104.20.2.27 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.20.212.42	spambots	Vr network	2023-03-18 06:45:21
104.20.2.253	attackbotsspam	TCP Port Scanning	2020-03-12 04:40:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.20.2.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.20.2.27.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021602 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 06:48:31 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 27.2.20.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.2.20.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.91.163.138	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-29 03:16:30
198.108.67.48	attack	Unauthorized connection attempt detected from IP address 198.108.67.48 to port 9106 [T]	2020-04-29 03:35:13
46.218.85.69	attack	"Unauthorized connection attempt on SSHD detected"	2020-04-29 03:37:28
84.210.196.246	attack	Honeypot attack, port: 5555, PTR: cm-84.210.196.246.getinternet.no.	2020-04-29 03:43:49
81.16.117.199	attackspambots	2020-04-2820:15:561jTUlw-0005Ma-Dd\<=info@whatsup2013.chH=mm-128-196-126-178.vitebsk.dynamic.pppoe.byfly.by\(localhost\)[178.126.196.128]:46258P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3112id=27267e2d260dd8d4f3b60053a7606a66551618f3@whatsup2013.chT="I'msobored"formr.terell.wilson@gmail.comdiamondanthony49@gmail.com2020-04-2820:16:311jTUmU-0005T7-Lk\<=info@whatsup2013.chH=241.red-88-28-197.staticip.rima-tde.net\(localhost\)[88.28.197.241]:54676P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3103id=04a793a1aa8154a7847a8cdfd400391536dc7df73d@whatsup2013.chT="So\,howisyourday\?"forwanmuhamadfaiz88@gmail.comhood328@g.com2020-04-2820:16:231jTUmM-0005RD-L6\<=info@whatsup2013.chH=\(localhost\)[116.97.214.37]:47828P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3052id=8005b3e0ebc0eae27e7bcd6186725844531638@whatsup2013.chT="Areyoucurrentlylonely\?"forscotttriplett104@gmail.cokarl	2020-04-29 03:44:17
49.88.112.55	attack	Apr 28 21:34:20 mail sshd[13713]: Failed password for root from 49.88.112.55 port 46261 ssh2 Apr 28 21:34:34 mail sshd[13713]: error: maximum authentication attempts exceeded for root from 49.88.112.55 port 46261 ssh2 [preauth] Apr 28 21:34:40 mail sshd[13750]: Failed password for root from 49.88.112.55 port 6079 ssh2	2020-04-29 03:40:42
51.38.231.11	attackbots	5x Failed Password	2020-04-29 03:41:28
178.32.6.108	attack	Lines containing failures of 178.32.6.108 Apr 27 19:06:06 shared02 sshd[28746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.6.108 user=r.r Apr 27 19:06:09 shared02 sshd[28746]: Failed password for r.r from 178.32.6.108 port 38360 ssh2 Apr 27 19:06:09 shared02 sshd[28746]: Received disconnect from 178.32.6.108 port 38360:11: Bye Bye [preauth] Apr 27 19:06:09 shared02 sshd[28746]: Disconnected from authenticating user r.r 178.32.6.108 port 38360 [preauth] Apr 27 19:14:18 shared02 sshd[32047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.32.6.108 user=r.r Apr 27 19:14:20 shared02 sshd[32047]: Failed password for r.r from 178.32.6.108 port 39173 ssh2 Apr 27 19:14:20 shared02 sshd[32047]: Received disconnect from 178.32.6.108 port 39173:11: Bye Bye [preauth] Apr 27 19:14:20 shared02 sshd[32047]: Disconnected from authenticating user r.r 178.32.6.108 port 39173 [preauth] ........ -----------------------------------	2020-04-29 03:28:45
167.71.72.70	attack	(sshd) Failed SSH login from 167.71.72.70 (NL/Netherlands/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 28 21:29:56 ubnt-55d23 sshd[18971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.72.70 user=root Apr 28 21:29:58 ubnt-55d23 sshd[18971]: Failed password for root from 167.71.72.70 port 42804 ssh2	2020-04-29 03:34:09
62.210.140.151	attackbots	2020-04-28T16:49:07.955918+00:00 [f2b-wordpress-soft-ddos] : Authentication failure user [munged] from 62.210.140.151 2020-04-28T16:49:07.605296+00:00 [f2b-wordpress-soft-ddos] : Authentication failure user [munged] from 62.210.140.151 2020-04-28T16:49:07.223821+00:00 [f2b-wordpress-soft-ddos] : Authentication failure user [munged] from 62.210.140.151	2020-04-29 03:38:11
83.167.87.198	attackspam	DATE:2020-04-28 15:44:05, IP:83.167.87.198, PORT:ssh SSH brute force auth (docker-dc)	2020-04-29 03:22:48
45.62.198.46	attackspam	web-1 [ssh] SSH Attack	2020-04-29 03:12:13
185.176.27.174	attackspam	04/28/2020-15:16:18.025188 185.176.27.174 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-29 03:26:07
162.243.129.123	attack	"Found User-Agent associated with security scanner - Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x"	2020-04-29 03:20:05
4.7.94.244	attackbots	5x Failed Password	2020-04-29 03:43:33

Recently Reported IPs

104.20.2.22	104.20.2.40	206.237.0.102	104.20.2.51
104.20.20.91	104.20.200.115	104.20.202.153	104.20.203.153
60.23.71.240	45.148.99.176	104.20.204.70	104.20.205.70
104.20.206.52	104.20.206.62	62.34.205.195	204.20.161.201
104.20.207.52	252.132.78.108	104.20.207.62	104.20.208.69