JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 120.26.57.20

120.26.57.20 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 87%: ?

87%

ISP	Aliyun Computing Co., LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37963
Domain Name	alibabacloud.com
Country	🇨🇳 China
City	Hangzhou, Zhejiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 120.26.57.20

Whois 120.26.57.20

IP Abuse Reports for 120.26.57.20:

This IP address has been reported a total of 24 times from 17 distinct sources. 120.26.57.20 was first reported on June 18th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 kexol	2026-06-26 07:08:10 (1 day ago)	22 port scanned	Port Scan
🇧🇪 sid3windr	2026-06-25 22:55:46 (1 day ago)	SSH port scan (Tarpitted for 20s, wasted 32B)	Port Scan SSH
🇧🇪 sid3windr	2026-06-25 19:40:27 (1 day ago)	SSH port scan (Tarpitted for 20s, wasted 26B)	Port Scan SSH
🇿🇦 Adrian Moisey	2026-06-25 08:54:34 (2 days ago)	2026-06-25T10:54:26.295404+02:00 box sshd[2360954]: Failed password for root from 120.26.57.20 port ... show more 2026-06-25T10:54:26.295404+02:00 box sshd[2360954]: Failed password for root from 120.26.57.20 port 32792 ssh2 2026-06-25T10:54:29.585754+02:00 box sshd[2360956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.26.57.20 user=root 2026-06-25T10:54:31.786627+02:00 box sshd[2360956]: Failed password for root from 120.26.57.20 port 40430 ssh2 ... show less	Brute-Force SSH
🇳🇱 ras07	2026-06-24 20:00:33 (2 days ago)	Brute force SSH login attempts.	Brute-Force SSH
🇦🇺 LiftUp Hosting	2026-06-24 07:09:57 (3 days ago)	Honeypot hit: Empty payload (likely service probe); 8022 [1] TCP	Port Scan
🇩🇪 dispaisyenterprises	2026-06-24 03:57:49 (3 days ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 6022 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 6022 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 kexol	2026-06-22 23:30:17 (4 days ago)	22 port scanned	Port Scan
🇫🇷 TheHoneyPotter	2026-06-21 22:36:02 (5 days ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 22222 [1] TCP Reported by: https://git ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 22222 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇫🇷 edoram	2026-06-21 16:03:32 (6 days ago)	SSH brute-force from honeypot. 5 attempts in 24h, 0 unique usernames tried.	Brute-Force SSH
🇳🇱 donarev419	2026-06-21 05:01:12 (6 days ago)	Port scan detected on port 2222 (connection without data transfer)	Port Scan
🇳🇱 donarev419	2026-06-21 03:45:36 (6 days ago)	Port scan detected on port 2002 (connection without data transfer)	Port Scan
🇩🇪 femboy.cat	2026-06-21 00:27:02 (6 days ago)	Port scan to tcp/10001 from 120.26.57.20	Brute-Force
🇧🇬 MazenHost	2026-06-20 23:33:47 (6 days ago)	1781998426 - 06/21/2026 02:33:46 Host: 120.26.57.20/120.26.57.20 Port: 2000 TCP Blocked ...	Port Scan
🇩🇪 Lunix	2026-06-20 20:28:21 (6 days ago)		FTP Brute-Force Brute-Force

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇴 182.93.50.90

🇨🇳 122.114.30.19

🇨🇳 110.249.202.78

🇹🇭 171.100.121.127

🇫🇷 167.86.80.37

🇺🇸 162.216.149.171

🇺🇸 162.216.149.36

🇺🇸 148.153.159.125

🇳🇿 121.73.169.149

🇺🇸 74.208.55.148

🇺🇸 66.132.172.233

🇰🇷 61.76.112.4

🇳🇱 195.178.110.227

🇺🇸 147.185.132.154

🇨🇳 115.231.78.11

🇨🇳 110.249.202.72

🇺🇸 107.180.88.176

🇺🇸 91.230.168.89

🇨🇦 85.217.149.24

🇨🇦 85.217.149.16