34.199.70.85 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Amazon Technologies Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	10/24/2019-13:59:31.772890 34.199.70.85 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-24 20:48:16

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.199.70.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1790
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.199.70.85.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102400 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 20:48:13 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

85.70.199.34.in-addr.arpa domain name pointer ec2-34-199-70-85.compute-1.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
85.70.199.34.in-addr.arpa	name = ec2-34-199-70-85.compute-1.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
161.35.44.21	attackspambots	20 attempts against mh-ssh on flow	2020-09-25 18:34:02
161.35.44.237	attackspambots	Sep 24 21:43:58 vps-51d81928 sshd[354976]: Invalid user devops from 161.35.44.237 port 45336 Sep 24 21:43:58 vps-51d81928 sshd[354976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.44.237 Sep 24 21:43:58 vps-51d81928 sshd[354976]: Invalid user devops from 161.35.44.237 port 45336 Sep 24 21:44:00 vps-51d81928 sshd[354976]: Failed password for invalid user devops from 161.35.44.237 port 45336 ssh2 Sep 24 21:47:53 vps-51d81928 sshd[355178]: Invalid user user1 from 161.35.44.237 port 58722 ...	2020-09-25 19:07:49
142.0.38.58	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 142.0.38.58 (samego.modestionsm.net): 5 in the last 3600 secs - Thu Aug 23 07:42:56 2018	2020-09-25 18:52:37
50.4.86.76	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-25T10:26:36Z and 2020-09-25T10:51:05Z	2020-09-25 18:55:40
14.169.99.179	attack	$f2bV_matches	2020-09-25 19:06:11
51.77.109.98	attack	2020-09-25T11:14:18.719790amanda2.illicoweb.com sshd\[44292\]: Invalid user root01 from 51.77.109.98 port 48724 2020-09-25T11:14:18.725674amanda2.illicoweb.com sshd\[44292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.98 2020-09-25T11:14:20.787246amanda2.illicoweb.com sshd\[44292\]: Failed password for invalid user root01 from 51.77.109.98 port 48724 ssh2 2020-09-25T11:20:02.221405amanda2.illicoweb.com sshd\[44785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.98 user=root 2020-09-25T11:20:04.172776amanda2.illicoweb.com sshd\[44785\]: Failed password for root from 51.77.109.98 port 58630 ssh2 ...	2020-09-25 19:08:52
38.114.83.77	attackspambots	Found on Blocklist de / proto=6 . srcport=54623 . dstport=22 . (3617)	2020-09-25 18:37:41
5.135.177.5	attackspam	5.135.177.5 - - [25/Sep/2020:10:13:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2863 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.135.177.5 - - [25/Sep/2020:10:13:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2844 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.135.177.5 - - [25/Sep/2020:10:13:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2844 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-25 18:56:09
103.25.21.34	attack	SSH invalid-user multiple login try	2020-09-25 18:55:09
117.69.233.247	attack	(sshd) Failed SSH login from 117.69.233.247 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 25 10:11:09 server2 sshd[1114]: Invalid user hue from 117.69.233.247 port 51326 Sep 25 10:11:11 server2 sshd[1114]: Failed password for invalid user hue from 117.69.233.247 port 51326 ssh2 Sep 25 10:23:26 server2 sshd[4736]: Invalid user ftpd from 117.69.233.247 port 43688 Sep 25 10:23:28 server2 sshd[4736]: Failed password for invalid user ftpd from 117.69.233.247 port 43688 ssh2 Sep 25 10:26:31 server2 sshd[5204]: Invalid user asdf from 117.69.233.247 port 49654	2020-09-25 18:36:49
118.254.141.210	attackspam	Brute force blocker - service: proftpd1 - aantal: 98 - Sat Aug 25 03:50:14 2018	2020-09-25 18:46:06
42.194.168.89	attack	prod6 ...	2020-09-25 18:58:49
142.93.48.191	attackspam	TCP ports : 4545 / 11109	2020-09-25 18:39:21
200.199.227.195	attackspam	k+ssh-bruteforce	2020-09-25 18:42:29
165.227.114.134	attackspambots	$f2bV_matches	2020-09-25 18:54:46

最近上报的IP列表

217.241.214.147	156.198.175.250	187.119.31.6	49.50.200.56
239.125.64.144	45.10.140.191	186.198.240.12	200.107.71.242
94.60.230.150	94.60.43.142	132.25.189.148	56.111.230.107
71.62.195.102	44.45.231.158	26.184.178.119	94.60.228.233
108.98.230.66	94.50.239.218	94.6.67.55	61.144.217.187