80.89.137.54 - IPInfo

Basic Info

City: Omsk

Region: Omskaya Oblast'

Country: Russia

Internet Service Provider: JSC Zap-Sibtranstelecom

Hostname: unknown

Organization: JSC Zap-Sib TransTeleCom, Novosibirsk

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[SMTP/25/465/587 Probe] [SMTPD] RECEIVED: EHLO 0-1-2.org [SMTPD] SENT: 554 5.7.1 Rejected: IP FROM DNS for {0-1-2.org} diff. [* OpenProxy ] in stopforumspam:'listed [46 times]' in projecthoneypot:'listed' [Suspicious] in SpamCop:'listed' in sorbs:'listed [spam], [web]' in Unsubscore:'listed' in BlMailspike:'listed' (04271416)	2020-04-28 00:37:42
attackspambots	Brute Force	2020-03-29 08:58:59
attackspambots	2020-01-12 15:24:32 H=(gw-internet-as-sz.ll-ang.zsttk.ru) [80.89.137.54]:41270 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/80.89.137.54) 2020-01-12 15:24:32 H=(gw-internet-as-sz.ll-ang.zsttk.ru) [80.89.137.54]:41270 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/80.89.137.54) 2020-01-12 15:24:33 H=(gw-internet-as-sz.ll-ang.zsttk.ru) [80.89.137.54]:41270 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/80.89.137.54) ...	2020-01-13 08:02:24
attack	email spam	2019-12-17 16:30:23

Comments on same subnet:

IP	Type	Details	Datetime
80.89.137.214	attack	Brute force attack stopped by firewall	2020-04-05 10:06:29
80.89.137.210	attackbots	postfix	2020-03-10 18:01:03
80.89.137.210	attack	spam	2020-01-24 15:45:50
80.89.137.214	attack	80.89.137.214 has been banned for [spam] ...	2020-01-15 18:03:46
80.89.137.210	attack	email spam	2019-12-19 20:46:11
80.89.137.210	attack	Rude login attack (2 tries in 1d)	2019-11-10 04:15:20
80.89.137.210	attackbotsspam	postfix (unknown user, SPF fail or relay access denied)	2019-10-07 12:41:58

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.89.137.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 97
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.89.137.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 15 08:32:13 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 54.137.89.80.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.3, trying next server
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 54.137.89.80.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.66.177.104	attackspambots	Chat Spam	2019-09-17 01:10:11
138.197.147.233	attackbots	2019-09-15 15:57:15 server sshd[39581]: Failed password for invalid user radio from 138.197.147.233 port 34558 ssh2	2019-09-17 00:25:34
83.15.183.138	attack	Sep 16 16:15:59 localhost sshd\[105014\]: Invalid user sr from 83.15.183.138 port 25351 Sep 16 16:15:59 localhost sshd\[105014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.15.183.138 Sep 16 16:16:01 localhost sshd\[105014\]: Failed password for invalid user sr from 83.15.183.138 port 25351 ssh2 Sep 16 16:21:30 localhost sshd\[105228\]: Invalid user poczta from 83.15.183.138 port 46454 Sep 16 16:21:30 localhost sshd\[105228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.15.183.138 ...	2019-09-17 00:29:02
106.75.92.239	attack	T: f2b postfix aggressive 3x	2019-09-17 00:26:18
82.165.64.156	attack	2019-09-16T16:41:48.615558abusebot-8.cloudsearch.cf sshd\[30846\]: Invalid user selena from 82.165.64.156 port 55072	2019-09-17 01:11:34
112.196.165.66	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-09-17 00:46:40
78.188.34.108	attackspam	Automatic report - Port Scan Attack	2019-09-17 00:20:58
103.78.97.61	attackbots	Sep 16 12:16:45 XXXXXX sshd[51365]: Invalid user service from 103.78.97.61 port 60176	2019-09-17 00:34:42
77.32.181.240	attack	Sep 16 10:19:52 mailserver postfix/smtpd[75388]: warning: hostname newsletter.sinimo.fr does not resolve to address 77.32.181.240 Sep 16 10:19:52 mailserver postfix/smtpd[75388]: connect from unknown[77.32.181.240] Sep 16 10:19:52 mailserver postfix/smtpd[75388]: NOQUEUE: reject: RCPT from unknown[77.32.181.240]: 450 4.7.1 Client host rejected: cannot find your hostname, [77.32.181.240]; from= to=<[hidden]> proto=ESMTP helo= Sep 16 10:19:52 mailserver postfix/smtpd[75388]: lost connection after RCPT from unknown[77.32.181.240] Sep 16 10:19:52 mailserver postfix/smtpd[75388]: disconnect from unknown[77.32.181.240] Sep 16 10:20:52 mailserver postfix/smtpd[75511]: warning: hostname newsletter.sinimo.fr does not resolve to address 77.32.181.240 Sep 16 10:20:52 mailserver postfix/smtpd[75511]: connect from unknown[77.32.181.240] Sep 16 10:20:52 mailserver postfix/smtpd[75511]: NOQUEUE: reject: RCPT from unknown[77.32.181.240]: 450 4.7.1 Client host rejected: cann	2019-09-17 00:53:56
45.55.158.8	attackbotsspam	vps1:pam-generic	2019-09-17 01:12:35
62.210.162.83	attack	SIPVicious Scanner Detection, PTR: 62-210-162-83.rev.poneytelecom.eu.	2019-09-17 00:44:56
41.63.0.133	attackspambots	Sep 16 15:08:39 ns37 sshd[7537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.63.0.133	2019-09-17 01:00:41
180.126.171.53	attackbots	Unauthorized access to SSH at 16/Sep/2019:08:20:59 +0000.	2019-09-17 00:43:45
187.189.226.71	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/187.189.226.71/ MX - 1H : (27) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MX NAME ASN : ASN22884 IP : 187.189.226.71 CIDR : 187.189.226.0/24 PREFIX COUNT : 640 UNIQUE IP COUNT : 261120 WYKRYTE ATAKI Z ASN22884 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-17 00:59:51
211.20.181.113	attackbots	Chat Spam	2019-09-17 00:32:50

Recently Reported IPs

85.173.247.32	180.252.217.203	189.215.105.40	123.191.227.142
31.220.40.54	156.221.79.229	109.94.120.51	79.173.230.5
197.210.150.250	191.205.250.244	172.82.144.134	36.71.235.17
36.7.171.230	185.224.138.62	51.15.187.181	122.54.29.218
5.160.87.42	187.205.243.11	94.10.66.188	111.40.120.33