCP listen-queue overflow. Auto-banned at 5/sec threshold via iptables hashlimit. Timestamp: 2026-05-25T12:21:02Z show less	DDoS Attack Email Spam
🇸🇬 volcaryx	2026-05-25 12:02:29 (1 week ago)	Cloudflare detected an L7 DDoS attack (l7ddos) from TH. Action: BLOCK \| Protocol: HTTP/2 (GET) \| End ... show more Cloudflare detected an L7 DDoS attack (l7ddos) from TH. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	DDoS Attack Bad Web Bot
🇨🇦 leithzz	2026-05-25 11:49:43 (1 week ago)	Report by Cloudflare.Time: 2026-05-25T11:49:04Z	DDoS Attack
🇺🇸 gu-alvareza	2026-05-25 07:05:23 (1 week ago)	WordPress.xmlrpc.Pingback.DoS	DDoS Attack
🇩🇪 AetherFox	2026-05-24 20:05:06 (1 week ago)	AetherFox VoidGuard detected: [Sun May 24 20:05:03.568264 2026] [authz_core:error] [pid 1472545:tid ... show more AetherFox VoidGuard detected: [Sun May 24 20:05:03.568264 2026] [authz_core:error] [pid 1472545:tid 1472550] [client 202.28.194.139:42658] AH01630: client denied by server configuration: proxy:http://[MASKED]/, referer: http://draconigen.net/ [Sun May 24 20:05:03.568469 2026] [authz_core:error] [pid 1472545:tid 1472550] [client 202.28.194.139:42658] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: http://draconigen.net/ [Sun May 24 20:05:04.816822 2026] [authz_core:error] [pid 1472574:tid 1472592] [client 202.28.194.139:44284] AH01630: client denied by server configuration: proxy:http://[MASKED]/, referer: http://draconigen.net/ [Sun May 24 20:05:04.817067 2026] [authz_core:error] [pid 1472574:tid 1472592] [client 202.28.194.139:44284] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: http://draconigen.net/ [Sun May 24 20:05:06.059326 2026] [authz_core:error] [pid 1472574:tid ... show less	Bad Web Bot Web App Attack
🇨🇭 4server	2026-05-24 04:58:26 (1 week ago)	[SunMay2406:58:17.2864282026][security2:error][pid1760017:tid1760230][client202.28.194.139:0]ModSecu ... show more [SunMay2406:58:17.2864282026][security2:error][pid1760017:tid1760230][client202.28.194.139:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\<\?/\?\?script\\|\<\?\(\?:i\?frame\?src\\|a\?href\)\?=\?\(\?:ogg\\|tls\\|ssl\\|gopher\\|zlib\\|\(ht\\|f\)tps\?\)\\\\\\\\:/\\|document\\\\\\\\.write\?\\\\\\\\\(\\|\(\?:\<\\|\<\?/\)\?\(\?:\(\?:java\\|vb\)script\\|applet\\|activex\\|chrome\\|qx\?ss\\|embed\)\\|\<\?/\?i\?frame\\\\\\\\b\\|\<\?imgsrc\?=\\|\<\?basehref\?=\)\"atARGS:your-message.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1065\"][id\"340148\"][rev\"162\"][msg\"Atomicorp.comWAFRules:PotentialCrossSiteScriptingAttack\"][data\"\<ahref=https:/\"][severity\"CRITICAL\"][hostname\"avvnicolaurbani.ch\"][uri\"/contatto/\"][unique_id\"ahKFafwHOGI_iWr_tQMsVwAAAQY\"]\,referer:https://avvnicolaurbani.ch/contatto/ show less	Hacking Web App Attack
🇫🇷 EDSL	2026-05-24 04:21:04 (1 week ago)	[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)	Port Scan Web App Attack Hacking
🇮🇩 xveil	2026-05-23 22:35:50 (1 week ago)	2026-05-24T05:35:48.750972 mail-honeypot postfix/submission/smtpd[14130]: warning: unknown[202.28.19 ... show more 2026-05-24T05:35:48.750972 mail-honeypot postfix/submission/smtpd[14130]: warning: unknown[202.28.194.139]: SASL PLAIN authentication failed: authentication failure ... show less	Brute-Force
🇩🇪 AetherFox	2026-05-23 09:06:41 (1 week ago)	AetherFox VoidGuard detected: [Sat May 23 09:06:38.887937 2026] [authz_core:error] [pid 1331104:tid ... show more AetherFox VoidGuard detected: [Sat May 23 09:06:38.887937 2026] [authz_core:error] [pid 1331104:tid 1331116] [client 202.28.194.139:33101] AH01630: client denied by server configuration: proxy:http://[MASKED]/, referer: http://draconigen.net/ [Sat May 23 09:06:38.888105 2026] [authz_core:error] [pid 1331104:tid 1331116] [client 202.28.194.139:33101] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: http://draconigen.net/ [Sat May 23 09:06:40.132835 2026] [authz_core:error] [pid 1331104:tid 1331148] [client 202.28.194.139:36777] AH01630: client denied by server configuration: proxy:http://[MASKED]/, referer: http://draconigen.net/ [Sat May 23 09:06:40.133055 2026] [authz_core:error] [pid 1331104:tid 1331148] [client 202.28.194.139:36777] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html, referer: http://draconigen.net/ [Sat May 23 09:06:41.043912 2026] [authz_core:error] [pid 1331104:tid ... show less	Bad Web Bot Web App Attack
🇸🇬 pusathosting.com	2026-05-22 23:54:05 (1 week ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇫🇷 MatStef132	2026-05-22 14:04:42 (1 week ago)	MatShield L7: blocked on mathost.eu (chrome-ua-hint-missing)	DDoS Attack
🇫🇷 remi_bsod	2026-05-22 11:06:00 (1 week ago)	Tried multiple times with different IPs to connect to my pCloud account.	Brute-Force Hacking
🇩🇪 BestFans.com	2026-05-22 09:49:28 (1 week ago)	Credential brute-force attacks on webpage logins	Brute-Force
🇨🇿 lp	2026-05-22 09:20:33 (1 week ago)	Email account brute force: 1 attempts were recorded from 202.28.194.139 2026-05-22T09:59:34+02:00 wa ... show more Email account brute force: 1 attempts were recorded from 202.28.194.139 2026-05-22T09:59:34+02:00 warning: unknown[202.28.194.139]: SASL PLAIN authentication failed: authentication failure, [email protected] show less	Brute-Force

Showing 31 to 45 of 75 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 185.220.101.150

🇨🇳 115.56.238.174

🇬🇧 89.37.172.135

🇳🇱 45.148.10.151

🇮🇪 185.231.207.151

🇧🇷 179.191.82.115

🇳🇱 172.233.41.45

🇨🇳 171.36.6.158

🇳🇱 103.161.34.59

🇪🇸 88.13.2.250

🇷🇴 80.94.92.184

🇳🇱 45.148.10.152

🇬🇧 35.203.211.29

🇺🇸 157.245.123.148

🇹🇭 118.194.251.145

🇮🇩 103.191.14.210

🇺🇸 50.116.12.48

🇺🇸 47.251.143.167

🇧🇷 45.171.79.165

🇺🇸 24.144.84.83