37.104.2.221 - IPInfo

Basic Info

City: Riyadh

Region: Riyadh Region

Country: Saudi Arabia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
37.104.210.184	attack	$f2bV_matches	2020-03-20 19:33:04
37.104.252.43	attackspambots	Jul 18 03:27:13 server postfix/smtpd[19730]: NOQUEUE: reject: RCPT from unknown[37.104.252.43]: 554 5.7.1 Service unavailable; Client host [37.104.252.43] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/37.104.252.43; from= to= proto=ESMTP helo=<[37.104.252.43]>	2019-07-18 11:10:31
37.104.247.12	attackspambots	Lines containing failures of 37.104.247.12 Jul 13 16:56:54 mellenthin postfix/smtpd[5323]: connect from unknown[37.104.247.12] Jul x@x Jul 13 16:56:54 mellenthin postfix/smtpd[5323]: lost connection after DATA from unknown[37.104.247.12] Jul 13 16:56:54 mellenthin postfix/smtpd[5323]: disconnect from unknown[37.104.247.12] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.104.247.12	2019-07-14 07:38:58
37.104.227.44	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 02:31:21,951 INFO [amun_request_handler] PortScan Detected on Port: 445 (37.104.227.44)	2019-07-11 16:23:07
37.104.236.29	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(06240931)	2019-06-25 06:02:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 37.104.2.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52184
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;37.104.2.221.			IN	A

;; AUTHORITY SECTION:
.			132	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020200 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 02 17:50:35 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 221.2.104.37.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.2.104.37.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
206.189.143.219	attackspambots	Jun 6 19:23:33 debian-2gb-nbg1-2 kernel: \[13722961.406600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=206.189.143.219 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=51264 PROTO=TCP SPT=59338 DPT=20822 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 02:25:52
58.188.221.13	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 17621 17621	2020-06-07 02:22:49
128.14.180.110	attack	TCP (SYN) 128.14.180.110:53165 -> port 27017, len 44	2020-06-07 02:07:24
208.100.26.228	attackspambots	scans once in preceeding hours on the ports (in chronological order) 2082 resulting in total of 1 scans from 208.100.0.0/18 block.	2020-06-07 02:16:47
121.254.125.211	attackbots	Brute-force attempt banned	2020-06-07 02:21:27
104.194.11.173	attackbotsspam	port	2020-06-07 02:14:59
222.186.61.116	attack	TCP (SYN) 222.186.61.116:54301 -> port 1080, len 40	2020-06-07 02:24:42
176.113.115.41	attack	TCP (SYN) 176.113.115.41:44282 -> port 8333, len 40	2020-06-07 02:43:44
222.186.173.154	attackspam	Jun 6 20:07:42 santamaria sshd\[24058\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Jun 6 20:07:44 santamaria sshd\[24058\]: Failed password for root from 222.186.173.154 port 3414 ssh2 Jun 6 20:07:54 santamaria sshd\[24058\]: Failed password for root from 222.186.173.154 port 3414 ssh2 ...	2020-06-07 02:08:22
185.176.27.2	attackbots	Jun 6 20:06:38 debian-2gb-nbg1-2 kernel: \[13725546.507646\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.2 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=62807 PROTO=TCP SPT=8080 DPT=60016 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 02:36:11
51.159.88.2	attackspambots	scans 2161 times in preceeding hours on the ports (in chronological order) 41848 41849 41850 41851 41852 41853 41854 41855 41856 41857 41858 41859 41861 41862 41863 41864 41865 41866 41867 41868 41869 41870 41872 41873 41874 41875 41876 41877 41878 41879 41880 41881 41882 41885 41886 41887 41889 41890 41891 41892 41893 41894 41895 41896 41897 41898 41899 41900 41901 41902 41903 41905 41906 41907 41908 41909 41910 41911 41912 41913 41914 41915 41916 41917 41918 41919 41920 41923 41925 41926 41927 41928 41929 41930 41932 41933 41934 41935 41936 41939 41940 41942 41943 41944 41945 41946 41947 41948 41949 41950 41951 41952 41953 41954 41955 41956 41957 41958 41959 41961 41962 41963 41964 41966 41967 41968 41969 41970 41971 41972 41973 41974 41975 41977 41978 41980 41981 41983 41985 41986 41987 41988 41991 41992 41993 41994 41995 41996 41997 41998 41999 42001 42002 42003 42004 42005 42006 42009 42011 42012 42013 42014 42015 42016 42017 42018 42019 42020 42021 42022 42023 42024 42025 42026 42260 42261 42262 42264 4	2020-06-07 02:23:05
45.95.168.133	attackspambots	45.95.168.133 - - [06/Jun/2020:21:43:52 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-06-07 02:10:39
185.39.11.39	attackspam	TCP (SYN) 185.39.11.39:52464 -> port 40030, len 44	2020-06-07 02:40:33
194.26.29.117	attackspam	scans 36 times in preceeding hours on the ports (in chronological order) 10265 10384 10691 10574 10551 10482 10960 10702 10556 10407 10470 10477 10725 10242 10625 10038 10183 10494 10505 10411 10780 10402 10711 10792 10602 10552 10982 10511 10361 10734 10788 10010 10747 10628 10394 10142 resulting in total of 612 scans from 194.26.29.0/24 block.	2020-06-07 02:30:54
180.76.167.221	attackbots	Jun 6 18:11:49 buvik sshd[22219]: Failed password for root from 180.76.167.221 port 57396 ssh2 Jun 6 18:15:32 buvik sshd[22676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.221 user=root Jun 6 18:15:34 buvik sshd[22676]: Failed password for root from 180.76.167.221 port 52944 ssh2 ...	2020-06-07 02:04:40

Recently Reported IPs

43.151.244.91	6.54.178.234	55.92.162.59	206.189.145.43
219.148.217.51	111.223.143.245	48.169.178.86	76.62.49.66
85.125.127.19	206.189.145.34	18.184.97.222	5.3.67.121
214.17.74.17	34.122.210.145	170.128.91.150	177.199.16.186
100.207.28.92	41.21.228.55	103.154.20.176	240.98.252.71