37.252.64.48 - IPInfo

Basic Info

City: Yerevan

Region: Yerevan

Country: Armenia

Internet Service Provider: Ucom LLC

Hostname: unknown

Organization: Ucom LLC

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	spam	2020-08-17 14:56:41
attack	Dovecot Invalid User Login Attempt.	2020-08-09 04:05:07
attackbots	37.252.64.48 has been banned for [spam] ...	2020-05-22 21:44:50
attackspam	email spam	2020-04-15 16:21:35
attackbotsspam	spam	2020-01-24 17:28:41
attack	2020-01-22 00:56:28 H=(host-48.64.252.37.ucom.am) [37.252.64.48]:43280 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.11, 127.0.0.4) (https://www.spamhaus.org/query/ip/37.252.64.48) 2020-01-22 00:56:29 H=(host-48.64.252.37.ucom.am) [37.252.64.48]:43280 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/query/ip/37.252.64.48) 2020-01-22 00:56:29 H=(host-48.64.252.37.ucom.am) [37.252.64.48]:43280 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4, 127.0.0.11) (https://www.spamhaus.org/query/ip/37.252.64.48) ...	2020-01-22 17:50:12
attack	37.252.64.48 has been banned for [spam] ...	2020-01-04 22:47:49
attackbots	SPF Fail sender not permitted to send mail for @ucom.am / Spam to target mail address hacked/leaked/bought from Kachingle	2019-12-19 20:49:40
attackspam	proto=tcp . spt=56002 . dpt=25 . (Found on Blocklist de Oct 13) (779)	2019-10-14 06:49:28

Comments on same subnet:

IP	Type	Details	Datetime
37.252.64.51	attackbotsspam	port 23	2020-06-25 20:09:38

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.252.64.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42580
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.252.64.48.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 21:07:47 +08 2019
;; MSG SIZE  rcvd: 116

Host info

48.64.252.37.in-addr.arpa domain name pointer host-48.64.252.37.ucom.am.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
48.64.252.37.in-addr.arpa	name = host-48.64.252.37.ucom.am.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.143.232.232	attackspam	Unauthorised access (Jul 9) SRC=188.143.232.232 LEN=40 TTL=248 ID=129 TCP DPT=445 WINDOW=1024 SYN	2019-07-10 00:33:51
83.111.151.245	attackspambots	Jul 9 11:47:19 server sshd\[180170\]: Invalid user toor from 83.111.151.245 Jul 9 11:47:19 server sshd\[180170\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.111.151.245 Jul 9 11:47:21 server sshd\[180170\]: Failed password for invalid user toor from 83.111.151.245 port 39106 ssh2 ...	2019-07-09 23:53:34
159.65.144.233	attack	Jul 9 18:37:58 bouncer sshd\[12793\]: Invalid user sonny from 159.65.144.233 port 36217 Jul 9 18:37:58 bouncer sshd\[12793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.144.233 Jul 9 18:38:00 bouncer sshd\[12793\]: Failed password for invalid user sonny from 159.65.144.233 port 36217 ssh2 ...	2019-07-10 00:58:01
147.135.130.39	attackbots	Port scan on 2 port(s): 139 445	2019-07-10 00:38:40
46.107.102.102	attack	$f2bV_matches	2019-07-10 01:10:04
60.250.74.210	attack	2019-07-09T20:40:56.414727enmeeting.mahidol.ac.th sshd\[21233\]: User root from 60-250-74-210.hinet-ip.hinet.net not allowed because not listed in AllowUsers 2019-07-09T20:40:56.540272enmeeting.mahidol.ac.th sshd\[21233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-250-74-210.hinet-ip.hinet.net user=root 2019-07-09T20:40:58.967570enmeeting.mahidol.ac.th sshd\[21233\]: Failed password for invalid user root from 60.250.74.210 port 47146 ssh2 ...	2019-07-10 00:10:52
24.103.159.166	attack	SMB Server BruteForce Attack	2019-07-10 00:58:38
14.183.40.132	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 16:30:39,260 INFO [shellcode_manager] (14.183.40.132) no match, writing hexdump (374aa0bbf68a2bd2b52c1d996ab04bfa :2050705) - MS17010 (EternalBlue)	2019-07-09 23:50:22
206.180.160.83	attackspam	19/7/9@09:41:38: FAIL: Alarm-Intrusion address from=206.180.160.83 ...	2019-07-09 23:49:21
202.74.72.194	attackbotsspam	2019-07-09T13:41:32.784343abusebot-4.cloudsearch.cf sshd\[25191\]: Invalid user admin from 202.74.72.194 port 1683	2019-07-09 23:52:24
185.53.88.47	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-10 00:28:23
46.101.27.6	attackspam	Jul 9 18:20:24 ns3367391 sshd\[10676\]: Invalid user ch from 46.101.27.6 port 35698 Jul 9 18:20:24 ns3367391 sshd\[10676\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.27.6 ...	2019-07-10 00:26:07
81.22.45.239	attack	09.07.2019 15:22:32 Connection to port 9832 blocked by firewall	2019-07-10 00:05:50
37.187.193.19	attack	Jul 9 17:43:27 srv03 sshd\[29295\]: Invalid user snake from 37.187.193.19 port 42306 Jul 9 17:43:27 srv03 sshd\[29295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.193.19 Jul 9 17:43:29 srv03 sshd\[29295\]: Failed password for invalid user snake from 37.187.193.19 port 42306 ssh2	2019-07-09 23:56:36
178.128.107.61	attackbots	Jul 9 18:10:46 hosting sshd[1620]: Invalid user glenn from 178.128.107.61 port 41993 Jul 9 18:10:46 hosting sshd[1620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.107.61 Jul 9 18:10:46 hosting sshd[1620]: Invalid user glenn from 178.128.107.61 port 41993 Jul 9 18:10:48 hosting sshd[1620]: Failed password for invalid user glenn from 178.128.107.61 port 41993 ssh2 Jul 9 18:17:08 hosting sshd[2006]: Invalid user dell from 178.128.107.61 port 55825 ...	2019-07-09 23:50:55

Recently Reported IPs

183.99.87.90	53.185.5.210	199.251.80.48	23.247.77.114
39.147.3.13	176.42.156.40	191.102.199.201	108.189.242.213
116.73.172.29	13.235.178.228	190.6.4.122	200.210.207.56
31.148.123.245	82.5.55.38	185.180.199.69	106.23.193.148
120.72.21.94	204.227.140.116	209.125.114.105	68.183.88.78