3.94.104.205 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 3.94.104.205
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11925
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.94.104.205.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 21:47:41 +08 2019
;; MSG SIZE  rcvd: 116

Host info

205.104.94.3.in-addr.arpa domain name pointer ec2-3-94-104-205.compute-1.amazonaws.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
205.104.94.3.in-addr.arpa	name = ec2-3-94-104-205.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.242.142.183	attack	Unauthorized connection attempt from IP address 88.242.142.183 on Port 445(SMB)	2020-04-14 06:10:12
80.82.77.234	attackspambots	Apr 13 23:56:51 debian-2gb-nbg1-2 kernel: \[9074004.222906\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=80.82.77.234 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=41851 PROTO=TCP SPT=56765 DPT=1983 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-14 06:15:35
45.133.99.11	attackspambots	Apr 14 00:24:34 mail.srvfarm.net postfix/smtpd[1237299]: warning: unknown[45.133.99.11]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 14 00:24:34 mail.srvfarm.net postfix/smtpd[1237299]: lost connection after AUTH from unknown[45.133.99.11] Apr 14 00:24:37 mail.srvfarm.net postfix/smtpd[1071624]: lost connection after AUTH from unknown[45.133.99.11] Apr 14 00:24:38 mail.srvfarm.net postfix/smtpd[1224566]: lost connection after AUTH from unknown[45.133.99.11] Apr 14 00:24:39 mail.srvfarm.net postfix/smtps/smtpd[1239200]: lost connection after AUTH from unknown[45.133.99.11]	2020-04-14 06:32:14
92.52.39.107	attackspambots	2020-04-13T17:15:06.6563821495-001 sshd[19776]: Invalid user redmine from 92.52.39.107 port 45036 2020-04-13T17:15:06.6599761495-001 sshd[19776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92-52-39-107.dynamic.orange.sk 2020-04-13T17:15:06.6563821495-001 sshd[19776]: Invalid user redmine from 92.52.39.107 port 45036 2020-04-13T17:15:09.0773521495-001 sshd[19776]: Failed password for invalid user redmine from 92.52.39.107 port 45036 ssh2 2020-04-13T17:18:44.8197161495-001 sshd[19949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92-52-39-107.dynamic.orange.sk user=root 2020-04-13T17:18:46.4969731495-001 sshd[19949]: Failed password for root from 92.52.39.107 port 54372 ssh2 ...	2020-04-14 06:35:35
106.12.196.118	attackbots	DATE:2020-04-13 19:15:23, IP:106.12.196.118, PORT:ssh SSH brute force auth (docker-dc)	2020-04-14 06:02:26
88.202.186.59	attack	Apr 13 17:10:39 artelis kernel: [354322.316420] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=88.202.186.59 DST=167.99.196.43 LEN=52 TOS=0x00 PREC=0x00 TTL=58 ID=11862 DF PROTO=TCP SPT=37756 DPT=50498 WINDOW=29200 RES=0x00 SYN URGP=0 Apr 13 17:10:40 artelis kernel: [354323.313257] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=88.202.186.59 DST=167.99.196.43 LEN=52 TOS=0x00 PREC=0x00 TTL=58 ID=11863 DF PROTO=TCP SPT=37756 DPT=50498 WINDOW=29200 RES=0x00 SYN URGP=0 Apr 13 17:10:42 artelis kernel: [354325.317254] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=88.202.186.59 DST=167.99.196.43 LEN=52 TOS=0x00 PREC=0x00 TTL=58 ID=11864 DF PROTO=TCP SPT=37756 DPT=50498 WINDOW=29200 RES=0x00 SYN URGP=0 Apr 13 17:10:46 artelis kernel: [354329.325359] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=88.202.186.59 DST=167.99.196.43 LEN=52 TOS=0x00 PREC=0x00 TTL=58 ID=11865 DF PROTO=TC ...	2020-04-14 06:33:23
213.157.50.108	attackbotsspam	Unauthorized connection attempt from IP address 213.157.50.108 on Port 445(SMB)	2020-04-14 06:13:00
183.109.79.253	attackspam	Apr 13 23:17:43 mout sshd[15952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.109.79.253 user=root Apr 13 23:17:46 mout sshd[15952]: Failed password for root from 183.109.79.253 port 62816 ssh2	2020-04-14 06:11:59
107.174.244.100	attack	C2,DEF GET //phpMyAdmin/scripts/setup.php	2020-04-14 06:08:23
179.108.162.97	attackspam	Unauthorized connection attempt from IP address 179.108.162.97 on Port 445(SMB)	2020-04-14 06:24:14
169.149.211.107	attackbotsspam	Unauthorized connection attempt from IP address 169.149.211.107 on Port 445(SMB)	2020-04-14 06:22:09
159.192.159.189	attack	Unauthorized connection attempt from IP address 159.192.159.189 on Port 445(SMB)	2020-04-14 06:04:15
62.210.162.128	attackbots	firewall-block, port(s): 5060/udp	2020-04-14 05:59:29
122.114.30.171	attack	Apr 13 01:53:59 server770 sshd[19161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.30.171 user=r.r Apr 13 01:54:00 server770 sshd[19161]: Failed password for r.r from 122.114.30.171 port 45880 ssh2 Apr 13 01:54:01 server770 sshd[19161]: Received disconnect from 122.114.30.171 port 45880:11: Bye Bye [preauth] Apr 13 01:54:01 server770 sshd[19161]: Disconnected from 122.114.30.171 port 45880 [preauth] Apr 13 02:05:19 server770 sshd[19261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.30.171 user=r.r Apr 13 02:05:22 server770 sshd[19261]: Failed password for r.r from 122.114.30.171 port 35216 ssh2 Apr 13 02:05:22 server770 sshd[19261]: Received disconnect from 122.114.30.171 port 35216:11: Bye Bye [preauth] Apr 13 02:05:22 server770 sshd[19261]: Disconnected from 122.114.30.171 port 35216 [preauth] Apr 13 02:09:06 server770 sshd[19458]: Invalid user guest3 from 122.114......... -------------------------------	2020-04-14 06:07:10
201.149.20.162	attackbotsspam	Apr 13 20:40:10 vps647732 sshd[11492]: Failed password for root from 201.149.20.162 port 9200 ssh2 ...	2020-04-14 06:27:16

Recently Reported IPs

190.2.149.152	203.189.150.58	162.243.163.75	45.6.202.6
172.93.204.25	140.143.77.85	124.158.160.34	46.148.21.32
192.168.10.248	154.83.17.56	203.41.236.130	165.227.123.44
54.166.230.72	185.10.68.55	81.17.94.50	119.39.84.75
113.160.244.167	2001:41d0:52:a00::e3d	161.246.95.136	107.173.52.160