20.128.204.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.128.204.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;20.128.204.20.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012300 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 17:07:23 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 20.204.128.20.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.204.128.20.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.17.250.96	attack	Apr 9 05:30:06 server sshd[1121]: Failed password for invalid user mysql from 58.17.250.96 port 51521 ssh2 Apr 9 05:37:01 server sshd[2979]: Failed password for invalid user tomcat from 58.17.250.96 port 46209 ssh2 Apr 9 05:50:57 server sshd[6431]: Failed password for invalid user vps from 58.17.250.96 port 63073 ssh2	2020-04-09 17:49:45
178.62.0.138	attackspam	Apr 9 10:35:20 ovpn sshd\[22745\]: Invalid user rabbitmq from 178.62.0.138 Apr 9 10:35:20 ovpn sshd\[22745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.138 Apr 9 10:35:21 ovpn sshd\[22745\]: Failed password for invalid user rabbitmq from 178.62.0.138 port 41757 ssh2 Apr 9 10:42:45 ovpn sshd\[24567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.138 user=root Apr 9 10:42:46 ovpn sshd\[24567\]: Failed password for root from 178.62.0.138 port 36429 ssh2	2020-04-09 17:28:33
185.143.221.46	attack	Port Scanning Detected	2020-04-09 17:31:31
45.236.131.185	attackbotsspam	Apr 9 00:43:20 mockhub sshd[4036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.236.131.185 Apr 9 00:43:22 mockhub sshd[4036]: Failed password for invalid user kubernetes from 45.236.131.185 port 35094 ssh2 ...	2020-04-09 18:07:59
218.207.154.76	attackbotsspam	Apr 9 05:51:10 vmd48417 sshd[12659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.207.154.76	2020-04-09 17:40:37
43.226.149.84	attackbots	leo_www	2020-04-09 17:44:02
49.231.159.205	attack	$f2bV_matches	2020-04-09 17:44:29
51.91.77.217	attackbots	frenzy	2020-04-09 17:32:05
39.165.17.134	attackspam	Helo	2020-04-09 17:30:38
178.154.200.58	attackspam	[Thu Apr 09 10:51:20.331941 2020] [:error] [pid 27381:tid 140306514646784] [client 178.154.200.58:55274] [client 178.154.200.58] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xo6buBlqZYUeCCp3aRli4AAAALQ"] ...	2020-04-09 17:30:57
163.172.128.194	attack	Apr 8 14:43:30 twattle sshd[30809]: reveeclipse mapping checking getaddrin= fo for 194-128-172-163.rev.cloud.scaleway.com [163.172.128.194] failed = - POSSIBLE BREAK-IN ATTEMPT! Apr 8 14:43:30 twattle sshd[30809]: Received disconnect from 163.172.1= 28.194: 11: Bye Bye [preauth] Apr 8 14:43:30 twattle sshd[30811]: reveeclipse mapping checking getaddrin= fo for 194-128-172-163.rev.cloud.scaleway.com [163.172.128.194] failed = - POSSIBLE BREAK-IN ATTEMPT! Apr 8 14:43:30 twattle sshd[30811]: Invalid user admin from 163.172.12= 8.194 Apr 8 14:43:30 twattle sshd[30811]: Received disconnect from 163.172.1= 28.194: 11: Bye Bye [preauth] Apr 8 14:43:30 twattle sshd[30813]: reveeclipse mapping checking getaddrin= fo for 194-128-172-163.rev.cloud.scaleway.com [163.172.128.194] failed = - POSSIBLE BREAK-IN ATTEMPT! Apr 8 14:43:30 twattle sshd[30813]: Invalid user admin from 163.172.12= 8.194 Apr 8 14:43:30 twattle sshd[30813]: Received disconnect from 163.172.1= 28.194: 11........ -------------------------------	2020-04-09 18:02:40
161.189.25.20	attackspam	Apr 9 08:50:31 roki sshd[1092]: Invalid user sonar from 161.189.25.20 Apr 9 08:50:31 roki sshd[1092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.189.25.20 Apr 9 08:50:33 roki sshd[1092]: Failed password for invalid user sonar from 161.189.25.20 port 41536 ssh2 Apr 9 09:13:14 roki sshd[2779]: Invalid user test from 161.189.25.20 Apr 9 09:13:14 roki sshd[2779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.189.25.20 ...	2020-04-09 17:35:45
62.234.2.59	attack	SSH Brute-Force. Ports scanning.	2020-04-09 18:04:54
192.144.235.20	attack	SSH brute force attempt	2020-04-09 17:46:59
14.18.84.151	attackspam	Apr 09 03:30:03 askasleikir sshd[51861]: Failed password for root from 14.18.84.151 port 55828 ssh2	2020-04-09 17:48:47

Recently Reported IPs

225.5.65.54	62.21.57.104	86.18.15.53	187.9.153.24
25.138.217.69	198.200.240.22	248.206.223.201	21.60.133.39
95.133.185.217	212.149.231.240	180.135.58.73	253.28.246.22
41.106.80.143	24.123.221.39	197.20.144.34	176.21.141.154
28.29.56.50	121.203.184.225	42.31.182.129	94.49.166.64