Hi, Few things:
1) Your originally reported the IP address 3.166.135.620, which is an invalid address anyway. Now you listed 3.166.135.60 2) The Reverse DNS lookup provides you : server-3-166-135-60.mia50.r.cloudfront.net <http://server-3-166-135-60.mia50.r.cloudfront.net/>, which you also can get in Wireshark when you enable Name Resolution, Resolve network addresses. cloudfront.net is used by Amazone AWS, see here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html Since a multitude of services are provided through AWS, this traffic is to be expected. Thanks, Jaap > On 15 Aug 2025, at 15:32, yo yo <quantumman...@gmx.com> wrote: > > Hello Jaap, > > Yesterday no information could be found about this invalid IP. > > It is my beleif that its DOD flreign GOV related. > > Today, I found the attached information related to the IP address. > > > My capture sessionis 22 megabytes, i am not able yo send you the entire > session for that IP. > > I can send you one of the many packets when get home. > > Please remember the session will have my computer information. > > > I am attaching first the found information today aboutbthat ip address. > > > They should be PDF documents. > > > > Norberto > > > PS. Please be safe with the data, dont get in trouble for looking at this IP. > I was taking some Palo Alto Networks training before this happened. > > I will send you the packet aftet I get home if you still needed. > > > > -- > Sent with GMX Mail app > > > On 8/14/25, 1:08 PM Jaap Keuter <jaap.keu...@xs4all.nl <http://xs4all.nl/>> > wrote: >> >> Hi, >> >> I would like to see that capture file. >> >> Thanks, >> Jaap >> >> >> >> On 13 Aug 2025, at 20:06, yo yo via Wireshark-users >> <wireshark-users@wireshark.org <http://wireshark.org/>> wrote: >> >> Hello, >> >> >> I am reaching out due yo a reported invalid IP on my system by Wireshark. >> >> >> Any assistance is greatly welcomed. >> >> Please read below for the invalid IP. >> >> Thank you. >> >> >> Norberto. >> >> >> >> >> >> -- >> Sent with GMX Mail app >> >> >> On 8/13/25, 12:24 PM IANA Support <abuse-questi...@iana.org >> <http://iana.org/>> wrote: >>> >>> Dear Norberto, >>> >>> Thank you for contacting us. >>> >>> The Internet Assigned Numbers Authority (IANA) is the organization that >>> allocates large blocks of IP addresses to the five Regional Internet >>> Registries (RIRs). The RIRs then allocate smaller blocks to ISPs and other >>> large networks and record information about those allocations in their >>> registration databases. We do not track or operate invalid IP addresses. >>> >>> To further investigate the invalid IP address, please inquire with >>> Wireshark directly. >>> >>> Best regards, >>> >>> -- >>> Michelle Thangtamsatid >>> IANA Services Sr. Specialist >>> >>> On Wed Aug 13 16:12:11 2025, quantumman...@gmx.com <http://gmx.com/> wrote: >>> > Hello, >>> > >>> > My wireshark application reported to me the following IP address >>> > communicating >>> > with my system, and whn searching on this IP it is reported as >>> > invalid. >>> > >>> > >>> > The IP address is 3.166.135.620. >>> > >>> > >>> > I cannot find the source but i do have my packet capture file saved. >>> > >>> > >>> > Can you assist? >>> > >>> > >>> > Norberto. >>> > >>> > >>> > >>> > >>> > -- >>> > Sent with GMX Mail app >>> >> _______________________________________________ >> Wireshark-users mailing list -- wireshark-users@wireshark.org >> <http://wireshark.org/> >> To unsubscribe send an email to wireshark-users-le...@wireshark.org >> <http://wireshark.org/> >> > <3.166.135.60 IP Whois Bilgisi, Kime Ait.pdf><3.166.135 IP Whois Bilgisi, > Kime Ait.pdf><24 IP Range - IPinfo.io.pdf>
_______________________________________________ Wireshark-users mailing list -- wireshark-users@wireshark.org To unsubscribe send an email to wireshark-users-le...@wireshark.org
