216.27.114.30 - IPInfo

Basic Info

City: Plattsburgh

Region: New York

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       216.27.112.0 - 216.27.127.255
CIDR:           216.27.112.0/20
NetName:        PRIMELINK
NetHandle:      NET-216-27-112-0-1
Parent:         NET216 (NET-216-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   FirstLight Fiber, Inc. (TVC-11)
RegDate:        2005-09-23
Updated:        2021-10-27
Ref:            https://rdap.arin.net/registry/ip/216.27.112.0


FirstLight Fiber, Inc. (TVC-11)


OrgAbuseHandle: ABUSE719-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-518-694-8790 
OrgAbuseEmail:  ipabuse@firstlight.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE719-ARIN

OrgDNSHandle: HDP11-ARIN
OrgDNSName:   Hostmaster, the DNS people
OrgDNSPhone:  +1-518-694-8790 
OrgDNSEmail:  dnsupdates@firstlight.net
OrgDNSRef:    https://rdap.arin.net/registry/entity/HDP11-ARIN

OrgNOCHandle: NOC1665-ARIN
OrgNOCName:   NOC
OrgNOCPhone:  +1-518-694-8790 
OrgNOCEmail:  repair@firstlight.net
OrgNOCRef:    https://rdap.arin.net/registry/entity/NOC1665-ARIN

OrgTechHandle: IA93-ARIN
OrgTechName:   IP Admin
OrgTechPhone:  +1-518-694-8790 
OrgTechEmail:  ip-admin@firstlight.net
OrgTechRef:    https://rdap.arin.net/registry/entity/IA93-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.27.114.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;216.27.114.30.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026031701 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 04:01:21 CST 2026
;; MSG SIZE  rcvd: 106

Host info

30.114.27.216.in-addr.arpa domain name pointer 216-27-114-30.static.firstlight.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
30.114.27.216.in-addr.arpa	name = 216-27-114-30.static.firstlight.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.228.91.123	attack	SSH brute-force attempt	2020-08-12 06:24:06
123.56.5.75	attack	Detected by ModSecurity. Host header is an IP address, Request URI: /	2020-08-12 06:39:43
61.167.82.216	attackspambots	RDPBruteCAu	2020-08-12 06:33:28
176.113.115.247	attackspambots	firewall-block, port(s): 20469/tcp	2020-08-12 06:42:45
89.236.239.25	attackbotsspam	Aug 12 00:24:11 vpn01 sshd[13984]: Failed password for root from 89.236.239.25 port 52656 ssh2 ...	2020-08-12 06:47:28
216.4.95.62	attackspam	Aug 11 22:29:33 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=216.4.95.62 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=63487 DF PROTO=TCP SPT=13672 DPT=5555 WINDOW=18484 RES=0x00 SYN URGP=0 Aug 11 22:29:34 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=216.4.95.62 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=63488 DF PROTO=TCP SPT=13672 DPT=5555 WINDOW=18484 RES=0x00 SYN URGP=0 Aug 11 22:29:36 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=216.4.95.62 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=63489 DF PROTO=TCP SPT=13672 DPT=5555 WINDOW=18484 RES=0x00 SYN URGP=0 Aug 11 22:35:31 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=216.4.95.62 DST=77.73.69.240 LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=36400 DF PROTO=TCP SPT=22251 DPT=5555 WINDOW=18484 RES=0x00 SYN URGP=0 Aug 11 22:35:32 hidden ...	2020-08-12 06:38:42
2.186.112.16	attackspambots	Automatic report - Port Scan Attack	2020-08-12 06:26:03
82.117.196.30	attackspam	Fail2Ban Ban Triggered (2)	2020-08-12 06:39:58
218.92.0.221	attack	$f2bV_matches	2020-08-12 06:19:44
20.187.47.39	attackbots	TCP (SYN) 20.187.47.39:51293 -> port 22, len 44	2020-08-12 06:48:52
111.160.216.147	attackbots	(sshd) Failed SSH login from 111.160.216.147 (CN/China/no-data): 5 in the last 3600 secs	2020-08-12 06:41:54
196.245.219.231	attack	Automatic report - Banned IP Access	2020-08-12 06:33:48
152.136.105.190	attack	Aug 11 13:26:12 pixelmemory sshd[3444952]: Failed password for root from 152.136.105.190 port 58006 ssh2 Aug 11 13:32:30 pixelmemory sshd[3459621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.105.190 user=root Aug 11 13:32:32 pixelmemory sshd[3459621]: Failed password for root from 152.136.105.190 port 40300 ssh2 Aug 11 13:38:46 pixelmemory sshd[3474428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.105.190 user=root Aug 11 13:38:47 pixelmemory sshd[3474428]: Failed password for root from 152.136.105.190 port 50828 ssh2 ...	2020-08-12 06:21:51
88.119.171.232	attack	Mail account phishing scam	2020-08-12 06:14:04
121.226.107.240	attackspambots	srvr1: (mod_security) mod_security (id:920350) triggered by 121.226.107.240 (CN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/11 20:35:17 [error] 563155#0: 276277 [client 121.226.107.240] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/phpmyadmin/"] [unique_id "159717811763.880807"] [ref "o0,13v155,13"], client: 121.226.107.240, [redacted] request: "GET /phpmyadmin/ HTTP/1.1" [redacted]	2020-08-12 06:48:15

Recently Reported IPs

45.76.202.157	45.76.202.124	68.183.206.32	74.249.178.114
35.241.166.201	188.166.178.184	139.59.116.9	221.241.183.80
217.149.163.193	217.104.210.219	212.161.91.208	207.54.113.238
54.205.241.255	54.163.179.109	13.218.68.64	44.236.88.213
178.128.214.41	13.218.97.192	36.142.78.49	14.212.94.38