JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.89.57.52

103.89.57.52 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 60%: ?

60%

ISP	Adri Infocom Pvt Ltd
Usage Type	Fixed Line ISP
ASN	AS136332
Domain Name	adricorp.com
Country	🇮🇳 India
City	Basti, Uttar Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.89.57.52

Whois 103.89.57.52

IP Abuse Reports for 103.89.57.52:

This IP address has been reported a total of 86 times from 50 distinct sources. 103.89.57.52 was first reported on September 3rd 2021, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 FireGuard Server	2026-06-14 12:55:08 (2 minutes ago)	Blocked by OPNsense firewall; 3 hits, proto=tcp, ports=143	Port Scan Hacking
🇷🇴 gtheo99	2026-06-14 08:07:35 (4 hours ago)	(imapd) Failed IMAP login from 103.89.57.52 (IN/India/-): 3 in the last 900 secs	Brute-Force Email Spam
🇺🇸 Wonderland	2026-06-14 03:00:56 (9 hours ago)	Jun 13 20:00:55 jabberwocky dovecot: imap-login: Disconnected (auth failed, 3 attempts in 17 secs): ... show more Jun 13 20:00:55 jabberwocky dovecot: imap-login: Disconnected (auth failed, 3 attempts in 17 secs): user=<celine.desarmenien>, method=PLAIN, rip=103.89.57.52, lip=192.168.42.15, TLS, session=<GSwl6i1Uic9nWTk0> ... show less	Brute-Force
🇧🇷 dominioz	2026-06-13 03:57:23 (1 day ago)	103.89.57.52 [0694] 00:57:16 Authentication [IMAP] - Result=0, [email protected] ... show more 103.89.57.52 [0694] 00:57:16 Authentication [IMAP] - Result=0, [email protected], Method=0 103.89.57.52 [0694] 00:57:21 Authentication [IMAP] - Result=0, [email protected], Method=0 ... show less	Brute-Force
🇺🇸 etu brutus	2026-06-10 06:27:33 (4 days ago)	Credential Stuffing BotNet ...	Hacking Brute-Force
🇩🇪 FeG Deutschland	2026-06-09 23:58:01 (4 days ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇩🇪 jasperedv.de	2026-06-08 08:27:57 (6 days ago)	Failed IMAP Login - Brutforcing	Email Spam Brute-Force
🇦🇹 joe-abuse	2026-06-06 18:53:33 (1 week ago)	2026-06-06T20:53:33.066650+02:00 ucs1 dovecot: auth: pam([email protected],103.89.57. ... show more 2026-06-06T20:53:33.066650+02:00 ucs1 dovecot: auth: pam([email protected],103.89.57.52,<iL1DS5pTfL9nWTk0>): unknown user (given password: organisation@123) ... show less	Brute-Force
🇮🇳 evicky2002	2026-05-29 06:52:29 (2 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=3)	Hacking Brute-Force SSH
🇩🇪 phil2k	2026-05-28 20:07:05 (2 weeks ago)	Fail2ban: Within 2026-05-28 02:47:01 - 2026-05-28 02:49:58 CEST(+0200) banned: 5 times by fail2ban[< ... show more Fail2ban: Within 2026-05-28 02:47:01 - 2026-05-28 02:49:58 CEST(+0200) banned: 5 times by fail2ban[<MDA>]; 5 times by fail2ban[recidive] show less	Brute-Force Email Spam
🇬🇧 cg-design.co.uk	2026-05-28 05:01:06 (2 weeks ago)	103.89.57.52 (IN/India/-), 10 distributed imapd attacks on account [redacted]	Brute-Force
Anonymous	2026-05-28 02:32:04 (2 weeks ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
🇩🇪 phil2k	2026-05-28 00:47:10 (2 weeks ago)	fail2ban:<MDA>:2026-05-28T02:47:01.544428+02:00 <SRV> <MDA>: auth-worker(3034254): conn unix:auth-wo ... show more fail2ban:<MDA>:2026-05-28T02:47:01.544428+02:00 <SRV> <MDA>: auth-worker(3034254): conn unix:auth-worker (pid=3033632,uid=108): auth-worker<1>: sql(office@<ANONYMIZED_DOMAIN>,103.89.57.52,<bmTxENZSX5xnWTk0>): Password mismatch 2026-05-28T02:47:08.470979+02:00 <SRV> <MDA>: auth: sql(office@<ANONYMIZED_DOMAIN>,103.89.57.52,<bmTxENZSX5xnWTk0>): Password mismatch show less	Port Scan Brute-Force Email Spam
🇹🇷 rtbh.com.tr	2026-03-12 20:12:01 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-09 20:11:58 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 128.185.12.179

🇮🇳 106.202.50.65

🇷🇺 95.215.108.47

🇷🇴 92.118.39.62

🇩🇪 213.209.159.231

🇨🇳 183.36.126.68

🇮🇳 139.5.248.169

🇨🇳 117.70.94.155

🇰🇷 113.131.200.35

🇨🇳 112.86.225.120

🇰🇷 110.14.190.221

🇱🇹 81.30.98.236

🇺🇸 68.3.254.150

🇫🇷 51.68.226.171

🇸🇬 47.84.142.124

🇧🇷 45.238.2.40

🇳🇱 45.148.10.183

🇩🇪 45.3.47.213

🇺🇸 20.106.168.113

🇨🇦 2a00:1d20:49:2:9999::199