37.120.169.252 Threat Intelligence and Host Information

Nov 11, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 37.120.169.252 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 25/100

Host and Network Information

  • Country: Germany
  • Network:
  • Noticed: 5 times
  • Protocols Attacked: Anonymous Proxy
  • Passive DNS Results: nginx-temp.playground.0352119.xyz uptimekuma.playground.0352119.xyz strapi.wesselvandera.com wesselvandera.com encephalon.de postbox.one www.grunix.de

Malware Detected on Host

Count: 12 968383d2aede46a6a62e7d0aa89a78f5e7070176b7999bc4fbed3cae327adeba ccc4e0e751bc7c1f0cf1ec46bcc6b627adb93f6d4428b87401097b090135a147 bec6b87763b6440dd84a10c7c9d417dc77fc9fbbd560fd9c5fd46a213041ea98 1ea6e228b98c2b1d1fcd3e10c40119cec7ccdc63d256b29ad81800d5b61ba1d1 b472aec8c63a88f49e0efa6fbbad0c82a1c9d96551c6300b237fd92675385b86 980ece95da9895a4fe36bfb8b0d57e858c4966cef2a2dc5c48a3ce4608fce698 94fe0e8a61c506fba45d14571a14dc259e1d52778cef8366ce8cbdcd871e28db 158b8515e21689349ae74e8c79afa61ff8c075949881c74844293f076e5103d4 481b9cbf2fc2079ffd1f43152fa6e4e8169302eff10a7a608f16be1f11cdf772 cd7096bb4f04b6f5ee1ed19417f3d90a5b781240ce60822bba2d9cddd4cb15a4

Open Ports Detected

22 443 80 9001

Map

Whois Information

  • inetnum: 37.120.168.0 - 37.120.171.255
  • netname: NETCUP_NET-14
  • org: ORG-nG51-RIPE
  • descr: netcup GmbH
  • country: DE
  • admin-c: OW395-RIPE
  • tech-c: OW395-RIPE
  • status: ASSIGNED PA
  • mnt-by: NETCUP-MNT
  • created: 2014-09-22T14:53:00Z
  • last-modified: 2014-09-22T14:53:00Z
  • organisation: ORG-nG51-RIPE
  • org-name: netcup GmbH
  • country: DE
  • org-type: LIR
  • address: Daimlerstrasse 25
  • address: 76185
  • address: Karlsruhe
  • address: GERMANY
  • phone: +4972175407550
  • fax-no: +4972175407559
  • admin-c: OW395-RIPE
  • abuse-c: NA4042-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: NETCUP-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: NETCUP-MNT
  • created: 2010-11-03T10:05:19Z
  • last-modified: 2020-12-16T12:52:13Z
  • person: Oliver Werner
  • address: netcup GmbH
  • address: Daimlerstrasse 25
  • address: 76185 Karlsruhe
  • phone: +49721 75407550
  • nic-hdl: OW395-RIPE
  • mnt-by: NETCUP-MNT
  • created: 2010-11-03T14:34:38Z
  • last-modified: 2017-10-30T22:11:28Z
  • route: 37.120.160.0/20
  • origin: AS197540
  • mnt-by: NETCUP-MNT
  • mnt-by: ANEXIA-MNT
  • created: 2025-08-04T11:18:56Z
  • last-modified: 2025-08-04T11:18:56Z

Links to attack logs

anonymous-proxy-ip-list-2025-11-10

Share on: