3.85.18.5 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
3.85.189.128	attackspam	3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a" 3.85.189.128 - - [27/Jul/2020:14:52:25 + ...	2020-07-28 02:56:36
3.85.185.56	attack	2019-11-07T18:24:29.374576shield sshd\[7543\]: Invalid user git from 3.85.185.56 port 34282 2019-11-07T18:24:29.379214shield sshd\[7543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-85-185-56.compute-1.amazonaws.com 2019-11-07T18:24:31.769865shield sshd\[7543\]: Failed password for invalid user git from 3.85.185.56 port 34282 ssh2 2019-11-07T18:25:42.230438shield sshd\[7661\]: Invalid user git from 3.85.185.56 port 47841 2019-11-07T18:25:42.234541shield sshd\[7661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-85-185-56.compute-1.amazonaws.com	2019-11-08 04:04:15

Type

Details

Datetime

3.85.189.128

attackspam

3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +0200] "GET / HTTP/1.1" 301 162 "-" "loader.io;2492d7be8546f6d737f9699c1bcb7f6a"
3.85.189.128 - - [27/Jul/2020:14:52:25 +
...

2020-07-28 02:56:36

3.85.185.56

attack

2019-11-07T18:24:29.374576shield sshd\[7543\]: Invalid user git from 3.85.185.56 port 34282
2019-11-07T18:24:29.379214shield sshd\[7543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-85-185-56.compute-1.amazonaws.com
2019-11-07T18:24:31.769865shield sshd\[7543\]: Failed password for invalid user git from 3.85.185.56 port 34282 ssh2
2019-11-07T18:25:42.230438shield sshd\[7661\]: Invalid user git from 3.85.185.56 port 47841
2019-11-07T18:25:42.234541shield sshd\[7661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-3-85-185-56.compute-1.amazonaws.com

2019-11-08 04:04:15

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



# start

NetRange:       3.0.0.0 - 3.127.255.255
CIDR:           3.0.0.0/9
NetName:        AT-88-Z
NetHandle:      NET-3-0-0-0-1
Parent:         NET3 (NET-3-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Amazon Technologies Inc. (AT-88-Z)
RegDate:        2017-12-20
Updated:        2022-05-18
Ref:            https://rdap.arin.net/registry/ip/3.0.0.0



OrgName:        Amazon Technologies Inc.
OrgId:          AT-88-Z
Address:        410 Terry Ave N.
City:           Seattle
StateProv:      WA
PostalCode:     98109
Country:        US
RegDate:        2011-12-08
Updated:        2026-04-17
Comment:        All abuse reports MUST include:
Comment:        * src IP
Comment:        * dest IP (your IP)
Comment:        * dest port
Comment:        * Accurate date/timestamp and timezone of activity
Comment:        * Intensity/frequency (short log extracts)
Comment:        * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref:            https://rdap.arin.net/registry/entity/AT-88-Z


OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName:   IP Routing
OrgRoutingPhone:  +1-206-555-0000 
OrgRoutingEmail:  aws-routing-poc@amazon.com
OrgRoutingRef:    https://rdap.arin.net/registry/entity/IPROU3-ARIN

OrgTechHandle: ANO24-ARIN
OrgTechName:   Amazon EC2 Network Operations
OrgTechPhone:  +1-206-555-0000 
OrgTechEmail:  amzn-noc-contact@amazon.com
OrgTechRef:    https://rdap.arin.net/registry/entity/ANO24-ARIN

OrgDNSHandle: DNS1131-ARIN
OrgDNSName:   DNS
OrgDNSPhone:  +1-202-555-0000 
OrgDNSEmail:  ipmanagement+dns@amazon.com
OrgDNSRef:    https://rdap.arin.net/registry/entity/DNS1131-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName:   Amazon EC2 Abuse
OrgAbusePhone:  +1-206-555-0000 
OrgAbuseEmail:  trustandsafety@support.aws.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AEA8-ARIN

OrgRoutingHandle: ARMP-ARIN
OrgRoutingName:   AWS RPKI Management POC
OrgRoutingPhone:  +1-206-555-0000 
OrgRoutingEmail:  aws-rpki-routing-poc@amazon.com
OrgRoutingRef:    https://rdap.arin.net/registry/entity/ARMP-ARIN

OrgNOCHandle: AANO1-ARIN
OrgNOCName:   Amazon AWS Network Operations
OrgNOCPhone:  +1-206-555-0000 
OrgNOCEmail:  amzn-noc-contact@amazon.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/AANO1-ARIN

# end


# start

NetRange:       3.80.0.0 - 3.95.255.255
CIDR:           3.80.0.0/12
NetName:        AMAZON-IAD
NetHandle:      NET-3-80-0-0-1
Parent:         AT-88-Z (NET-3-0-0-0-1)
NetType:        Reallocated
OriginAS:       
Organization:   Amazon Data Services Northern Virginia (ADSN-1)
RegDate:        2018-08-22
Updated:        2018-08-22
Ref:            https://rdap.arin.net/registry/ip/3.80.0.0



OrgName:        Amazon Data Services Northern Virginia
OrgId:          ADSN-1
Address:        13200 Woodland Park Road
City:           Herndon
StateProv:      VA
PostalCode:     20171
Country:        US
RegDate:        2018-04-25
Updated:        2025-08-14
Ref:            https://rdap.arin.net/registry/entity/ADSN-1


OrgNOCHandle: AANO1-ARIN
OrgNOCName:   Amazon AWS Network Operations
OrgNOCPhone:  +1-206-555-0000 
OrgNOCEmail:  amzn-noc-contact@amazon.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/AANO1-ARIN

OrgTechHandle: ANO24-ARIN
OrgTechName:   Amazon EC2 Network Operations
OrgTechPhone:  +1-206-555-0000 
OrgTechEmail:  amzn-noc-contact@amazon.com
OrgTechRef:    https://rdap.arin.net/registry/entity/ANO24-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName:   Amazon EC2 Abuse
OrgAbusePhone:  +1-206-555-0000 
OrgAbuseEmail:  trustandsafety@support.aws.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AEA8-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.85.18.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31177
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.85.18.5.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026042002 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 05:00:37 CST 2026
;; MSG SIZE  rcvd: 102

Host info

5.18.85.3.in-addr.arpa domain name pointer ec2-3-85-18-5.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
5.18.85.3.in-addr.arpa	name = ec2-3-85-18-5.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.175.93.14	attackbots	Fail2Ban Ban Triggered	2019-07-24 12:12:01
31.163.196.225	attack	Port scan on 1 port(s): 111	2019-07-24 11:46:17
196.52.43.59	attack	Portscan or hack attempt detected by psad/fwsnort	2019-07-24 11:56:43
173.239.139.38	attack	$f2bV_matches	2019-07-24 11:28:18
193.32.163.182	attackbots	Jul 24 06:09:42 srv206 sshd[16533]: Invalid user admin from 193.32.163.182 ...	2019-07-24 12:13:05
13.67.89.198	attack	3389BruteforceFW21	2019-07-24 11:48:12
80.82.77.139	attackbotsspam	firewall-block, port(s): 4786/tcp, 8140/tcp	2019-07-24 12:11:08
222.186.52.123	attackbots	Jul 24 05:45:59 MainVPS sshd[9288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 24 05:46:01 MainVPS sshd[9288]: Failed password for root from 222.186.52.123 port 38770 ssh2 Jul 24 05:46:08 MainVPS sshd[9300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 24 05:46:10 MainVPS sshd[9300]: Failed password for root from 222.186.52.123 port 12732 ssh2 Jul 24 05:46:38 MainVPS sshd[9335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.123 user=root Jul 24 05:46:40 MainVPS sshd[9335]: Failed password for root from 222.186.52.123 port 56972 ssh2 ...	2019-07-24 12:04:34
187.189.63.82	attack	Jul 24 06:09:18 yabzik sshd[15512]: Failed password for root from 187.189.63.82 port 48728 ssh2 Jul 24 06:13:34 yabzik sshd[16981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.63.82 Jul 24 06:13:36 yabzik sshd[16981]: Failed password for invalid user baba from 187.189.63.82 port 41894 ssh2	2019-07-24 11:27:19
178.20.231.176	attackspambots	WordPress brute force	2019-07-24 11:53:01
159.89.172.190	attackbots	WordPress wp-login brute force :: 159.89.172.190 0.052 BYPASS [24/Jul/2019:12:03:49 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-24 12:20:30
68.183.7.72	attack	1563938372 - 07/24/2019 05:19:32 Host: 68.183.7.72/68.183.7.72 Port: 161 UDP Blocked	2019-07-24 11:42:10
51.68.243.1	attackspambots	Jul 24 05:13:08 mail sshd\[17001\]: Failed password for invalid user marilena from 51.68.243.1 port 47354 ssh2 Jul 24 05:17:33 mail sshd\[17624\]: Invalid user cameras from 51.68.243.1 port 42138 Jul 24 05:17:33 mail sshd\[17624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.243.1 Jul 24 05:17:35 mail sshd\[17624\]: Failed password for invalid user cameras from 51.68.243.1 port 42138 ssh2 Jul 24 05:22:05 mail sshd\[18178\]: Invalid user ftp from 51.68.243.1 port 36954 Jul 24 05:22:05 mail sshd\[18178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.243.1	2019-07-24 11:32:48
115.78.1.103	attackspam	Jul 24 04:19:35 v22018076622670303 sshd\[8247\]: Invalid user atb from 115.78.1.103 port 45890 Jul 24 04:19:35 v22018076622670303 sshd\[8247\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.78.1.103 Jul 24 04:19:36 v22018076622670303 sshd\[8247\]: Failed password for invalid user atb from 115.78.1.103 port 45890 ssh2 ...	2019-07-24 12:10:42
221.199.132.227	attack	Unauthorised access (Jul 23) SRC=221.199.132.227 LEN=40 TTL=49 ID=61424 TCP DPT=23 WINDOW=25422 SYN	2019-07-24 12:11:33

Recently Reported IPs

49.69.121.128	36.49.28.22	218.91.94.237	183.147.126.161
180.120.101.114	120.34.154.233	119.2.170.182	106.119.249.34
121.230.89.178	2606:4700:10::6816:4122	2606:4700:10::6814:7459	2606:4700:10::6816:4632
2606:4700:10::6816:3020	2606:4700:10::6814:8728	2606:4700:10::6814:8254	2606:4700:10::6816:125
2606:4700:10::6816:2753	59.58.73.123	54.88.94.2	54.85.125.115