5.4.3.1 Threat Intelligence and Host Information

Nov 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 5.4.3.1 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: lashback_ubl, stopforumspam_365d

  • Country: Germany
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: Anonymous Proxy
  • Passive DNS Results: pubmmr-zktvfmglmplxuskf.coreyarthur.zoomonprem.com

Malware Detected on Host

Count: 8 64be1332d1bf602aaf709d30475c3d117f715d030f1c38dee4e7afa6fa0a8523 ba563dfaf572aa5b981043af3f164a09f16a2cf445498d52b299d18bb37ce904 91791f8c459f32dc9bf6ec9f7ee157e322b252bc74b1142705dcc74fe8eced7e 50ab75a7c8685f9a87b5b9eb7927ccb7c069f42fb7427566628969acdf42b345 531f6cb76127ead379d0315a7ef1a3fc61d8fff1582aa6e4f77cc73259b3e1f2 85e439e13bcd714b966c6f4cea0cedf513944ca13523c7b0c4448fdebc240be2 43dcf8eea02b7286ba481ca84ec1b4d9299ba5db293177ff0a28231b36600a22 6c7fbbf6f633ec993dde82422f6c3732cdaa19d948009e466329bbebe809281a

Map

Whois Information

  • inetnum: 5.4.0.0 - 5.7.255.255
  • netname: DE-MEDIAWAYS-20120425
  • country: DE
  • org: ORG-TDG4-RIPE
  • admin-c: MWH6-RIPE
  • tech-c: MWH6-RIPE
  • status: ALLOCATED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: MDA-Z
  • mnt-lower: MDA-Z
  • mnt-routes: MDA-Z
  • created: 2012-04-25T06:13:17Z
  • last-modified: 2018-07-30T09:52:34Z
  • organisation: ORG-TDG4-RIPE
  • org-name: Telefonica Germany GmbH & Co.OHG
  • country: DE
  • org-type: LIR
  • address: Georg-Brauchle-Ring 50
  • address: 80992
  • address: München
  • address: GERMANY
  • phone: +498924420
  • admin-c: RCM25-RIPE
  • admin-c: DK9212-RIPE
  • abuse-c: MWH6-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: MDA-Z
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: MDA-Z
  • created: 2004-04-17T12:45:50Z
  • last-modified: 2024-04-30T04:43:21Z
  • role: mediaWays Hostmaster
  • address: Telefonica Germany GmbH & Co. OHG
  • address: Georg-Brauchle-Ring 50
  • address: 80992 Muenchen
  • address: DE
  • phone: +498924420
  • fax-no: +49892442198224
  • abuse-mailbox: abuse.de@telefonica.com
  • admin-c: DK9212-RIPE
  • admin-c: RCM25-RIPE
  • tech-c: TG819-RIPE
  • tech-c: ASZ-RIPE
  • nic-hdl: MWH6-RIPE
  • mnt-by: MDA-Z
  • created: 2001-11-06T10:42:25Z
  • last-modified: 2022-03-31T09:18:07Z
  • route: 5.4.0.0/14
  • descr: Telefonica Germany GmbH & Co. OHG
  • origin: AS6805
  • mnt-by: MDA-Z
  • created: 2018-08-08T09:03:25Z
  • last-modified: 2018-08-08T09:13:47Z

Links to attack logs

anonymous-proxy-ip-list-2025-06-21 anonymous-proxy-ip-list-2025-06-23 ****** anonymous-proxy-ip-list-2025-04-10 anonymous-proxy-ip-list-2025-04-16 anonymous-proxy-ip-list-2025-04-12 bruteforce-files-list-2020-07-22 anonymous-proxy-ip-list-2025-04-11 anonymous-proxy-ip-list-2025-06-18 bruteforce-files-list-2021-04-13 anonymous-proxy-ip-list-2025-06-20 anonymous-proxy-ip-list-2025-04-13 anonymous-proxy-ip-list-2025-04-15 bruteforce-files-list-2020-12-05 anonymous-proxy-ip-list-2025-06-19 ****** ******

Share on: