104.20.2.27 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.20.212.42	spambots	Vr network	2023-03-18 06:45:21
104.20.2.253	attackbotsspam	TCP Port Scanning	2020-03-12 04:40:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.20.2.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.20.2.27.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021602 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 17 06:48:31 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 27.2.20.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.2.20.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.196.67.41	attack	Jul 6 10:04:05 gw1 sshd[5184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.67.41 Jul 6 10:04:08 gw1 sshd[5184]: Failed password for invalid user mfa from 5.196.67.41 port 49144 ssh2 ...	2020-07-06 14:04:15
95.85.24.147	attackspam	Jul 6 06:53:51 h1745522 sshd[8310]: Invalid user zhs from 95.85.24.147 port 40964 Jul 6 06:53:51 h1745522 sshd[8310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.24.147 Jul 6 06:53:51 h1745522 sshd[8310]: Invalid user zhs from 95.85.24.147 port 40964 Jul 6 06:53:53 h1745522 sshd[8310]: Failed password for invalid user zhs from 95.85.24.147 port 40964 ssh2 Jul 6 06:57:02 h1745522 sshd[8454]: Invalid user ghost from 95.85.24.147 port 38650 Jul 6 06:57:02 h1745522 sshd[8454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.24.147 Jul 6 06:57:02 h1745522 sshd[8454]: Invalid user ghost from 95.85.24.147 port 38650 Jul 6 06:57:04 h1745522 sshd[8454]: Failed password for invalid user ghost from 95.85.24.147 port 38650 ssh2 Jul 6 07:00:20 h1745522 sshd[9034]: Invalid user caldera from 95.85.24.147 port 36332 ...	2020-07-06 14:22:05
186.250.193.222	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 186.250.193.222 (BR/Brazil/186-250-193-222.ibl.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-06 08:22:32 plain authenticator failed for ([186.250.193.222]) [186.250.193.222]: 535 Incorrect authentication data (set_id=ar.davoudi)	2020-07-06 14:41:43
95.187.138.216	attackbots	Unauthorized connection attempt from IP address 95.187.138.216 on Port 445(SMB)	2020-07-06 14:39:26
139.155.86.144	attackspam	Jul 6 07:41:30 abendstille sshd\[18684\]: Invalid user factory from 139.155.86.144 Jul 6 07:41:30 abendstille sshd\[18684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.86.144 Jul 6 07:41:31 abendstille sshd\[18684\]: Failed password for invalid user factory from 139.155.86.144 port 34890 ssh2 Jul 6 07:43:37 abendstille sshd\[20649\]: Invalid user ubuntu from 139.155.86.144 Jul 6 07:43:37 abendstille sshd\[20649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.86.144 ...	2020-07-06 14:09:58
213.174.10.58	attackbots	VNC brute force attack detected by fail2ban	2020-07-06 14:07:08
62.57.227.12	attackbotsspam	Jul 6 05:53:09 zulu412 sshd\[1246\]: Invalid user sam from 62.57.227.12 port 53782 Jul 6 05:53:09 zulu412 sshd\[1246\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.57.227.12 Jul 6 05:53:11 zulu412 sshd\[1246\]: Failed password for invalid user sam from 62.57.227.12 port 53782 ssh2 ...	2020-07-06 14:16:32
120.31.140.235	attackbotsspam	Jul 6 06:53:35 nextcloud sshd\[4568\]: Invalid user tomcat from 120.31.140.235 Jul 6 06:53:35 nextcloud sshd\[4568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.31.140.235 Jul 6 06:53:37 nextcloud sshd\[4568\]: Failed password for invalid user tomcat from 120.31.140.235 port 52759 ssh2	2020-07-06 14:02:20
193.228.91.108	attackspam	TCP (SYN) 193.228.91.108:31914 -> port 22, len 48	2020-07-06 14:37:14
118.167.74.87	attackspam	20/7/5@23:52:34: FAIL: Alarm-Network address from=118.167.74.87 ...	2020-07-06 14:42:57
159.89.153.54	attackspam	2020-07-06T07:54:07.695750ks3355764 sshd[23542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.153.54 user=root 2020-07-06T07:54:09.422817ks3355764 sshd[23542]: Failed password for root from 159.89.153.54 port 33640 ssh2 ...	2020-07-06 14:46:37
117.62.22.55	attack	Jul 6 05:28:56 marvibiene sshd[39835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.62.22.55 user=root Jul 6 05:28:57 marvibiene sshd[39835]: Failed password for root from 117.62.22.55 port 52792 ssh2 Jul 6 05:45:16 marvibiene sshd[40096]: Invalid user dev from 117.62.22.55 port 56832 ...	2020-07-06 14:23:39
222.85.139.140	attackbots	Lines containing failures of 222.85.139.140 Jul 6 05:42:47 shared01 sshd[9501]: Invalid user vicente from 222.85.139.140 port 28023 Jul 6 05:42:47 shared01 sshd[9501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.85.139.140 Jul 6 05:42:49 shared01 sshd[9501]: Failed password for invalid user vicente from 222.85.139.140 port 28023 ssh2 Jul 6 05:42:49 shared01 sshd[9501]: Received disconnect from 222.85.139.140 port 28023:11: Bye Bye [preauth] Jul 6 05:42:49 shared01 sshd[9501]: Disconnected from invalid user vicente 222.85.139.140 port 28023 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=222.85.139.140	2020-07-06 14:17:01
109.100.148.103	attack	Automatic report - Banned IP Access	2020-07-06 14:34:08
159.203.30.208	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-07-06 14:28:38

Recently Reported IPs

104.20.2.22	104.20.2.40	206.237.0.102	104.20.2.51
104.20.20.91	104.20.200.115	104.20.202.153	104.20.203.153
60.23.71.240	45.148.99.176	104.20.204.70	104.20.205.70
104.20.206.52	104.20.206.62	62.34.205.195	204.20.161.201
104.20.207.52	252.132.78.108	104.20.207.62	104.20.208.69