5.4.65.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.4.65.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8728
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;5.4.65.52.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025121400 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 14 15:41:45 CST 2025
;; MSG SIZE  rcvd: 102

Host info

52.65.4.5.in-addr.arpa domain name pointer dynamic-005-004-065-052.5.4.pool.telefonica.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.65.4.5.in-addr.arpa	name = dynamic-005-004-065-052.5.4.pool.telefonica.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.190.129.146	attack	Detected by ModSecurity. Request URI: /bg/store/user/login/ip-redirect/	2020-10-01 01:48:33
95.169.6.47	attackspambots	Sep 30 15:19:35 lnxmail61 sshd[26976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.6.47	2020-10-01 01:56:40
141.98.9.166	attack	Sep 30 19:39:25 haigwepa sshd[15454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.166 Sep 30 19:39:27 haigwepa sshd[15454]: Failed password for invalid user admin from 141.98.9.166 port 38741 ssh2 ...	2020-10-01 01:57:15
79.26.255.37	attackbots	[TueSep2922:34:52.9577642020][:error][pid16879:tid47083658827520][client79.26.255.37:62446][client79.26.255.37]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"aress2030.ch"][uri"/wp-login.php"][unique_id"X3OabLBghjn50eqzQLf6-wAAAMA"][TueSep2922:34:54.2713512020][:error][pid21935:tid47083684042496][client79.26.255.37:62454][client79.26.255.37]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disa	2020-10-01 01:45:18
45.185.17.216	attackbots	Automatic report - Banned IP Access	2020-10-01 01:50:07
116.3.200.164	attackbotsspam	SSH Invalid Login	2020-10-01 01:34:22
36.79.249.145	attackbotsspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 36.79.249.145, Reason:[(sshd) Failed SSH login from 36.79.249.145 (ID/Indonesia/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-10-01 01:54:59
165.227.1.187	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "ts" at 2020-09-30T16:18:09Z	2020-10-01 02:08:38
213.217.0.184	attackbots	IP 213.217.0.184 attacked honeypot on port: 80 at 9/29/2020 10:33:45 PM	2020-10-01 01:44:27
161.35.99.173	attackbots	Sep 30 17:38:17 mavik sshd[30603]: Invalid user vboxuser from 161.35.99.173 Sep 30 17:38:17 mavik sshd[30603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.99.173 Sep 30 17:38:18 mavik sshd[30603]: Failed password for invalid user vboxuser from 161.35.99.173 port 53774 ssh2 Sep 30 17:40:47 mavik sshd[30755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.99.173 user=root Sep 30 17:40:49 mavik sshd[30755]: Failed password for root from 161.35.99.173 port 46738 ssh2 ...	2020-10-01 01:41:06
1.160.127.117	attack	Port probing on unauthorized port 445	2020-10-01 01:51:34
165.22.115.137	attackspam	165.22.115.137 - - [30/Sep/2020:17:57:35 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.115.137 - - [30/Sep/2020:17:57:36 +0100] "POST /wp-login.php HTTP/1.1" 200 2230 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.115.137 - - [30/Sep/2020:17:57:37 +0100] "POST /wp-login.php HTTP/1.1" 200 2235 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 01:40:39
49.232.100.132	attack	Sep 30 18:29:55 xeon sshd[63680]: Failed password for invalid user administrator from 49.232.100.132 port 52968 ssh2	2020-10-01 01:37:54
2a0c:3b80:5b00:160::109a	attackbots	Received: from static50.highspeedmode.com ([2a0c:3b80:5b00:160::109a]) 4b42.com	2020-10-01 02:04:10
95.61.1.228	attackspam	CMS (WordPress or Joomla) login attempt.	2020-10-01 01:36:08

Recently Reported IPs

150.149.67.90	57.125.215.4	108.41.81.12	255.178.214.106
177.66.209.155	230.76.53.31	23.214.207.203	167.22.15.21
38.206.188.96	253.254.143.200	199.87.80.133	56.111.57.74
85.46.250.160	143.42.82.206	162.58.36.147	172.134.103.83
95.162.53.21	47.95.199.5	204.17.75.252	116.219.12.38