Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Data Services NoVa

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspambots
Port Scan: TCP/9200
2019-09-14 11:00:51
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.85.104.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48678
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.85.104.204.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091302 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 14 11:00:45 CST 2019
;; MSG SIZE  rcvd: 116
Host info
204.104.85.3.in-addr.arpa domain name pointer ec2-3-85-104-204.compute-1.amazonaws.com.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
204.104.85.3.in-addr.arpa	name = ec2-3-85-104-204.compute-1.amazonaws.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
162.222.179.81 attack
IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/162.222.179.81/ 
 
 US - 1H : (14)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : US 
 NAME ASN : ASN15169 
 
 IP : 162.222.179.81 
 
 CIDR : 162.222.176.0/21 
 
 PREFIX COUNT : 602 
 
 UNIQUE IP COUNT : 8951808 
 
 
 ATTACKS DETECTED ASN15169 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 4 
 
 DateTime : 2020-01-05 22:47:19 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery
2020-01-06 09:08:00
157.230.128.181 attackspambots
Jan  5 20:51:06 vps46666688 sshd[31330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.128.181
Jan  5 20:51:09 vps46666688 sshd[31330]: Failed password for invalid user alcaide from 157.230.128.181 port 55932 ssh2
...
2020-01-06 09:09:51
125.59.232.198 attack
Unauthorized connection attempt detected from IP address 125.59.232.198 to port 5555 [J]
2020-01-06 09:26:01
183.177.97.14 attack
Jan  5 22:47:00 h2177944 kernel: \[1459388.570465\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=183.177.97.14 DST=85.214.117.9 LEN=340 TOS=0x00 PREC=0x00 TTL=117 ID=28658 PROTO=UDP SPT=1011 DPT=500 LEN=320 
Jan  5 22:47:00 h2177944 kernel: \[1459388.570477\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=183.177.97.14 DST=85.214.117.9 LEN=340 TOS=0x00 PREC=0x00 TTL=117 ID=28658 PROTO=UDP SPT=1011 DPT=500 LEN=320 
Jan  5 22:47:07 h2177944 kernel: \[1459395.918299\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=183.177.97.14 DST=85.214.117.9 LEN=364 TOS=0x00 PREC=0x00 TTL=117 ID=30683 PROTO=UDP SPT=1011 DPT=500 LEN=344 
Jan  5 22:47:07 h2177944 kernel: \[1459395.918312\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=183.177.97.14 DST=85.214.117.9 LEN=364 TOS=0x00 PREC=0x00 TTL=117 ID=30683 PROTO=UDP SPT=1011 DPT=500 LEN=344 
Jan  5 22:47:07 h2177944 kernel: \[1459395.922006\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=183.177.97.14 DST=85.214.117.9 LEN=340 TOS=0x00 PREC=0x00 TTL=117 ID=30684 PROTO=UDP SPT=1011 DPT=500 LEN=320 
Jan  5 22:47:07 h21
2020-01-06 09:18:14
112.85.42.194 attackbots
2020-01-06T02:11:58.458860scmdmz1 sshd[4619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194  user=root
2020-01-06T02:12:00.629418scmdmz1 sshd[4619]: Failed password for root from 112.85.42.194 port 59371 ssh2
2020-01-06T02:12:03.293105scmdmz1 sshd[4619]: Failed password for root from 112.85.42.194 port 59371 ssh2
2020-01-06T02:11:58.458860scmdmz1 sshd[4619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194  user=root
2020-01-06T02:12:00.629418scmdmz1 sshd[4619]: Failed password for root from 112.85.42.194 port 59371 ssh2
2020-01-06T02:12:03.293105scmdmz1 sshd[4619]: Failed password for root from 112.85.42.194 port 59371 ssh2
2020-01-06T02:11:58.458860scmdmz1 sshd[4619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.194  user=root
2020-01-06T02:12:00.629418scmdmz1 sshd[4619]: Failed password for root from 112.85.42.194 port 59371 ssh2
2020-01-06T02:12:
2020-01-06 09:23:54
183.63.87.236 attack
Unauthorized connection attempt detected from IP address 183.63.87.236 to port 2220 [J]
2020-01-06 09:09:23
106.13.145.44 attack
Unauthorized connection attempt detected from IP address 106.13.145.44 to port 2220 [J]
2020-01-06 09:22:43
89.248.169.95 attackspambots
Scanning random ports - tries to find possible vulnerable services
2020-01-06 09:30:14
73.164.118.33 attackbots
Unauthorized connection attempt detected from IP address 73.164.118.33 to port 2220 [J]
2020-01-06 09:36:29
138.117.162.86 attackspambots
Unauthorized connection attempt detected from IP address 138.117.162.86 to port 2220 [J]
2020-01-06 09:00:25
73.124.236.66 attack
Jan  5 20:18:44 linuxvps sshd\[13564\]: Invalid user xb from 73.124.236.66
Jan  5 20:18:44 linuxvps sshd\[13564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.124.236.66
Jan  5 20:18:46 linuxvps sshd\[13564\]: Failed password for invalid user xb from 73.124.236.66 port 40408 ssh2
Jan  5 20:19:34 linuxvps sshd\[14079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.124.236.66  user=root
Jan  5 20:19:35 linuxvps sshd\[14079\]: Failed password for root from 73.124.236.66 port 45306 ssh2
2020-01-06 09:27:01
162.241.182.29 attackspambots
SSH-BruteForce
2020-01-06 09:31:10
139.99.219.75 attackspambots
Jan x@x
Jan x@x
Jan x@x
Jan x@x
Jan x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=139.99.219.75
2020-01-06 09:11:18
1.165.145.49 attackbots
1578260810 - 01/05/2020 22:46:50 Host: 1.165.145.49/1.165.145.49 Port: 445 TCP Blocked
2020-01-06 09:30:40
195.208.167.18 attackspam
20/1/5@17:15:23: FAIL: Alarm-Network address from=195.208.167.18
...
2020-01-06 09:07:30

Recently Reported IPs

160.20.182.104 35.183.160.115 141.105.69.102 59.13.53.139
139.59.107.152 123.133.165.230 121.234.4.9 118.168.7.148
118.160.4.9 117.44.125.131 115.204.161.210 109.187.226.144
123.243.109.6 108.248.133.85 108.170.1.134 107.9.51.19
8.17.222.65 198.12.12.162 101.21.133.153 99.195.133.249