34.199.70.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	10/24/2019-13:59:31.772890 34.199.70.85 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-24 20:48:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.199.70.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1790
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.199.70.85.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102400 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 20:48:13 CST 2019
;; MSG SIZE  rcvd: 116

Host info

85.70.199.34.in-addr.arpa domain name pointer ec2-34-199-70-85.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
85.70.199.34.in-addr.arpa	name = ec2-34-199-70-85.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.84.123.174	attackspambots	Brute force attempt	2019-07-08 03:31:50
58.64.200.156	attackbots	Unauthorized connection attempt from IP address 58.64.200.156 on Port 445(SMB)	2019-07-08 03:16:51
5.77.182.8	attackspambots	Unauthorized connection attempt from IP address 5.77.182.8 on Port 445(SMB)	2019-07-08 03:58:36
52.233.164.94	attackspambots	WordPress wp-login brute force :: 52.233.164.94 0.200 BYPASS [08/Jul/2019:03:19:28 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 4214 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-08 03:46:17
116.255.193.83	attack	Brute-force attack to non-existent web resources	2019-07-08 03:43:49
146.185.175.132	attack	Jul 7 11:58:49 server sshd\[46582\]: Invalid user admin from 146.185.175.132 Jul 7 11:58:49 server sshd\[46582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.175.132 Jul 7 11:58:51 server sshd\[46582\]: Failed password for invalid user admin from 146.185.175.132 port 50610 ssh2 ...	2019-07-08 03:26:35
200.54.242.46	attackbots	Jul 7 20:31:16 lnxded64 sshd[21455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.242.46 Jul 7 20:31:18 lnxded64 sshd[21455]: Failed password for invalid user ftpuser from 200.54.242.46 port 38450 ssh2 Jul 7 20:34:20 lnxded64 sshd[22000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.242.46	2019-07-08 03:25:41
125.105.50.228	attack	WordpressAttack	2019-07-08 03:47:10
5.39.80.220	attack	Jul 7 21:00:48 ns41 sshd[29910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.80.220 Jul 7 21:00:50 ns41 sshd[29910]: Failed password for invalid user elaine from 5.39.80.220 port 50600 ssh2 Jul 7 21:03:01 ns41 sshd[29975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.80.220	2019-07-08 03:56:51
156.204.33.238	attackbots	Telnet/23 MH Probe, BF, Hack -	2019-07-08 03:22:03
61.224.2.248	attack	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-07 15:30:59]	2019-07-08 03:49:11
208.91.197.44	attackbots	From: Adult Dating [mailto: ...@001.jp] Repetitive porn - appears to target AOL accounts; common *.space spam links + redirects Unsolicited bulk spam - 167.169.209.11, Nippon Television Network Corporation (common hop: rsmail.alkoholic.net = 208.91.197.44, Confluence Networks) Spam link fabulous-girlsss.space = 66.248.206.6, Hostkey Bv - BLACKLISTED BY MCAFEE AND SPAMHAUS - REDIRECTS TO lovee-is-all-around.space = COMMON IP 85.25.210.155, Host Europe Gmbh Spam link nice-lola.space = COMMON IP 95.46.8.43, MAROSNET Telecommunication Company LLC - BLACKLISTED BY MCAFEE AND SPAMHAUS - REDIRECTS TO lovee-is-all-around.space = COMMON IP 85.25.210.155, Host Europe Gmbh	2019-07-08 03:49:29
192.241.97.226	attackbotsspam	RDP Bruteforce	2019-07-08 03:52:36
80.211.14.166	attackspam	NAME : ARUBA-NET CIDR : 80.211.14.0/24 DDoS attack Italy - block certain countries :) IP: 80.211.14.166 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-08 03:53:29
218.92.0.205	attack	Jul 7 21:42:48 localhost sshd\[25094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.205 user=root Jul 7 21:42:50 localhost sshd\[25094\]: Failed password for root from 218.92.0.205 port 39824 ssh2 Jul 7 21:42:52 localhost sshd\[25094\]: Failed password for root from 218.92.0.205 port 39824 ssh2	2019-07-08 03:57:21

Recently Reported IPs

217.241.214.147	156.198.175.250	187.119.31.6	49.50.200.56
239.125.64.144	45.10.140.191	186.198.240.12	200.107.71.242
94.60.230.150	94.60.43.142	132.25.189.148	56.111.230.107
71.62.195.102	44.45.231.158	26.184.178.119	94.60.228.233
108.98.230.66	94.50.239.218	94.6.67.55	61.144.217.187