JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 207.248.109.252

207.248.109.252 was found in our database!

This IP was reported 198 times. Confidence of Abuse is 93%: ?

93%

ISP	Redes y Comunicaciones de Michoacan S.A. de C.V.
Usage Type	Fixed Line ISP
ASN	AS263127
Hostname(s)	ggadol-207.248.109.252.redes.rcm.net.mx
Domain Name	rcm.net.mx
Country	🇲🇽 Mexico
City	Morelia, Michoacan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 207.248.109.252

Whois 207.248.109.252

IP Abuse Reports for 207.248.109.252:

This IP address has been reported a total of 198 times from 78 distinct sources. 207.248.109.252 was first reported on October 1st 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 AWW-Admin	2026-06-13 21:16:33 (1 day ago)	(imapd) Failed IMAP login from 207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx)	Brute-Force
🇩🇪 tall1oN	2026-06-13 05:41:50 (2 days ago)	2026-06-13T07:41:46.272813+02:00 kenny dovecot: auth-worker(3790551): conn unix:auth-worker (pid=376 ... show more 2026-06-13T07:41:46.272813+02:00 kenny dovecot: auth-worker(3790551): conn unix:auth-worker (pid=3761073,uid=107): auth-worker<5>: sql([email protected],207.248.109.252,<Ch6HDBxUfNLP+G38>): unknown user 2026-06-13T07:41:47.833445+02:00 kenny dovecot: auth-worker(3790551): conn unix:auth-worker (pid=3761073,uid=107): auth-worker<6>: pam([email protected],207.248.109.252,<Ch6HDBxUfNLP+G38>): pam_authenticate() failed: Authentication failure (Password mismatch?) 2026-06-13T07:41:49.697710+02:00 kenny dovecot: imap-login: Disconnected: Connection closed (auth failed, 1 attempts in 3 secs): user=<[email protected]>, method=PLAIN, rip=207.248.109.252, lip=195.201.95.142, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) ... show less	Brute-Force Email Spam
🇧🇷 ICS Labs	2026-06-12 13:46:47 (3 days ago)	ICS Labs identified 207.248.109.252 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇷🇴 gtheo99	2026-06-11 17:14:44 (3 days ago)	(imapd) Failed IMAP login from 207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx): ... show more (imapd) Failed IMAP login from 207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx): 3 in the last 900 secs show less	Brute-Force Email Spam
🇺🇸 kosada.com	2026-06-10 04:10:05 (5 days ago)	IMAP password guessing	Brute-Force
🇩🇪 jasperedv.de	2026-06-10 00:34:31 (5 days ago)	Failed IMAP Login - Brutforcing	Email Spam Brute-Force
🇦🇺 AWW-Admin	2026-06-08 22:37:21 (6 days ago)	(imapd) Failed IMAP login from 207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx)	Brute-Force
🇬🇧 gaztronics	2026-06-08 21:27:05 (6 days ago)	2026-06-08T21:26:59.021221 liberator auth[1486507]: pam_unix(dovecot:auth): authentication failure; ... show more 2026-06-08T21:26:59.021221 liberator auth[1486507]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot [email protected] rhost=207.248.109.252 ... show less	Brute-Force
🇩🇪 FeG Deutschland	2026-06-07 20:52:10 (1 week ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇬🇧 cg-design.co.uk	2026-06-05 13:22:49 (1 week ago)	207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx), 10 distributed imapd attacks on ... show more 207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx), 10 distributed imapd attacks on account [redacted] show less	Brute-Force
🇩🇪 FeG Deutschland	2026-06-04 05:08:12 (1 week ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇬🇧 cg-design.co.uk	2026-06-04 05:07:23 (1 week ago)	207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx), 10 distributed imapd attacks on ... show more 207.248.109.252 (MX/Mexico/ggadol-207.248.109.252.redes.rcm.net.mx), 10 distributed imapd attacks on account [redacted] show less	Brute-Force
Anonymous	2026-05-31 13:55:06 (2 weeks ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇷🇴 INTEQ	2026-05-28 15:19:09 (2 weeks ago)	Brute force attack from 207.248.109.252	Brute-Force
🇮🇳 evicky2002	2026-05-28 07:33:20 (2 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH

Showing 1 to 15 of 198 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 13.215.179.137

🇳🇱 217.60.195.146

🇲🇽 187.191.2.214

🇧🇷 186.213.190.119

🇨🇱 186.190.238.8

🇩🇪 172.253.1.210

🇺🇸 168.100.149.116

🇺🇸 167.99.228.183

🇺🇸 147.182.161.244

🇨🇳 120.236.49.131

🇭🇰 103.100.211.71

🇪🇸 46.6.124.216

🇲🇦 41.140.226.151

🇩🇪 213.109.160.140

🇺🇦 212.92.225.205

🇺🇸 195.184.76.179

🇿🇦 172.253.249.209

🇨🇳 123.5.136.161

🇵🇰 103.244.172.7

🇻🇳 103.6.234.155