AbuseIPDB » 5.166.68.89

5.166.68.89 was found in our database!

This IP was reported 382 times. Confidence of Abuse is 100%: ?

100%

ISP	CJSC ER-Telecom Holding Barnaul branch
Usage Type	Fixed Line ISP
ASN	AS50512
Hostname(s)	5x166x68x89.dynamic.barnaul.ertelecom.ru
Domain Name	ertelecom.ru
Country	Russian Federation
City	Barnaul, Altai Krai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 5.166.68.89

Whois 5.166.68.89

IP Abuse Reports for 5.166.68.89:

This IP address has been reported a total of 382 times from 152 distinct sources. 5.166.68.89 was first reported on January 18th 2025, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Paul Smith	2025-02-10 01:03:47 (4 minutes ago)	Email Auth Brute force attack 3/3 in last day	Brute-Force
TZNOC	2025-02-09 23:45:58 (1 hour ago)	Mail credential brute-force attack (SM3) #3	Email Spam Brute-Force
Anonymous	2025-02-09 23:45:32 (1 hour ago)	Feb 10 00:45:31 mx1 postfix/submission/smtpd[197823]: warning: unknown[5.166.68.89]: SASL PLAIN auth ... show moreFeb 10 00:45:31 mx1 postfix/submission/smtpd[197823]: warning: unknown[5.166.68.89]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=promo show less	Brute-Force
triplecode	2025-02-09 23:02:14 (2 hours ago)	Reported from hMailServer	Hacking
Gem	2025-02-09 23:01:04 (2 hours ago)	Attempted SMTP or POP3 login with wrong credentials. 4 times	Brute-Force
apa4h	2025-02-09 22:47:27 (2 hours ago)	banned by Fail2Ban postfix	Brute-Force
Bay13	2025-02-09 22:33:50 (2 hours ago)	f2b mail-sasl	Email Spam Spoofing
rtbh.com.tr	2025-02-09 20:50:01 (4 hours ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
GeorgieNAS77	2025-02-09 19:55:54 (5 hours ago)	...	Brute-Force
netclix.gr	2025-02-09 19:51:38 (5 hours ago)	(mysaslmatch) Failed SASL login from 5.166.68.89 (RU/Russia/5x166x68x89.dynamic.barnaul.ertelecom.ru ... show more(mysaslmatch) Failed SASL login from 5.166.68.89 (RU/Russia/5x166x68x89.dynamic.barnaul.ertelecom.ru): 2 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: Feb 9 21:41:42 anak postfix/smtpd[3584852]: warning: unknown[5.166.68.89]: SASL LOGIN authentication failed: authentication failure Feb 9 21:51:35 anak postfix/smtpd[3587459]: warning: unknown[5.166.68.89]: SASL PLAIN authentication failed: authentication failure show less	Port Scan
rd1742	2025-02-09 17:58:29 (7 hours ago)	Feb 9 17:58:28 quad dovecot: auth-worker(1856478): sql(office,5.166.68.89): unknown user	Brute-Force Exploited Host
Anonymous	2025-02-09 17:52:56 (7 hours ago)	Feb 9 18:52:55 host postfix/smtpd\[23576\]: warning: unknown\[5.166.68.89\]: SASL PLAIN authentica ... show moreFeb 9 18:52:55 host postfix/smtpd\[23576\]: warning: unknown\[5.166.68.89\]: SASL PLAIN authentication failed: show less	Email Spam Brute-Force
mashamal	2025-02-09 16:20:47 (8 hours ago)	Fail2Ban - \[POSTFIX\]Dropped in one of \{SASL AUTH\},\{RBL\},\{DDOS\(PREGREET\)\},\{TOO MANY ERRORS ... show moreFail2Ban - \[POSTFIX\]Dropped in one of \{SASL AUTH\},\{RBL\},\{DDOS\(PREGREET\)\},\{TOO MANY ERRORS\},\{ADDRESS REJECTED\} ... show less	Hacking
antihack.anarchista.xyz	2025-02-09 15:15:04 (9 hours ago)	2025-02-09 15:15:03 dovecot_login authenticator failed for (5x166x68x89.dynamic.barnaul.ertelecom.ru ... show more2025-02-09 15:15:03 dovecot_login authenticator failed for (5x166x68x89.dynamic.barnaul.ertelecom.ru) [5.166.68.89]: 535 Incorrect authentication data ([email protected]) 2025-02-09 15:15:03 dovecot_login authenticator failed for (5x166x68x89.dynamic.barnaul.ertelecom.ru) [5.166.68.89]: 535 Incorrect authentication data ([email protected]) ... show less	Fraud Orders Phishing Email Spam
odenwald.social (Abuse reporting)	2025-02-09 14:05:28 (11 hours ago)	Fail2Ban: Mail-Server	Port Scan Brute-Force