JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.40.54.130

89.40.54.130 was found in our database!

This IP was reported 651 times. Confidence of Abuse is 61%: ?

61%

ISP	Kar-Tel LLC
Usage Type	Fixed Line ISP
ASN	AS21299
Domain Name	beeline.kz
Country	🇰🇿 Kazakhstan
City	Satpayev, Ulytau Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.40.54.130

Whois 89.40.54.130

IP Abuse Reports for 89.40.54.130:

This IP address has been reported a total of 651 times from 87 distinct sources. 89.40.54.130 was first reported on November 28th 2020, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Birdo	2026-06-16 18:23:04 (1 day ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
🇺🇸 donarev419	2026-06-14 04:47:58 (4 days ago)	Port scan detected on port 445 (connection without data transfer)	Port Scan
🇺🇸 cwytech	2026-06-13 22:13:58 (4 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/global-exclusion-high.	Hacking
Anonymous	2026-06-13 18:55:35 (4 days ago)	Unauthorized connection to SMB port 445	Port Scan
🇬🇧 knock	2026-06-11 11:30:08 (6 days ago)	Knock-Knock honeypot brute-force: SMB (4 total hits)	Brute-Force
🇵🇱 nfsec.pl	2026-06-05 10:21:08 (1 week ago)	Detected: TCP scan on port: 445 with flags: SYN	Port Scan
🇦🇺 dyln	2026-06-04 22:04:08 (1 week ago)	Dyls honeypot brute-force: SMB (12 total hits)	Brute-Force
🇩🇪 Luhte	2026-06-02 15:02:08 (2 weeks ago)	Unsolicited TCP connection from 89.40.54.130 to port 0 at 2026-06-02T15:02:08Z. Source IP completed ... show more Unsolicited TCP connection from 89.40.54.130 to port 0 at 2026-06-02T15:02:08Z. Source IP completed three-way handshake to non-public service on this host. Detected by automated intrusion monitoring. show less	Port Scan Hacking
Anonymous	2026-05-30 06:24:45 (2 weeks ago)	2026-05-30T07:24:44.387801+01:00 vps kernel: [41862455.615504] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-30T07:24:44.387801+01:00 vps kernel: [41862455.615504] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=89.40.54.130 DST=54.37.14.118 LEN=52 TOS=0x00 PREC=0x00 TTL=105 ID=1987 DF PROTO=TCP SPT=63669 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇭🇰 pengpeng	2026-05-24 11:49:30 (3 weeks ago)	monitor: on ser162528253480 \| port: 445 \| ttl: 127 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on ser162528253480 \| port: 445 \| ttl: 127 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 IP Analyzer	2026-05-22 20:30:07 (3 weeks ago)	Unauthorized connection attempt from IP address 89.40.54.130 on Port 445(SMB)	Port Scan
🇬🇧 PeravixGroup	2026-05-20 07:25:57 (4 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 vtchost.com	2026-05-18 23:41:20 (4 weeks ago)	May 19 01:41:18 vtchost kernel: [59048.037916] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11 ... show more May 19 01:41:18 vtchost kernel: [59048.037916] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:2a:b3:08:00 SRC=89.40.54.130 DST=161.97.181.152 LEN=52 TOS=0x00 PREC=0x20 TTL=110 ID=27611 DF PROTO=TCP SPT=58577 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 IP Analyzer	2026-05-06 22:30:04 (1 month ago)	Unauthorized connection attempt from IP address 89.40.54.130 on Port 445(SMB)	Port Scan
🇬🇧 PeravixGroup	2026-05-05 22:11:51 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 651 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.230.168.174

🇺🇸 216.73.217.18

🇩🇪 213.209.159.241

🇸🇬 152.42.175.252

🇨🇳 140.205.208.197

🇨🇳 114.67.229.165

🇻🇳 103.163.215.131

🇺🇸 64.62.156.29

🇨🇳 60.188.58.133

🇭🇰 47.83.126.252

🇳🇱 45.148.10.141

🇬🇧 35.203.210.185

🇺🇸 216.73.217.154

🇮🇳 154.221.35.72

🇹🇭 150.95.27.209

🇰🇷 118.39.230.40

🇺🇸 76.12.128.249

🇳🇱 176.65.139.183

🇬🇷 172.120.71.201

🇺🇸 144.126.215.119