3.85.49.138 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



# start

NetRange:       3.0.0.0 - 3.127.255.255
CIDR:           3.0.0.0/9
NetName:        AT-88-Z
NetHandle:      NET-3-0-0-0-1
Parent:         NET3 (NET-3-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Amazon Technologies Inc. (AT-88-Z)
RegDate:        2017-12-20
Updated:        2022-05-18
Ref:            https://rdap.arin.net/registry/ip/3.0.0.0



OrgName:        Amazon Technologies Inc.
OrgId:          AT-88-Z
Address:        410 Terry Ave N.
City:           Seattle
StateProv:      WA
PostalCode:     98109
Country:        US
RegDate:        2011-12-08
Updated:        2024-01-24
Comment:        All abuse reports MUST include:
Comment:        * src IP
Comment:        * dest IP (your IP)
Comment:        * dest port
Comment:        * Accurate date/timestamp and timezone of activity
Comment:        * Intensity/frequency (short log extracts)
Comment:        * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref:            https://rdap.arin.net/registry/entity/AT-88-Z


OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName:   IP Routing
OrgRoutingPhone:  +1-206-555-0000 
OrgRoutingEmail:  aws-routing-poc@amazon.com
OrgRoutingRef:    https://rdap.arin.net/registry/entity/IPROU3-ARIN

OrgRoutingHandle: ARMP-ARIN
OrgRoutingName:   AWS RPKI Management POC
OrgRoutingPhone:  +1-206-555-0000 
OrgRoutingEmail:  aws-rpki-routing-poc@amazon.com
OrgRoutingRef:    https://rdap.arin.net/registry/entity/ARMP-ARIN

OrgNOCHandle: AANO1-ARIN
OrgNOCName:   Amazon AWS Network Operations
OrgNOCPhone:  +1-206-555-0000 
OrgNOCEmail:  amzn-noc-contact@amazon.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/AANO1-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName:   Amazon EC2 Abuse
OrgAbusePhone:  +1-206-555-0000 
OrgAbuseEmail:  trustandsafety@support.aws.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AEA8-ARIN

OrgTechHandle: ANO24-ARIN
OrgTechName:   Amazon EC2 Network Operations
OrgTechPhone:  +1-206-555-0000 
OrgTechEmail:  amzn-noc-contact@amazon.com
OrgTechRef:    https://rdap.arin.net/registry/entity/ANO24-ARIN

# end


# start

NetRange:       3.80.0.0 - 3.95.255.255
CIDR:           3.80.0.0/12
NetName:        AMAZON-IAD
NetHandle:      NET-3-80-0-0-1
Parent:         AT-88-Z (NET-3-0-0-0-1)
NetType:        Reallocated
OriginAS:       
Organization:   Amazon Data Services Northern Virginia (ADSN-1)
RegDate:        2018-08-22
Updated:        2018-08-22
Ref:            https://rdap.arin.net/registry/ip/3.80.0.0



OrgName:        Amazon Data Services Northern Virginia
OrgId:          ADSN-1
Address:        13200 Woodland Park Road
City:           Herndon
StateProv:      VA
PostalCode:     20171
Country:        US
RegDate:        2018-04-25
Updated:        2025-08-14
Ref:            https://rdap.arin.net/registry/entity/ADSN-1


OrgAbuseHandle: AEA8-ARIN
OrgAbuseName:   Amazon EC2 Abuse
OrgAbusePhone:  +1-206-555-0000 
OrgAbuseEmail:  trustandsafety@support.aws.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AEA8-ARIN

OrgTechHandle: ANO24-ARIN
OrgTechName:   Amazon EC2 Network Operations
OrgTechPhone:  +1-206-555-0000 
OrgTechEmail:  amzn-noc-contact@amazon.com
OrgTechRef:    https://rdap.arin.net/registry/entity/ANO24-ARIN

OrgNOCHandle: AANO1-ARIN
OrgNOCName:   Amazon AWS Network Operations
OrgNOCPhone:  +1-206-555-0000 
OrgNOCEmail:  amzn-noc-contact@amazon.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/AANO1-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.85.49.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38181
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;3.85.49.138.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026040300 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 04 00:01:02 CST 2026
;; MSG SIZE  rcvd: 104

Host info

138.49.85.3.in-addr.arpa domain name pointer ec2-3-85-49-138.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.49.85.3.in-addr.arpa	name = ec2-3-85-49-138.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.58.194.141	attackbots	Sep 4 21:42:18 XXX sshd[53091]: Invalid user ofsaa from 95.58.194.141 port 55002	2019-09-05 04:46:06
157.230.222.2	attack	Sep 4 04:51:02 eddieflores sshd\[23237\]: Invalid user april from 157.230.222.2 Sep 4 04:51:02 eddieflores sshd\[23237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.222.2 Sep 4 04:51:04 eddieflores sshd\[23237\]: Failed password for invalid user april from 157.230.222.2 port 35566 ssh2 Sep 4 04:55:34 eddieflores sshd\[23674\]: Invalid user matt from 157.230.222.2 Sep 4 04:55:34 eddieflores sshd\[23674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.222.2	2019-09-05 03:53:10
54.39.145.31	attackspam	Sep 5 01:05:58 areeb-Workstation sshd[26452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.145.31 Sep 5 01:06:00 areeb-Workstation sshd[26452]: Failed password for invalid user demo from 54.39.145.31 port 36820 ssh2 ...	2019-09-05 03:44:53
71.6.233.18	attackspambots	" "	2019-09-05 04:32:26
107.170.249.243	attackbots	Sep 4 20:40:05 DAAP sshd[10855]: Invalid user oracle from 107.170.249.243 port 41096 Sep 4 20:40:05 DAAP sshd[10855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.249.243 Sep 4 20:40:05 DAAP sshd[10855]: Invalid user oracle from 107.170.249.243 port 41096 Sep 4 20:40:07 DAAP sshd[10855]: Failed password for invalid user oracle from 107.170.249.243 port 41096 ssh2 Sep 4 20:47:09 DAAP sshd[10906]: Invalid user webadmin from 107.170.249.243 port 39528 ...	2019-09-05 04:45:11
134.255.220.15	attackbots	Automatic report - SSH Brute-Force Attack	2019-09-05 04:44:43
153.36.242.143	attackspambots	Sep 4 10:10:15 hanapaa sshd\[9936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.242.143 user=root Sep 4 10:10:17 hanapaa sshd\[9936\]: Failed password for root from 153.36.242.143 port 17124 ssh2 Sep 4 10:10:19 hanapaa sshd\[9936\]: Failed password for root from 153.36.242.143 port 17124 ssh2 Sep 4 10:10:21 hanapaa sshd\[9936\]: Failed password for root from 153.36.242.143 port 17124 ssh2 Sep 4 10:10:23 hanapaa sshd\[9943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.242.143 user=root	2019-09-05 04:13:10
159.65.67.134	attackbots	Sep 4 21:00:22 cp sshd[19667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.67.134	2019-09-05 04:16:36
74.124.199.170	attack	\[2019-09-04 16:21:10\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-04T16:21:10.073-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441519470375",SessionID="0x7f7b3069b1d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.124.199.170/57725",ACLName="no_extension_match" \[2019-09-04 16:21:42\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-04T16:21:42.796-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441519470375",SessionID="0x7f7b301b13a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.124.199.170/51849",ACLName="no_extension_match" \[2019-09-04 16:22:18\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-04T16:22:18.024-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="8011441519470375",SessionID="0x7f7b301b13a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.124.199.170/59023",ACLName="n	2019-09-05 04:40:34
139.59.6.148	attack	2019-09-04T17:15:33.489751abusebot-2.cloudsearch.cf sshd\[14420\]: Invalid user cluster from 139.59.6.148 port 47882	2019-09-05 04:13:36
106.13.2.130	attackbots	Sep 4 17:28:17 lnxmail61 sshd[26553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.2.130	2019-09-05 04:34:46
104.248.71.7	attack	Sep 4 05:29:32 auw2 sshd\[15335\]: Invalid user jira from 104.248.71.7 Sep 4 05:29:32 auw2 sshd\[15335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.71.7 Sep 4 05:29:33 auw2 sshd\[15335\]: Failed password for invalid user jira from 104.248.71.7 port 51932 ssh2 Sep 4 05:34:10 auw2 sshd\[15744\]: Invalid user rb from 104.248.71.7 Sep 4 05:34:10 auw2 sshd\[15744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.71.7	2019-09-05 04:29:32
104.244.72.221	attackbotsspam	Sep 5 02:18:38 webhost01 sshd[20695]: Failed password for root from 104.244.72.221 port 45152 ssh2 Sep 5 02:18:51 webhost01 sshd[20695]: error: maximum authentication attempts exceeded for root from 104.244.72.221 port 45152 ssh2 [preauth] ...	2019-09-05 03:44:06
59.56.90.216	attack	Sep 4 14:36:37 h2022099 sshd[18287]: reveeclipse mapping checking getaddrinfo for 216.90.56.59.broad.fz.fj.dynamic.163data.com.cn [59.56.90.216] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 4 14:36:37 h2022099 sshd[18287]: Invalid user admin from 59.56.90.216 Sep 4 14:36:37 h2022099 sshd[18287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.56.90.216 Sep 4 14:36:38 h2022099 sshd[18287]: Failed password for invalid user admin from 59.56.90.216 port 14275 ssh2 Sep 4 14:36:39 h2022099 sshd[18287]: Received disconnect from 59.56.90.216: 11: Bye Bye [preauth] Sep 4 14:52:32 h2022099 sshd[20425]: reveeclipse mapping checking getaddrinfo for 216.90.56.59.broad.fz.fj.dynamic.163data.com.cn [59.56.90.216] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 4 14:52:32 h2022099 sshd[20425]: Invalid user dev from 59.56.90.216 Sep 4 14:52:32 h2022099 sshd[20425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh........ -------------------------------	2019-09-05 03:52:13
182.61.160.236	attack	Sep 4 08:11:46 wbs sshd\[2968\]: Invalid user mediax from 182.61.160.236 Sep 4 08:11:46 wbs sshd\[2968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.160.236 Sep 4 08:11:48 wbs sshd\[2968\]: Failed password for invalid user mediax from 182.61.160.236 port 34102 ssh2 Sep 4 08:16:42 wbs sshd\[3417\]: Invalid user move from 182.61.160.236 Sep 4 08:16:42 wbs sshd\[3417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.160.236	2019-09-05 04:38:16

Recently Reported IPs

224.121.3.72	133.106.125.10	110.77.226.227	2606:4700:10::6816:3211
2606:4700:10::6814:7493	2606:4700:10::6814:5910	2606:4700:10::6814:9621	2606:4700:10::6814:9646
14.207.194.109	2606:4700:10::6814:6482	190.194.63.254	158.158.32.192
194.88.98.82	45.142.154.64	194.88.98.93	2606:4700:10::6814:9122
122.192.203.83	2606:4700:10::6814:7054	2606:4700:10::6816:1444	2606:4700:10::6814:6476