34.205.85.48 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
34.205.85.137	attackspambots	This email was sent from your website "The Edge Magazine" by the Wordfence plugin at Saturday 18th of January 2020 at 07:51:07 PM The Wordfence administrative URL for this site is: http://www.edgemagazine.net/wp-admin/admin.php?page=Wordfence A user with IP addr 34.205.85.137 has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: 'admin'. The duration of the lockout is 4 hours. User IP: 34.205.85.137 User hostname: ec2-34-205-85-137.compute-1.amazonaws.com User location: Ashburn, United States	2020-01-19 23:10:14

Type

Details

Datetime

34.205.85.137

attackspambots

This email was sent from your website "The Edge Magazine" by the Wordfence plugin at Saturday 18th of January 2020 at 07:51:07 PM
The Wordfence administrative URL for this site is: http://www.edgemagazine.net/wp-admin/admin.php?page=Wordfence
A user with IP addr 34.205.85.137 has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: 'admin'.
The duration of the lockout is 4 hours.
User IP: 34.205.85.137
User hostname: ec2-34-205-85-137.compute-1.amazonaws.com
User location: Ashburn, United States

2020-01-19 23:10:14

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.205.85.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39620
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.205.85.48.			IN	A

;; AUTHORITY SECTION:
.			2803	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042702 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 03:11:58 +08 2019
;; MSG SIZE  rcvd: 116

Host info

48.85.205.34.in-addr.arpa domain name pointer ec2-34-205-85-48.compute-1.amazonaws.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
48.85.205.34.in-addr.arpa	name = ec2-34-205-85-48.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.229.52.51	attackspam	$f2bV_matches	2020-02-05 06:38:08
58.56.178.170	attack	Brute force attempt	2020-02-05 06:57:44
159.89.188.167	attackspambots	Unauthorized connection attempt detected from IP address 159.89.188.167 to port 2220 [J]	2020-02-05 06:39:41
138.122.146.162	attackspam	Unauthorized connection attempt detected from IP address 138.122.146.162 to port 2220 [J]	2020-02-05 07:15:21
112.85.42.182	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.182 user=root Failed password for root from 112.85.42.182 port 53513 ssh2 Failed password for root from 112.85.42.182 port 53513 ssh2 Failed password for root from 112.85.42.182 port 53513 ssh2 Failed password for root from 112.85.42.182 port 53513 ssh2	2020-02-05 07:12:12
72.200.36.184	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-05 07:07:48
128.199.128.215	attackbots	Feb 4 23:30:28 legacy sshd[22723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.128.215 Feb 4 23:30:30 legacy sshd[22723]: Failed password for invalid user 2k19 from 128.199.128.215 port 57676 ssh2 Feb 4 23:33:49 legacy sshd[22984]: Failed password for root from 128.199.128.215 port 58172 ssh2 ...	2020-02-05 06:45:41
119.29.134.163	attackspam	Feb 4 12:37:23 sachi sshd\[19466\]: Invalid user statd from 119.29.134.163 Feb 4 12:37:23 sachi sshd\[19466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.134.163 Feb 4 12:37:25 sachi sshd\[19466\]: Failed password for invalid user statd from 119.29.134.163 port 57514 ssh2 Feb 4 12:38:24 sachi sshd\[19567\]: Invalid user test1234 from 119.29.134.163 Feb 4 12:38:24 sachi sshd\[19567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.134.163	2020-02-05 06:42:54
45.195.7.194	attackbotsspam	Feb 4 21:18:55 grey postfix/smtpd\[7971\]: NOQUEUE: reject: RCPT from unknown\[45.195.7.194\]: 554 5.7.1 Service unavailable\; Client host \[45.195.7.194\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=45.195.7.194\; from=\ to=\ proto=ESMTP helo=\<\[45.195.7.194\]\> ...	2020-02-05 06:38:48
122.164.200.108	attackbots	Unauthorized connection attempt detected from IP address 122.164.200.108 to port 2220 [J]	2020-02-05 06:37:39
111.90.150.204	spam	Give me uc pubg mobile	2020-02-05 07:14:56
185.234.219.103	attackspam	Feb 4 21:53:33 mail postfix/smtpd\[14652\]: warning: unknown\[185.234.219.103\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 4 22:09:52 mail postfix/smtpd\[15265\]: warning: unknown\[185.234.219.103\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 4 22:26:42 mail postfix/smtpd\[15557\]: warning: unknown\[185.234.219.103\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Feb 4 22:59:22 mail postfix/smtpd\[16146\]: warning: unknown\[185.234.219.103\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-02-05 06:37:18
64.190.202.55	attackbotsspam	Unauthorized connection attempt detected from IP address 64.190.202.55 to port 2220 [J]	2020-02-05 06:38:28
45.238.32.151	attack	Scanning random ports - tries to find possible vulnerable services	2020-02-05 06:50:00
141.255.45.213	attackbots	Feb 4 21:18:20 grey postfix/smtpd\[25106\]: NOQUEUE: reject: RCPT from ppp141255045213.access.hol.gr\[141.255.45.213\]: 554 5.7.1 Service unavailable\; Client host \[141.255.45.213\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?141.255.45.213\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-05 07:11:53

Recently Reported IPs

199.57.95.215	45.76.125.254	207.254.220.212	65.163.103.212
1.33.237.23	106.12.214.190	117.74.121.39	34.102.90.82
23.239.11.175	4.29.143.245	52.241.135.129	104.144.28.161
193.112.40.110	176.113.209.45	192.145.238.65	195.200.78.27
178.76.254.130	91.185.236.157	212.15.184.190	144.76.99.215