JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 65.20.150.52

65.20.150.52 was found in our database!

This IP was reported 73 times. Confidence of Abuse is 89%: ?

89%

ISP	Earthlink Telecommunications Equipment Trading & Services DMCC
Usage Type	Fixed Line ISP
ASN	AS203214
Domain Name	earthlink.iq
Country	🇮🇶 Iraq
City	Baghdad, Baghdad

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 65.20.150.52

Whois 65.20.150.52

IP Abuse Reports for 65.20.150.52:

This IP address has been reported a total of 73 times from 39 distinct sources. 65.20.150.52 was first reported on November 30th 2025, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 joe-abuse	2026-06-24 01:32:20 (7 hours ago)	Automated report from fail2ban on mail.fitzgerald.eu. Jail: dovecot. First seen: 2026-06-22 03:30:05 ... show more Automated report from fail2ban on mail.fitzgerald.eu. Jail: dovecot. First seen: 2026-06-22 03:30:05. Events: 22. Reported by ipdb-security/fitzgerald.eu show less	Brute-Force
🇩🇪 FeG Deutschland	2026-06-23 07:32:12 (1 day ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇳🇱 maxxsense	2026-06-22 06:14:03 (2 days ago)	65.20.150.52 (IQ/Iraq/-), 12 distributed pop3d attacks on account [redacted]	Brute-Force
🇦🇹 joe-abuse	2026-06-22 01:39:39 (2 days ago)	Automated report from fail2ban on mail.fitzgerald.eu. Jail: dovecot. First seen: 2026-06-21 08:30:04 ... show more Automated report from fail2ban on mail.fitzgerald.eu. Jail: dovecot. First seen: 2026-06-21 08:30:04. Events: 9. Reported by ipdb-security/fitzgerald.eu show less	Brute-Force
🇦🇹 joe-abuse	2026-06-21 08:27:53 (3 days ago)	2026-06-21T10:27:53.377331+02:00 ucs1 dovecot: auth: pam([email protected],65.20.150.52,< ... show more 2026-06-21T10:27:53.377331+02:00 ucs1 dovecot: auth: pam([email protected],65.20.150.52,<96tTTb9UFrlBFJY0>): unknown user (given password: w35QkUPwSnqN.MJ) ... show less	Brute-Force
🇮🇩 aaKenshin	2026-06-18 00:53:34 (6 days ago)	Suspicious activity detected from IP 65.20.150.52 based on mailserver logs. Sample logs: 2026-06-18 ... show more Suspicious activity detected from IP 65.20.150.52 based on mailserver logs. Sample logs: 2026-06-18 08:53:34,119 INFO [ImapServer-3148] [ip=172.16.0.182;oip=65.20.150.52;via=172.16.0.182(nginx/1.24.0);ua=Zimbra/24.9.7_ZEXTRAS_202410;cid=3604;] account - Error occurred during authentication: authentication failed for []. Reason: LDAP error: - unable to ldap authenticate: invalid credentials. 2026-06-18 08:53:34,119 INFO [ImapServer-3148] [ip=172.16.0.182;oip=65.20.150.52;via=172.16.0.182(nginx/1.24.0);ua=Zimbra/24.9.7_ZEXTRAS_202410;cid=3604;] imap - AUTHENTICATE elapsed=1 (NIO) 2026-06-18 08:53:34,120 INFO [ImapServer-3147] [ip=172.16.0.182;oip=65.20.150.52;via=172.16.0.182(nginx/1.24.0);ua=Zimbra/24.9.7_ZEXTRAS_202410;cid=3603;] imap - authentication failed for [] (LDAP error: - unable to ldap authenticate: invalid credentials) 2026-06-18 08:53:34,120 INFO [ImapServer-3147] [ip=172.16.0.182;oip=65.20.150.52;via=172.16.0.182(nginx/1.24.0);ua=Zimbra/24.9.7_ZEXTRAS_202410;cid=3 show less	Brute-Force
Anonymous	2026-06-17 15:57:18 (6 days ago)	Authentication failure	Brute-Force
🇷🇴 INTEQ	2026-06-17 03:08:43 (1 week ago)	Brute force attack from 65.20.150.52	Brute-Force
🇷🇴 gtheo99	2026-06-16 08:25:14 (1 week ago)	(imapd) Failed IMAP login from 65.20.150.52 (IQ/Iraq/-): 3 in the last 900 secs	Brute-Force Email Spam
🇷🇴 INTEQ	2026-06-13 10:04:20 (1 week ago)	Brute force attack from 65.20.150.52	Brute-Force
Anonymous	2026-06-13 00:07:18 (1 week ago)	2 Login Attempts	Port Scan Brute-Force
🇩🇪 FeG Deutschland	2026-06-12 20:18:32 (1 week ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇬🇧 Hobby Bob	2026-06-08 15:02:01 (2 weeks ago)	Jun 8 16:02:01 mail dovecot: imap-login: Disconnected: Connection closed (auth failed, 1 attempts in ... show more Jun 8 16:02:01 mail dovecot: imap-login: Disconnected: Connection closed (auth failed, 1 attempts in 3 secs): user=, method=PLAIN, rip=65.20.150.52, lip=X.X.X.X session= show less	Port Scan Hacking
🇩🇪 R.G.	2026-06-08 15:01:29 (2 weeks ago)	65.20.150.52 (IQ/Iraq/-), 10 distributed imapd attacks on account [cloacked] in the last 900 secs; P ... show more 65.20.150.52 (IQ/Iraq/-), 10 distributed imapd attacks on account [cloacked] in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Jun 8 16:58:46 dovecot[557752]: imap-login: Login aborted: Connection closed (auth failed, 1 attempts in 4 secs) (auth_failed): user=[cloacked] metho show less	Brute-Force
Anonymous	2026-06-08 14:45:07 (2 weeks ago)	2026-06-08T16:45:07.498951+02:00 soli-gate cyrus/imaps[2015485]: badlogin: [65.20.150.52] plaintext ... show more 2026-06-08T16:45:07.498951+02:00 soli-gate cyrus/imaps[2015485]: badlogin: [65.20.150.52] plaintext ([email protected]) [SASL(-13): authentication failure: checkpass failed] ... show less	Brute-Force

Showing 1 to 15 of 73 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.248.209

🇲🇩 194.213.8.168

🇫🇷 158.220.105.179

🇸🇬 152.42.174.185

🇨🇲 102.244.155.44

🇩🇪 51.89.47.4

🇨🇳 220.179.87.203

🇿🇦 197.101.95.37

🇧🇩 165.101.100.23

🇩🇪 151.243.11.35

🇺🇸 138.197.201.238

🇺🇸 129.121.102.3

🇨🇳 118.31.72.139

🇨🇳 14.103.111.167

🇷🇺 178.20.44.140

🇧🇷 177.11.196.84

🇭🇰 152.32.135.217

🇨🇳 114.237.82.198

🇱🇹 62.60.130.219

🇺🇸 54.152.163.42