37.252.69.104 - IPInfo

Basic Info

City: Yerevan

Region: Yerevan

Country: Armenia

Internet Service Provider: Ucom LLC

Hostname: unknown

Organization: Ucom LLC

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	TCP (SYN) 37.252.69.104:52254 -> port 1433, len 40	2020-05-20 07:14:46
attackspambots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(04301449)	2020-05-01 00:28:42
attackbotsspam	Honeypot attack, port: 445, PTR: host-104.69.252.37.ucom.am.	2020-02-11 17:50:28
attack	Honeypot attack, port: 445, PTR: host-104.69.252.37.ucom.am.	2020-01-14 13:25:19

Comments on same subnet:

IP	Type	Details	Datetime
37.252.69.10	attack	Telnetd brute force attack detected by fail2ban	2020-02-23 09:30:40
37.252.69.92	attackbotsspam	unauthorized connection attempt	2020-01-09 18:08:41

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.252.69.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24307
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;37.252.69.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 13:27:23 CST 2019
;; MSG SIZE  rcvd: 117

Host info

104.69.252.37.in-addr.arpa domain name pointer host-104.69.252.37.ucom.am.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
104.69.252.37.in-addr.arpa	name = host-104.69.252.37.ucom.am.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.113.70.106	attackspambots	2019-08-18 20:42:18,563 [snip] proftpd[14113] [snip] (116.113.70.106[116.113.70.106]): USER root: no such user found from 116.113.70.106 [116.113.70.106] to ::ffff:[snip]:22 2019-08-18 20:42:20,740 [snip] proftpd[14117] [snip] (116.113.70.106[116.113.70.106]): USER root: no such user found from 116.113.70.106 [116.113.70.106] to ::ffff:[snip]:22 2019-08-18 20:42:22,909 [snip] proftpd[14120] [snip] (116.113.70.106[116.113.70.106]): USER root: no such user found from 116.113.70.106 [116.113.70.106] to ::ffff:[snip]:22[...]	2019-08-19 02:46:51
41.75.122.30	attackbotsspam	Automatic report - Banned IP Access	2019-08-19 02:48:54
180.250.248.39	attack	Aug 18 14:16:24 XXX sshd[12250]: Invalid user oraprod from 180.250.248.39 port 43716	2019-08-19 02:19:29
61.177.172.128	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-08-19 02:35:02
182.16.173.210	attackbots	Mail sent to address hacked/leaked from Last.fm	2019-08-19 02:52:21
51.255.160.188	attack	Aug 18 13:00:17 work-partkepr sshd\[12790\]: Invalid user hadoop from 51.255.160.188 port 46828 Aug 18 13:00:17 work-partkepr sshd\[12790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.160.188 ...	2019-08-19 02:47:58
176.110.255.180	attackspam	:	2019-08-19 02:18:17
149.129.252.83	attack	Aug 18 23:56:15 webhost01 sshd[26923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.252.83 Aug 18 23:56:17 webhost01 sshd[26923]: Failed password for invalid user vijayaraj from 149.129.252.83 port 60666 ssh2 ...	2019-08-19 02:18:39
109.74.57.201	attackbotsspam	Aug 18 20:41:28 localhost sshd\[20728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.74.57.201 user=root Aug 18 20:41:29 localhost sshd\[20728\]: Failed password for root from 109.74.57.201 port 43178 ssh2 Aug 18 20:45:40 localhost sshd\[21182\]: Invalid user paulb from 109.74.57.201 port 33546	2019-08-19 02:56:10
167.99.159.60	attack	Aug 18 04:52:21 web9 sshd\[23076\]: Invalid user voip from 167.99.159.60 Aug 18 04:52:21 web9 sshd\[23076\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.159.60 Aug 18 04:52:23 web9 sshd\[23076\]: Failed password for invalid user voip from 167.99.159.60 port 49634 ssh2 Aug 18 04:56:26 web9 sshd\[24026\]: Invalid user teamspeak from 167.99.159.60 Aug 18 04:56:26 web9 sshd\[24026\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.159.60	2019-08-19 02:36:13
189.126.192.106	attack	Unauthorized connection attempt from IP address 189.126.192.106 on Port 445(SMB)	2019-08-19 02:32:30
122.118.116.204	attack	23/tcp [2019-08-18]1pkt	2019-08-19 02:24:05
175.180.131.232	attack	Aug 18 17:32:18 marvibiene sshd[13170]: Invalid user belen from 175.180.131.232 port 38216 Aug 18 17:32:18 marvibiene sshd[13170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.180.131.232 Aug 18 17:32:18 marvibiene sshd[13170]: Invalid user belen from 175.180.131.232 port 38216 Aug 18 17:32:21 marvibiene sshd[13170]: Failed password for invalid user belen from 175.180.131.232 port 38216 ssh2 ...	2019-08-19 02:40:44
104.211.156.205	attackbotsspam	Aug 18 06:28:26 web9 sshd\[13523\]: Invalid user skkb from 104.211.156.205 Aug 18 06:28:26 web9 sshd\[13523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.156.205 Aug 18 06:28:28 web9 sshd\[13523\]: Failed password for invalid user skkb from 104.211.156.205 port 59428 ssh2 Aug 18 06:33:26 web9 sshd\[14588\]: Invalid user git from 104.211.156.205 Aug 18 06:33:26 web9 sshd\[14588\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.156.205	2019-08-19 02:56:44
124.81.107.149	attackbotsspam	Unauthorized connection attempt from IP address 124.81.107.149 on Port 445(SMB)	2019-08-19 02:16:46

Recently Reported IPs

99.248.252.236	134.140.19.241	104.206.128.78	206.35.8.153
80.216.12.110	203.115.101.106	111.135.131.31	70.134.33.17
151.70.71.77	78.228.171.24	126.15.149.57	216.121.128.121
40.246.121.125	142.93.240.92	190.201.10.239	159.147.58.235
92.61.180.5	148.231.63.89	117.94.120.133	31.173.18.129