212.34.240.82 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Armenia

Internet Service Provider: Ucom LLC

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 212.34.240.82 on Port 445(SMB)	2020-08-19 00:43:29

Comments on same subnet:

IP	Type	Details	Datetime
212.34.240.65	attackbots	TCP (SYN) 212.34.240.65:6000 -> port 139, len 44	2020-08-31 23:07:20
212.34.240.65	attackbots	TCP (SYN) 212.34.240.65:6000 -> port 139, len 40	2020-08-30 16:11:14
212.34.240.65	attackbotsspam	139/tcp 139/tcp 139/tcp... [2020-03-02/13]4pkt,1pt.(tcp)	2020-03-14 07:12:20
212.34.240.65	attackspam	Unauthorised access (Mar 5) SRC=212.34.240.65 LEN=40 TTL=113 ID=256 TCP DPT=139 WINDOW=16384 SYN Unauthorised access (Mar 4) SRC=212.34.240.65 LEN=40 TTL=110 ID=256 TCP DPT=139 WINDOW=16384 SYN Unauthorised access (Mar 3) SRC=212.34.240.65 LEN=40 TTL=111 ID=256 TCP DPT=139 WINDOW=16384 SYN Unauthorised access (Mar 2) SRC=212.34.240.65 LEN=40 TTL=113 ID=256 TCP DPT=139 WINDOW=16384 SYN	2020-03-05 13:05:26
212.34.240.65	attack	firewall-block, port(s): 139/tcp	2019-07-12 11:25:55
212.34.240.65	attack	Unauthorized connection attempt from IP address 212.34.240.65 on Port 139(NETBIOS)	2019-07-08 04:22:03

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.34.240.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26972
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.34.240.82.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed May 15 17:35:21 CST 2019
;; MSG SIZE  rcvd: 117

Host info

82.240.34.212.in-addr.arpa domain name pointer host-82.240.34.212.ucom.am.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
82.240.34.212.in-addr.arpa	name = host-82.240.34.212.ucom.am.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.234.12	attack	Sep 8 15:16:51 friendsofhawaii sshd\[3861\]: Invalid user teamspeak3 from 68.183.234.12 Sep 8 15:16:51 friendsofhawaii sshd\[3861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.234.12 Sep 8 15:16:53 friendsofhawaii sshd\[3861\]: Failed password for invalid user teamspeak3 from 68.183.234.12 port 53220 ssh2 Sep 8 15:23:00 friendsofhawaii sshd\[4342\]: Invalid user test1 from 68.183.234.12 Sep 8 15:23:00 friendsofhawaii sshd\[4342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.234.12	2019-09-09 09:37:29
93.62.44.28	attack	445/tcp 445/tcp [2019-08-26/09-08]2pkt	2019-09-09 09:42:16
187.162.28.67	attack	Automatic report - Port Scan Attack	2019-09-09 10:11:35
195.29.233.0	attack	Chat Spam	2019-09-09 09:24:35
42.56.25.49	attackbotsspam	Sep 8 22:57:09 srv206 sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.56.25.49 user=root Sep 8 22:57:11 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 Sep 8 22:57:14 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 Sep 8 22:57:09 srv206 sshd[5615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.56.25.49 user=root Sep 8 22:57:11 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 Sep 8 22:57:14 srv206 sshd[5615]: Failed password for root from 42.56.25.49 port 36786 ssh2 ...	2019-09-09 09:49:03
109.70.100.25	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-09-09 09:40:19
60.32.182.85	attack	Unauthorised access (Sep 8) SRC=60.32.182.85 LEN=44 TOS=0x10 PREC=0x40 TTL=238 ID=36193 TCP DPT=445 WINDOW=1024 SYN	2019-09-09 09:48:19
202.149.70.53	attackbotsspam	2019-09-09T00:40:17.142497abusebot-3.cloudsearch.cf sshd\[9249\]: Invalid user test from 202.149.70.53 port 36280	2019-09-09 09:15:32
201.201.150.18	attackspambots	445/tcp 445/tcp [2019-07-15/09-08]2pkt	2019-09-09 10:09:41
190.86.193.105	attack	445/tcp 445/tcp [2019-08-15/09-08]2pkt	2019-09-09 09:27:47
37.144.148.124	attackbotsspam	2019-09-08 14:28:38 H=37-144-148-124.broadband.corbina.ru [37.144.148.124]:57469 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/query/ip/37.144.148.124) 2019-09-08 14:28:39 H=37-144-148-124.broadband.corbina.ru [37.144.148.124]:57469 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.11, 127.0.0.4) (https://www.spamhaus.org/query/ip/37.144.148.124) 2019-09-08 14:28:39 H=37-144-148-124.broadband.corbina.ru [37.144.148.124]:57469 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.11, 127.0.0.4) (https://www.spamhaus.org/query/ip/37.144.148.124) ...	2019-09-09 09:32:29
218.98.40.136	attack	SSH Brute Force, server-1 sshd[27298]: Failed password for root from 218.98.40.136 port 15958 ssh2	2019-09-09 09:44:07
37.228.90.143	attack	23/tcp 23/tcp 23/tcp... [2019-07-14/09-08]10pkt,1pt.(tcp)	2019-09-09 10:04:02
116.9.2.84	attackspambots	Fail2Ban - FTP Abuse Attempt	2019-09-09 09:41:40
195.208.116.246	attackbotsspam	Sep 8 10:00:26 lcprod sshd\[10273\]: Invalid user appuser@123 from 195.208.116.246 Sep 8 10:00:26 lcprod sshd\[10273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.208.116.246 Sep 8 10:00:27 lcprod sshd\[10273\]: Failed password for invalid user appuser@123 from 195.208.116.246 port 51288 ssh2 Sep 8 10:04:21 lcprod sshd\[10747\]: Invalid user 123123 from 195.208.116.246 Sep 8 10:04:21 lcprod sshd\[10747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.208.116.246	2019-09-09 09:23:57

Recently Reported IPs

61.131.3.225	80.194.170.57	157.124.183.182	9.218.201.159
181.115.221.254	143.96.196.85	54.235.74.83	201.80.32.173
211.216.91.173	60.246.2.128	33.239.128.241	89.152.188.47
164.4.41.177	70.250.223.34	48.223.149.123	144.224.24.220
177.31.14.236	146.159.167.209	129.81.91.133	5.90.67.91