JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.89.238.106

159.89.238.106 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 24%: ?

24%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	North Bergen, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.89.238.106

Whois 159.89.238.106

IP Abuse Reports for 159.89.238.106:

This IP address has been reported a total of 15 times from 12 distinct sources. 159.89.238.106 was first reported on December 28th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 0xi	2026-04-23 03:00:37 (1 month ago)	Malicious scanning and attack activity detected (257 attempts). Targeted ports: 9302. Triggered sens ... show more Malicious scanning and attack activity detected (257 attempts). Targeted ports: 9302. Triggered sensors: P0f, Suricata, Honeytrap. Observed via distributed honeypot network. show less	Port Scan
🇦🇪 abusiveIntelligence	2026-04-23 00:20:00 (1 month ago)	RDP connect attempt: Nmap Scanner	Brute-Force
🇺🇸 trentwiles.com	2026-04-22 23:29:09 (1 month ago)	Unauthorized connection attempt detected from IP address 159.89.238.106 to port 15671 [SFO]	Port Scan
🇩🇪 guldkage	2026-04-22 21:23:22 (1 month ago)	Unauthorized connection attempt detected from IP address 159.89.238.106 to port 3306 (ger-03) [k]	Brute-Force Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-22 20:18:13 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 9202 [14] TCP	Port Scan
🇨🇦 Largnet SOC	2026-04-22 11:17:39 (1 month ago)	159.89.238.106 triggered Icarus honeypot on port 1433. Check us out on github.	Port Scan Hacking
🇺🇸 trentwiles.com	2026-04-22 02:47:50 (1 month ago)	Unauthorized connection attempt detected from IP address 159.89.238.106 to port 8883 [SFO]	Port Scan
🇺🇸 donarev419	2026-04-22 02:12:07 (1 month ago)	Port scan detected on port 9200 (connection without data transfer)	Port Scan
🇩🇪 Axel	2026-04-21 20:39:20 (1 month ago)	[2026-04-21 20:39:20 UTC] Honeypot RabbitMQ Admin connection attempt \| AXFRA HONEYPOT	Hacking
🇩🇪 _ArminS_	2026-04-21 14:25:42 (1 month ago)	SP-Scan 5385:9302 detected 2026.04.21 16:25:42 blocked until 2026.06.10 09:28:29	Port Scan
🇦🇪 abusiveIntelligence	2026-04-21 11:30:00 (1 month ago)	RDP connect attempt: Nmap Scanner	Brute-Force
🇦🇺 LiftUp Hosting	2026-04-21 10:09:58 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 10086 [7] TCP	Port Scan
🇺🇸 donarev419	2026-04-21 06:23:47 (1 month ago)	Port scan detected on port 1434 (connection without data transfer)	Port Scan
🇷🇸 Smel	2025-12-28 06:32:01 (5 months ago)	SSH/22 MH Probe, BF, Hack -	Hacking Brute-Force SSH
🇺🇸 MPL	2025-12-28 06:18:37 (5 months ago)	tcp/7777 (2 or more attempts)	Port Scan

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.89

🇬🇲 197.255.197.198

🇫🇮 147.185.133.99

🇳🇱 91.92.42.64

🇷🇴 80.94.92.177

🇩🇪 69.5.169.205

🇩🇪 69.5.169.152

🇺🇸 66.175.213.4

🇸🇬 52.237.80.79

🇸🇬 47.79.10.221

🇳🇱 45.148.10.141

🇬🇧 31.14.254.103

🇺🇸 23.129.64.130

🇺🇸 18.218.154.19

🇨🇳 14.103.114.20

🇷🇺 5.129.206.230

🇺🇸 172.59.222.131

🇩🇪 167.94.146.36

🇺🇸 154.217.253.190

🇭🇰 103.230.240.59