Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Albany

Region: New York

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.229.3.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60074
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.229.3.85.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023050601 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 07 04:34:47 CST 2023
;; MSG SIZE  rcvd: 105
Host info
85.3.229.104.in-addr.arpa domain name pointer cpe-104-229-3-85.rochester.res.rr.com.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
85.3.229.104.in-addr.arpa	name = cpe-104-229-3-85.rochester.res.rr.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
138.68.191.198 attackbots
138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.191.198 - - [07/Aug/2019:19:45:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2019-08-08 02:44:11
165.22.143.139 attackspam
Aug  7 13:22:35 aat-srv002 sshd[15036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.143.139
Aug  7 13:22:38 aat-srv002 sshd[15036]: Failed password for invalid user nextcloud from 165.22.143.139 port 39758 ssh2
Aug  7 13:26:44 aat-srv002 sshd[15112]: Failed password for root from 165.22.143.139 port 33098 ssh2
Aug  7 13:30:55 aat-srv002 sshd[15197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.143.139
...
2019-08-08 02:58:59
36.67.71.53 attack
Automatic report - Port Scan Attack
2019-08-08 02:38:30
23.129.64.187 attack
$f2bV_matches
2019-08-08 03:36:58
202.80.219.120 attack
Wordpress attack
2019-08-08 02:54:31
213.149.190.193 attackbotsspam
Automatic report - Port Scan Attack
2019-08-08 03:08:48
213.45.45.65 attackbotsspam
Aug  7 19:45:51 * sshd[17333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.45.45.65
Aug  7 19:45:53 * sshd[17333]: Failed password for invalid user larry from 213.45.45.65 port 56868 ssh2
2019-08-08 02:37:56
62.234.96.175 attackspam
SSH bruteforce (Triggered fail2ban)
2019-08-08 02:36:35
128.199.95.163 attackbotsspam
2019-08-07T18:48:19.922754abusebot-2.cloudsearch.cf sshd\[14252\]: Invalid user hera from 128.199.95.163 port 46822
2019-08-08 03:11:33
118.27.11.126 attackspam
Aug  7 18:35:54 animalibera sshd[12838]: Invalid user dvs from 118.27.11.126 port 35394
...
2019-08-08 02:50:34
139.199.106.127 attackspambots
Aug  7 21:25:11 lnxmysql61 sshd[14522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.106.127
2019-08-08 03:35:56
104.131.14.14 attackspambots
SSH Brute-Force reported by Fail2Ban
2019-08-08 02:49:05
82.151.200.150 attackbotsspam
Aug  7 12:41:50 dx0 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:0c:29:e5:9d:01:00:04:28:09:4c:19:08:00 SRC=82.151.200.150
2019-08-08 02:36:10
51.145.55.218 attackbots
Aug  7 19:45:31 tux-35-217 sshd\[18389\]: Invalid user sentry from 51.145.55.218 port 57022
Aug  7 19:45:31 tux-35-217 sshd\[18389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.145.55.218
Aug  7 19:45:33 tux-35-217 sshd\[18389\]: Failed password for invalid user sentry from 51.145.55.218 port 57022 ssh2
Aug  7 19:45:50 tux-35-217 sshd\[18396\]: Invalid user sentry from 51.145.55.218 port 33186
Aug  7 19:45:50 tux-35-217 sshd\[18396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.145.55.218
...
2019-08-08 02:39:28
221.199.43.146 attackbots
IMAP brute force
...
2019-08-08 02:37:11

Recently Reported IPs

90.141.255.185 45.125.222.52 188.166.206.211 210.103.234.234
210.109.178.234 203.228.233.106 211.255.225.175 36.237.54.42
232.214.28.156 122.187.70.155 74.226.143.67 78.157.186.220
90.230.249.4 241.233.183.97 126.239.99.110 185.69.24.5
165.193.247.211 162.241.89.24 48.18.196.109 14.183.174.229