220.135.13.239

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 81, PTR: 220-135-13-239.HINET-IP.hinet.net.	2020-06-09 02:12:39

Comments on same subnet:

IP	Type	Details	Datetime
220.135.134.98	attackbotsspam	TCP (SYN) 220.135.134.98:5959 -> port 23, len 40	2020-08-13 03:12:13
220.135.135.239	attackspam	TCP (SYN) 220.135.135.239:13209 -> port 23, len 44	2020-08-08 20:03:12
220.135.130.28	attackbotsspam	Honeypot attack, port: 81, PTR: 220-135-130-28.HINET-IP.hinet.net.	2020-07-22 07:21:35
220.135.130.93	attackbots	Jun 11 20:37:56 system,error,critical: login failure for user admin from 220.135.130.93 via telnet Jun 11 20:37:57 system,error,critical: login failure for user root from 220.135.130.93 via telnet Jun 11 20:37:59 system,error,critical: login failure for user root from 220.135.130.93 via telnet Jun 11 20:38:02 system,error,critical: login failure for user admin from 220.135.130.93 via telnet Jun 11 20:38:04 system,error,critical: login failure for user root from 220.135.130.93 via telnet Jun 11 20:38:05 system,error,critical: login failure for user Administrator from 220.135.130.93 via telnet Jun 11 20:38:09 system,error,critical: login failure for user root from 220.135.130.93 via telnet Jun 11 20:38:10 system,error,critical: login failure for user admin from 220.135.130.93 via telnet Jun 11 20:38:12 system,error,critical: login failure for user root from 220.135.130.93 via telnet Jun 11 20:38:15 system,error,critical: login failure for user admin from 220.135.130.93 via telnet	2020-06-12 06:12:34
220.135.137.108	attackbots	Unauthorised access (Apr 15) SRC=220.135.137.108 LEN=40 TTL=46 ID=8514 TCP DPT=8080 WINDOW=31678 SYN	2020-04-16 06:20:37
220.135.131.252	attackspam	Apr 5 14:21:54 h2065291 sshd[1290]: Invalid user pi from 220.135.131.252 Apr 5 14:21:54 h2065291 sshd[1292]: Invalid user pi from 220.135.131.252 Apr 5 14:21:54 h2065291 sshd[1290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220-135-131-252.hinet-ip.hinet.net Apr 5 14:21:54 h2065291 sshd[1292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220-135-131-252.hinet-ip.hinet.net Apr 5 14:21:56 h2065291 sshd[1290]: Failed password for invalid user pi from 220.135.131.252 port 35188 ssh2 Apr 5 14:21:56 h2065291 sshd[1292]: Failed password for invalid user pi from 220.135.131.252 port 35192 ssh2 Apr 5 14:21:56 h2065291 sshd[1290]: Connection closed by 220.135.131.252 [preauth] Apr 5 14:21:56 h2065291 sshd[1292]: Connection closed by 220.135.131.252 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=220.135.131.252	2020-04-06 00:51:23
220.135.138.120	attackbots	Honeypot attack, port: 81, PTR: 220-135-138-120.HINET-IP.hinet.net.	2020-03-01 23:50:24
220.135.139.58	attackspam	Honeypot attack, port: 81, PTR: 220-135-139-58.HINET-IP.hinet.net.	2020-02-20 15:39:21
220.135.138.120	attack	Unauthorized connection attempt detected from IP address 220.135.138.120 to port 81 [J]	2020-02-05 16:26:57
220.135.137.101	attackbots	Unauthorized connection attempt detected from IP address 220.135.137.101 to port 23 [J]	2020-01-19 14:56:46
220.135.135.165	attack	Jun 30 12:23:31 dallas01 sshd[13723]: Failed password for invalid user michael from 220.135.135.165 port 53034 ssh2 Jun 30 12:25:45 dallas01 sshd[14047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.135.135.165 Jun 30 12:25:46 dallas01 sshd[14047]: Failed password for invalid user postgres from 220.135.135.165 port 41676 ssh2 Jun 30 12:28:04 dallas01 sshd[14388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.135.135.165	2019-10-08 23:25:57
220.135.132.143	attack	Oct 2 14:30:03 mc1 kernel: \[1305821.490016\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=220.135.132.143 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=3904 PROTO=TCP SPT=37113 DPT=23 WINDOW=30115 RES=0x00 SYN URGP=0 Oct 2 14:30:28 mc1 kernel: \[1305846.755888\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=220.135.132.143 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=3904 PROTO=TCP SPT=37113 DPT=23 WINDOW=30115 RES=0x00 SYN URGP=0 Oct 2 14:30:32 mc1 kernel: \[1305850.348314\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=220.135.132.143 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=3904 PROTO=TCP SPT=37113 DPT=23 WINDOW=30115 RES=0x00 SYN URGP=0 ...	2019-10-03 02:58:58
220.135.132.158	attackbotsspam	DATE:2019-08-23 18:16:55, IP:220.135.132.158, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-08-24 06:06:46
220.135.135.165	attack	Aug 14 20:54:20 yabzik sshd[26289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.135.135.165 Aug 14 20:54:22 yabzik sshd[26289]: Failed password for invalid user thomas from 220.135.135.165 port 43158 ssh2 Aug 14 20:59:14 yabzik sshd[27973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.135.135.165	2019-08-15 04:18:19
220.135.135.165	attackbotsspam	SSH invalid-user multiple login try	2019-08-11 12:50:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.135.13.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62481
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.135.13.239.			IN	A

;; AUTHORITY SECTION:
.			518	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060802 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 09 02:12:36 CST 2020
;; MSG SIZE  rcvd: 118

Host info

239.13.135.220.in-addr.arpa domain name pointer 220-135-13-239.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
239.13.135.220.in-addr.arpa	name = 220-135-13-239.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.111.146.209	attackbotsspam	...	2020-05-09 12:23:04
185.234.217.191	attackspam	May 9 04:22:34 web01.agentur-b-2.de postfix/smtpd[71181]: warning: unknown[185.234.217.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:22:34 web01.agentur-b-2.de postfix/smtpd[71181]: lost connection after AUTH from unknown[185.234.217.191] May 9 04:24:37 web01.agentur-b-2.de postfix/smtpd[72352]: warning: unknown[185.234.217.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:24:37 web01.agentur-b-2.de postfix/smtpd[72352]: lost connection after AUTH from unknown[185.234.217.191] May 9 04:27:05 web01.agentur-b-2.de postfix/smtpd[72358]: warning: unknown[185.234.217.191]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-05-09 12:13:35
49.233.182.23	attackbotsspam	$f2bV_matches	2020-05-09 12:21:23
69.94.158.108	attackbots	Email Spam	2020-05-09 12:18:44
118.98.96.184	attack	May 9 02:55:27 ns382633 sshd\[24539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.96.184 user=root May 9 02:55:29 ns382633 sshd\[24539\]: Failed password for root from 118.98.96.184 port 46946 ssh2 May 9 03:00:48 ns382633 sshd\[25381\]: Invalid user yia from 118.98.96.184 port 51686 May 9 03:00:48 ns382633 sshd\[25381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.96.184 May 9 03:00:50 ns382633 sshd\[25381\]: Failed password for invalid user yia from 118.98.96.184 port 51686 ssh2	2020-05-09 12:17:21
51.159.58.91	attack	DATE:2020-05-09 04:59:05, IP:51.159.58.91, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-05-09 12:07:28
52.23.215.77	attackspam	Attempted connection to port 997.	2020-05-09 09:03:58
186.225.86.235	attack	Unauthorized connection attempt from IP address 186.225.86.235 on Port 445(SMB)	2020-05-09 08:56:21
185.50.149.32	attackbotsspam	May 9 04:33:47 mail.srvfarm.net postfix/smtpd[1957713]: warning: unknown[185.50.149.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:33:48 mail.srvfarm.net postfix/smtpd[1957713]: lost connection after AUTH from unknown[185.50.149.32] May 9 04:33:56 mail.srvfarm.net postfix/smtpd[1962497]: lost connection after AUTH from unknown[185.50.149.32] May 9 04:33:58 mail.srvfarm.net postfix/smtpd[1958898]: warning: unknown[185.50.149.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:33:59 mail.srvfarm.net postfix/smtpd[1958898]: lost connection after AUTH from unknown[185.50.149.32]	2020-05-09 12:14:50
106.13.118.102	attackbots	May 9 02:52:34 sshd\[24187\]: Invalid user server from 106.13.118.102May 9 02:52:36 sshd\[24187\]: Failed password for invalid user server from 106.13.118.102 port 39730 ssh2 ...	2020-05-09 12:05:02
162.214.96.184	attack	May 8 08:04:43 web01.agentur-b-2.de postfix/smtpd[108582]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1 <162-214-96-184.webhostbox.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<162-214-96-184.webhostbox.net> May 8 08:05:18 web01.agentur-b-2.de postfix/smtpd[108804]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1 <162-214-96-184.webhostbox.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<162-214-96-184.webhostbox.net> May 8 08:09:18 web01.agentur-b-2.de postfix/smtpd[108804]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1 <162-214-96-184.webhostbox.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<162-214-96-184.webhostbox.net> May 8 08:11:59 web01.agentur-b-2.de postfix/smtpd[108805]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1	2020-05-09 12:17:05
61.78.28.54	attack	Brute Forcer	2020-05-09 09:02:56
222.186.169.194	attackbotsspam	May 8 20:48:43 NPSTNNYC01T sshd[30989]: Failed password for root from 222.186.169.194 port 44964 ssh2 May 8 20:49:04 NPSTNNYC01T sshd[30999]: Failed password for root from 222.186.169.194 port 49622 ssh2 May 8 20:49:07 NPSTNNYC01T sshd[30999]: Failed password for root from 222.186.169.194 port 49622 ssh2 ...	2020-05-09 08:50:48
195.231.3.208	attackspambots	May 9 04:43:52 web01.agentur-b-2.de postfix/smtpd[71181]: warning: unknown[195.231.3.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:43:52 web01.agentur-b-2.de postfix/smtpd[71181]: lost connection after AUTH from unknown[195.231.3.208] May 9 04:43:54 web01.agentur-b-2.de postfix/smtpd[72352]: lost connection after CONNECT from unknown[195.231.3.208] May 9 04:44:58 web01.agentur-b-2.de postfix/smtpd[72352]: warning: unknown[195.231.3.208]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 9 04:44:58 web01.agentur-b-2.de postfix/smtpd[72352]: lost connection after AUTH from unknown[195.231.3.208]	2020-05-09 12:12:16
82.250.193.210	attackspam	Attempted connection to port 445.	2020-05-09 09:01:26

Recently Reported IPs

185.26.104.241	96.21.190.171	119.76.178.178	177.222.248.50
116.25.41.53	49.204.185.238	36.78.248.113	103.250.160.41
113.188.128.60	201.68.169.56	36.77.94.208	42.114.206.255
101.51.64.225	5.175.66.133	4.39.93.53	124.156.140.200
94.156.138.70	103.49.121.68	85.86.197.164	146.158.200.81