JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.89.14.5

159.89.14.5 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.89.14.5

Whois 159.89.14.5

IP Abuse Reports for 159.89.14.5:

This IP address has been reported a total of 32 times from 25 distinct sources. 159.89.14.5 was first reported on March 3rd 2026, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 SYSMarshal	2026-04-01 23:13:58 (2 months ago)	SYSMarshal detection: Hacking Attempt, FTP Abuse, DNS Attack [EventID:0]	Hacking
🇺🇦 llighthunter	2026-03-08 18:36:47 (3 months ago)	Mar 3 13:23:51 mail postfix/smtpd[2652]: lost connection after EHLO from unknown[159.89.14.5] Mar ... show more Mar 3 13:23:51 mail postfix/smtpd[2652]: lost connection after EHLO from unknown[159.89.14.5] Mar 3 13:23:51 mail postfix/smtpd[2654]: improper command pipelining after CONNECT from unknown[159.89.14.5]: HELP\r\n show less	Hacking SSH
🇨🇳 ThreatBook.io	2026-03-07 23:04:10 (3 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/159.89.14.5	SSH
🇫🇷 Thaliruth	2026-03-07 13:51:56 (3 months ago)	Mar 7 14:51:50 151 dovecot: pop3-login: Login aborted: Connection closed: read(size=1026) failed: C ... show more Mar 7 14:51:50 151 dovecot: pop3-login: Login aborted: Connection closed: read(size=1026) failed: Connection reset by peer (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=159.89.14.5, lip=46.252.194.151, TLS handshaking: read(size=1026) failed: Connection reset by peer, session=</GGweG9M24ifWQ4F> Mar 7 14:51:56 151 dovecot: pop3-login: Login aborted: Connection closed: SSL_accept() failed: error:0A00018C:SSL routines::version too low (disconnected during TLS handshake) (tls_handshake_not_finished): user=<>, rip=159.89.14.5, lip=46.252.194.151, TLS handshaking: SSL_accept() failed: error:0A00018C:SSL routines::version too low, session=<BQqzeG9MGR2fWQ4F> Mar 7 14:51:56 151 dovecot: pop3-login: Login aborted: Connection closed (no auth attempts in 0 secs) (no_auth_attempts): user=<>, rip=159.89.14.5, lip=46.252.194.151, TLS, session=<68gOeW9Mg2WfWQ4F> ... show less	Hacking Brute-Force
🇳🇱 EGP Abuse Dept	2026-03-07 12:57:03 (3 months ago)	Scanning for port/service exploits on tpc-031.mach3builders.nl	Port Scan Hacking
🇨🇦 Largnet SOC	2026-03-07 11:45:04 (3 months ago)	159.89.14.5 triggered Icarus honeypot on port 22. Check us out on github.	Port Scan Hacking
🇺🇸 gu-alvareza	2026-03-07 07:05:09 (3 months ago)	Nmap.Script.Scanner	Port Scan
🇯🇵 mkaraki	2026-03-06 19:15:10 (3 months ago)	1772824493 # Service_probe # SIGNATURE_SEND # source_ip:159.89.14.5 # dst_port:11434 ...	Port Scan
🇩🇪 ValtonTahiri	2026-03-06 13:55:55 (3 months ago)	Honeypot hit: Unauthorized traffic (4 bytes) Payload: [HEX] 0d0a0d0a on 8086/TCP (13 attempts)	Port Scan
🇩🇪 samba.org	2026-03-06 11:39:25 (3 months ago)	spam (f2b h2)	Brute-Force
🇫🇷 Security_Whaller	2026-03-06 04:48:01 (3 months ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
🇺🇦 llighthunter	2026-03-05 23:53:01 (3 months ago)	Mar 3 13:23:51 mail postfix/smtpd[2652]: lost connection after EHLO from unknown[159.89.14.5] Mar ... show more Mar 3 13:23:51 mail postfix/smtpd[2652]: lost connection after EHLO from unknown[159.89.14.5] Mar 3 13:23:51 mail postfix/smtpd[2654]: improper command pipelining after CONNECT from unknown[159.89.14.5]: HELP\r\n show less	Hacking SSH
🇨🇳 ThreatBook.io	2026-03-05 22:59:14 (3 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/159.89.14.5	SSH
🇺🇸 SYSMarshal	2026-03-05 22:47:33 (3 months ago)	SYSMarshal detection: Hacking Attempt, FTP Abuse, DNS Attack [EventID:0]	Hacking
🇬🇧 gbzret4d	2026-03-05 12:16:07 (3 months ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 8500 [14] TCP	Port Scan

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 112.119.21.245

🇳🇱 64.89.162.78

🇮🇪 52.169.217.131

🇺🇸 35.236.43.68

🇺🇸 34.58.55.128

🇳🇱 212.30.37.166

🇺🇸 204.152.192.176

🇨🇦 172.69.130.47

🇩🇪 161.35.220.185

🇺🇸 45.132.115.136

🇬🇧 35.203.210.90

🇺🇸 34.50.180.169

🇮🇩 34.50.119.182

🇮🇩 34.50.76.34

🇦🇺 34.40.196.38

🇩🇪 34.40.20.91

🇩🇪 34.32.82.162

🇺🇸 20.64.104.89

🇺🇸 2607:f8b0:4023:1009::125

🇬🇧 185.247.137.50