50.16.104.72 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 50.16.104.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10760
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;50.16.104.72.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022100602 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 07 08:35:42 CST 2022
;; MSG SIZE  rcvd: 105

Host info

72.104.16.50.in-addr.arpa domain name pointer ec2-50-16-104-72.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.104.16.50.in-addr.arpa	name = ec2-50-16-104-72.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.99.10.162	attackbots	167.99.10.162 - - [08/Sep/2020:10:01:59 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.99.10.162 - - [08/Sep/2020:10:02:05 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.99.10.162 - - [08/Sep/2020:10:02:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-08 16:50:28
5.62.20.21	attackspambots	0,53-03/06 [bc01/m62] PostRequest-Spammer scoring: essen	2020-09-08 16:53:46
49.235.146.95	attackspam	SSH Brute-Force attacks	2020-09-08 16:28:32
93.107.187.162	attack	Sep 8 00:09:33 h1745522 sshd[5552]: Invalid user ubuntu from 93.107.187.162 port 35200 Sep 8 00:09:33 h1745522 sshd[5552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.107.187.162 Sep 8 00:09:33 h1745522 sshd[5552]: Invalid user ubuntu from 93.107.187.162 port 35200 Sep 8 00:09:35 h1745522 sshd[5552]: Failed password for invalid user ubuntu from 93.107.187.162 port 35200 ssh2 Sep 8 00:12:57 h1745522 sshd[6777]: Invalid user nologin from 93.107.187.162 port 39828 Sep 8 00:12:57 h1745522 sshd[6777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.107.187.162 Sep 8 00:12:57 h1745522 sshd[6777]: Invalid user nologin from 93.107.187.162 port 39828 Sep 8 00:12:58 h1745522 sshd[6777]: Failed password for invalid user nologin from 93.107.187.162 port 39828 ssh2 Sep 8 00:16:23 h1745522 sshd[9883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.107.187.162 ...	2020-09-08 16:44:40
185.162.130.177	attackspambots	Honeypot attack, port: 445, PTR: familyhealthies.nl.	2020-09-08 17:01:22
120.131.3.91	attackspambots	SIP/5060 Probe, BF, Hack -	2020-09-08 16:32:59
185.53.168.96	attack	Sep 8 08:24:49 root sshd[13166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.53.168.96 Sep 8 08:24:51 root sshd[13166]: Failed password for invalid user mqm from 185.53.168.96 port 41089 ssh2 ...	2020-09-08 17:02:38
80.4.110.71	attackspambots	Sep 7 18:19:15 mx sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.4.110.71 Sep 7 18:19:17 mx sshd[11941]: Failed password for invalid user pi from 80.4.110.71 port 52002 ssh2	2020-09-08 16:31:30
177.159.116.210	attackbots	(sshd) Failed SSH login from 177.159.116.210 (BR/Brazil/patrimonio.pinhais.pr.gov.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 8 05:53:31 s1 sshd[9979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.159.116.210 user=root Sep 8 05:53:33 s1 sshd[9979]: Failed password for root from 177.159.116.210 port 35348 ssh2 Sep 8 06:08:32 s1 sshd[11083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.159.116.210 user=root Sep 8 06:08:35 s1 sshd[11083]: Failed password for root from 177.159.116.210 port 56166 ssh2 Sep 8 06:12:18 s1 sshd[11393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.159.116.210 user=root	2020-09-08 17:02:13
192.241.231.22	attack	Port scan denied	2020-09-08 16:21:25
179.57.206.66	attackspambots	Sep 7 18:52:26 pl3server sshd[7544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.57.206.66 user=r.r Sep 7 18:52:27 pl3server sshd[7546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.57.206.66 user=r.r Sep 7 18:52:28 pl3server sshd[7544]: Failed password for r.r from 179.57.206.66 port 37472 ssh2 Sep 7 18:52:28 pl3server sshd[7544]: Connection closed by 179.57.206.66 port 37472 [preauth] Sep 7 18:52:28 pl3server sshd[7546]: Failed password for r.r from 179.57.206.66 port 37540 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.57.206.66	2020-09-08 16:21:05
94.102.51.29	attackbots	TCP (SYN) 94.102.51.29:55731 -> port 33893, len 44	2020-09-08 16:39:03
105.112.101.188	attack	Icarus honeypot on github	2020-09-08 16:19:37
125.161.137.234	attackspambots	"SSH brute force auth login attempt."	2020-09-08 16:56:47
190.10.14.160	attackspam	TCP (SYN) 190.10.14.160:55584 -> port 445, len 52	2020-09-08 16:46:44

Recently Reported IPs

5.182.39.22	50.236.24.180	51.12.242.87	187.227.205.189
186.96.44.126	124.222.119.221	50.21.176.173	54.152.84.211
54.215.183.211	54.227.72.187	223.159.17.252	194.163.181.45
128.90.112.195	218.1.200.131	212.192.246.55	164.88.87.162
31.6.19.227	213.6.174.10	183.89.187.183	38.15.152.155