104.17.213.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.17.213.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45993
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.17.213.50.			IN	A

;; AUTHORITY SECTION:
.			177	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 18:29:44 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 50.213.17.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.213.17.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.231.146.34	attackspambots	Sep 7 01:56:16 ns308116 sshd[18824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.146.34 user=root Sep 7 01:56:19 ns308116 sshd[18824]: Failed password for root from 101.231.146.34 port 39328 ssh2 Sep 7 02:00:51 ns308116 sshd[13240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.146.34 user=root Sep 7 02:00:53 ns308116 sshd[13240]: Failed password for root from 101.231.146.34 port 42124 ssh2 Sep 7 02:05:20 ns308116 sshd[11674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.231.146.34 user=root ...	2020-09-07 19:47:44
92.81.222.217	attackspam	Tried sshing with brute force.	2020-09-07 19:57:50
61.153.71.98	attackspambots	Unauthorized connection attempt from IP address 61.153.71.98 on Port 445(SMB)	2020-09-07 20:03:20
85.193.110.103	attack	Tried our host z.	2020-09-07 19:59:40
177.38.32.145	attackbotsspam	Unauthorized connection attempt from IP address 177.38.32.145 on Port 445(SMB)	2020-09-07 20:04:56
121.204.120.214	attack	Sep 3 21:21:54 m3 sshd[22254]: Failed password for r.r from 121.204.120.214 port 54144 ssh2 Sep 3 21:35:50 m3 sshd[23812]: Invalid user sispac from 121.204.120.214 Sep 3 21:35:53 m3 sshd[23812]: Failed password for invalid user sispac from 121.204.120.214 port 52848 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=121.204.120.214	2020-09-07 19:53:10
95.85.30.24	attackbotsspam	Sep 7 08:20:32 abendstille sshd\[6439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.30.24 user=root Sep 7 08:20:34 abendstille sshd\[6439\]: Failed password for root from 95.85.30.24 port 58672 ssh2 Sep 7 08:26:09 abendstille sshd\[12227\]: Invalid user jumam from 95.85.30.24 Sep 7 08:26:09 abendstille sshd\[12227\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.30.24 Sep 7 08:26:11 abendstille sshd\[12227\]: Failed password for invalid user jumam from 95.85.30.24 port 33622 ssh2 ...	2020-09-07 20:01:02
170.80.10.104	attack	1599434931 - 09/07/2020 01:28:51 Host: 170.80.10.104/170.80.10.104 Port: 445 TCP Blocked	2020-09-07 19:42:54
180.242.234.6	attack	Unauthorized connection attempt from IP address 180.242.234.6 on Port 445(SMB)	2020-09-07 19:39:33
46.105.244.17	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-07T04:04:17Z and 2020-09-07T04:10:45Z	2020-09-07 19:37:20
139.162.116.133	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 139.162.116.133 (JP/-/scan-66.security.ipip.net): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/06 18:45:21 [error] 75202#0: 153186 [client 139.162.116.133] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159941072171.478932"] [ref "o0,14v21,14"], client: 139.162.116.133, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-07 20:06:17
180.164.58.165	attack	$f2bV_matches	2020-09-07 19:39:55
219.138.137.129	attack	DATE:2020-09-06 18:45:57, IP:219.138.137.129, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2020-09-07 19:26:52
188.3.218.83	attackbotsspam	Attempted connection to port 445.	2020-09-07 19:49:16
156.222.125.118	attackbotsspam	Attempted connection to port 23.	2020-09-07 19:50:59

Recently Reported IPs

104.17.213.26	104.17.213.65	217.19.170.127	235.28.200.162
104.174.169.11	104.175.75.252	104.179.165.163	104.18.0.106
104.18.0.141	104.18.0.37	104.18.0.49	104.18.0.78
104.18.1.106	22.92.251.136	104.18.1.141	104.18.1.37
104.18.1.49	104.18.1.78	104.18.10.132	104.18.10.146