JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.89.199.152

152.89.199.152 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 100%: ?

100%

ISP	Castles LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43278
Hostname(s)	forum.flamelord.su
Domain Name	castles.pro
Country	🇷🇺 Russian Federation
City	Novosibirsk, Novosibirsk Oblast

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.89.199.152

Whois 152.89.199.152

IP Abuse Reports for 152.89.199.152:

This IP address has been reported a total of 45 times from 35 distinct sources. 152.89.199.152 was first reported on May 22nd 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-06-10 12:30:49 (14 hours ago)	firewall-block, port(s): 8082/udp	Port Scan
🇯🇵 jay hung	2026-06-10 10:55:34 (15 hours ago)	2026-06-10T10:55:33.792272+00:00 quarktech kernel: [923776.162306] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-10T10:55:33.792272+00:00 quarktech kernel: [923776.162306] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=152.89.199.152 DST=172.237.20.248 LEN=76 TOS=0x00 PREC=0x40 TTL=43 ID=57718 DF PROTO=UDP SPT=8081 DPT=8081 LEN=56 ... show less	Port Scan
🇳🇱 BIV	2026-06-10 09:17:53 (17 hours ago)	Honeypot multi-source hit. Sources: tpot:Suricata. Ports: 11211. Automated tiered (T-Pot+DShield).	Port Scan Hacking
Anonymous	2026-06-10 08:26:17 (18 hours ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇷🇸 Smel	2026-06-10 03:36:35 (22 hours ago)	SIP/5060 Probe, Scan, BF, Hack -	Fraud VoIP Port Scan Hacking Brute-Force
🇷🇸 Scan	2026-06-10 02:28:34 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 ezscale	2026-06-08 18:18:40 (2 days ago)	SSH brute force on cp.vps.ezscale.tech (3 failures). Detected by fail2ban.	Brute-Force SSH
🇺🇸 ISPLtd	2026-06-08 08:24:34 (2 days ago)	Jun 8 02:24:33 152.89.199.152 TCP SPT=49006 DPT=22 SYN ...	Port Scan SSH
🇺🇸 LockBlock	2026-06-08 06:13:17 (2 days ago)	2026-06-08 06:13:17: Port scan detected from 152.89.199.152 on port 22 of racknerd-e7e1a9	Port Scan SSH
🇺🇸 anon333	2026-06-07 16:33:22 (3 days ago)	Hacker syslog review 1780850001	Hacking
🇰🇷 hanb.jp	2026-06-07 09:17:50 (3 days ago)	Jun 7 09:17:43 v4bgp sshd[395299]: Failed password for root from 152.89.199.152 port 59078 ssh2 Jun ... show more Jun 7 09:17:43 v4bgp sshd[395299]: Failed password for root from 152.89.199.152 port 59078 ssh2 Jun 7 09:17:48 v4bgp sshd[395301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.89.199.152 user=root Jun 7 09:17:50 v4bgp sshd[395301]: Failed password for root from 152.89.199.152 port 59092 ssh2 ... show less	Brute-Force SSH
🇺🇸 [email protected]	2026-06-07 07:53:39 (3 days ago)	Ports: 8083. Proto: UDP. Observations: 1	Port Scan
🇷🇸 Scan	2026-06-07 03:04:59 (3 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 dispaisyenterprises	2026-06-06 15:27:49 (4 days ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 7022 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 7022 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
Anonymous	2026-06-05 17:30:23 (5 days ago)	2026-06-05T17:30:19.955066+00:00 xmr sshd[9014]: pam_unix(sshd:auth): authentication failure; lognam ... show more 2026-06-05T17:30:19.955066+00:00 xmr sshd[9014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.89.199.152 user=root 2026-06-05T17:30:22.414941+00:00 xmr sshd[9014]: Failed password for root from 152.89.199.152 port 47730 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇿 206.83.98.2

🇧🇷 205.210.31.195

🇹🇼 198.235.24.98

🇨🇷 190.211.112.177

🇩🇪 162.158.86.56

🇺🇸 157.230.198.17

🇺🇸 147.185.132.103

🇯🇵 133.167.106.165

🇱🇦 115.84.95.52

🇹🇭 110.77.131.229

🇱🇹 81.30.98.49

🇳🇱 45.148.10.240

🇵🇱 45.141.233.31

🇩🇪 213.209.159.226

🇳🇱 213.177.179.80

🇧🇷 205.210.31.205

🇲🇾 183.171.249.30

🇹🇭 171.6.235.57

🇺🇸 155.248.215.252

🇰🇷 152.32.139.190