91.2.52.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.2.52.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24866
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;91.2.52.54.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020302 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 10:15:21 CST 2025
;; MSG SIZE  rcvd: 103

Host info

54.52.2.91.in-addr.arpa domain name pointer p5b023436.dip0.t-ipconnect.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.52.2.91.in-addr.arpa	name = p5b023436.dip0.t-ipconnect.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.180.25.152	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 19:20:48
157.230.89.133	attackbots	Scanned 1 times in the last 24 hours on port 22	2020-10-03 19:59:48
128.199.84.201	attackspambots	Invalid user apache from 128.199.84.201 port 48552	2020-10-03 19:42:06
94.180.25.5	attackspam	" "	2020-10-03 19:32:03
206.189.136.185	attackbots	Oct 3 05:55:19 ws19vmsma01 sshd[58825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.136.185 Oct 3 05:55:21 ws19vmsma01 sshd[58825]: Failed password for invalid user kk from 206.189.136.185 port 47484 ssh2 ...	2020-10-03 19:28:41
68.116.41.6	attackbotsspam	2020-10-03T17:35:41.563855hostname sshd[59542]: Failed password for invalid user xm from 68.116.41.6 port 52506 ssh2 ...	2020-10-03 19:56:28
106.12.46.179	attack	2020-10-03T07:32:45+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-03 19:40:37
61.148.56.158	attackspambots	SSH login attempts.	2020-10-03 19:48:50
190.3.118.163	attack	Port scan on 1 port(s): 445	2020-10-03 19:34:59
51.158.146.192	attackbots	(sshd) Failed SSH login from 51.158.146.192 (FR/France/51-158-146-192.rev.poneytelecom.eu): 5 in the last 3600 secs	2020-10-03 20:02:05
162.142.125.50	attack	[Sat Oct 03 17:47:25.195961 2020] [:error] [pid 10959:tid 140392171284224] [client 162.142.125.50:38322] [client 162.142.125.50] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X3hWveXmh9WfvxChEP5EpgAAAGA"] ...	2020-10-03 19:30:06
218.104.225.140	attack	Oct 3 13:41:48 server sshd[48698]: Failed password for invalid user torrent from 218.104.225.140 port 20099 ssh2 Oct 3 13:44:54 server sshd[49368]: Failed password for invalid user ventas from 218.104.225.140 port 1422 ssh2 Oct 3 13:46:40 server sshd[49765]: Failed password for invalid user al from 218.104.225.140 port 29937 ssh2	2020-10-03 19:59:28
103.141.174.130	attackbotsspam	srvr2: (mod_security) mod_security (id:920350) triggered by 103.141.174.130 (BD/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/02 22:33:37 [error] 142888#0: 187758 [client 103.141.174.130] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160167081795.491896"] [ref "o0,15v21,15"], client: 103.141.174.130, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-03 19:51:23
202.73.24.188	attackspambots	Oct 2 23:54:58 journals sshd\[77550\]: Invalid user internet from 202.73.24.188 Oct 2 23:54:58 journals sshd\[77550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.73.24.188 Oct 2 23:55:00 journals sshd\[77550\]: Failed password for invalid user internet from 202.73.24.188 port 45884 ssh2 Oct 2 23:55:18 journals sshd\[77574\]: Invalid user ian from 202.73.24.188 Oct 2 23:55:18 journals sshd\[77574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.73.24.188 ...	2020-10-03 19:33:34
194.87.138.33	attackbotsspam	DATE:2020-10-02 22:33:48, IP:194.87.138.33, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-10-03 19:46:24

Recently Reported IPs

54.23.161.253	31.34.67.1	198.237.120.150	93.248.223.98
208.249.75.219	236.200.219.165	75.110.141.134	36.202.116.255
250.188.255.76	68.216.237.223	195.107.12.237	131.86.52.143
107.37.242.59	186.135.166.118	187.222.230.205	62.13.61.189
197.86.186.186	245.32.18.79	216.32.172.37	73.226.189.14