JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.220.101.130

185.220.101.130 was found in our database!

This IP was reported 6,350 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	CIA TRIAD SECURITY LLC
Usage Type	Commercial
ASN	AS60729
Hostname(s)	tor-exit-130.relayon.org
Domain Name	relayon.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.220.101.130

Whois 185.220.101.130

IP Abuse Reports for 185.220.101.130:

This IP address has been reported a total of 6,350 times from 886 distinct sources. 185.220.101.130 was first reported on November 21st 2020, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-26 01:28:59 (19 hours ago)	Blocked by UFW (TCP on 61227) Source port: 61423 TTL: 47 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 61227) Source port: 61423 TTL: 47 Packet length: 52 TOS: 0x08 This report (for 185.220.101.130) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇺 screwlooseit.com.au	2026-06-26 01:06:30 (19 hours ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN DE/Germany/tor-exit-130.relayon.org	Web App Attack
🇩🇪 raph	2026-06-25 17:52:36 (1 day ago)	[SQL UNION SELECT] f2b match %{+Q}r for ^.haproxy\[[0-9]+\]: <HOST>:. (GET \|POST ).\?.(UNION%20\| ... show more [SQL UNION SELECT] f2b match %{+Q}r for ^.haproxy\[[0-9]+\]: <HOST>:. (GET \|POST ).\?.(UNION%20\|union%20\|SELECT%20\|select%20).* HTTP/1.1$ show less	SQL Injection
Anonymous	2026-06-25 15:48:10 (1 day ago)	2026-06-25T17:48:09.335123+02:00 gollum postfix/smtps/smtpd[3459178]: warning: unknown[185.220.101.1 ... show more 2026-06-25T17:48:09.335123+02:00 gollum postfix/smtps/smtpd[3459178]: warning: unknown[185.220.101.130]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2026-06-25T17:48:09.619058+02:00 gollum postfix/smtps/smtpd[3459178]: lost connection after AUTH from unknown[185.220.101.130] 2026-06-25T17:48:09.619173+02:00 gollum postfix/smtps/smtpd[3459178]: disconnect from unknown[185.220.101.130] ehlo=1 auth=0/1 commands=1/2 ... show less	DDoS Attack Brute-Force
🇷🇺 DZBOT	2026-06-24 18:59:54 (2 days ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇪🇸 Francisco Vallejo	2026-06-24 07:45:27 (2 days ago)	2026-06-24T09:45:19.610430+02:00 localhost sshd[1827284]: pam_unix(sshd:auth): authentication failur ... show more 2026-06-24T09:45:19.610430+02:00 localhost sshd[1827284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.130 2026-06-24T09:45:21.536965+02:00 localhost sshd[1827284]: Failed password for invalid user administrator from 185.220.101.130 port 48303 ssh2 2026-06-24T09:45:20.991396+02:00 localhost sshd[1827286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.130 2026-06-24T09:45:22.723062+02:00 localhost sshd[1827286]: Failed password for invalid user admin from 185.220.101.130 port 25243 ssh2 2026-06-24T09:45:26.291085+02:00 localhost sshd[1827286]: Failed password for invalid user admin from 185.220.101.130 port 25243 ssh2 ... show less	Brute-Force SSH
🇺🇸 factor1	2026-06-22 23:09:09 (3 days ago)	Fail2ban at saturn Reports Abuse.	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-22 05:35:38 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-19 13:00:20 (1 week ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇹🇭 Sawasdee	2026-06-19 12:33:09 (1 week ago)	SSH break in attempt ...	SSH
🇩🇪 FeG Deutschland	2026-06-19 12:17:45 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 LRob.fr	2026-06-18 13:30:08 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇷🇴 eddy.ro	2026-06-18 12:19:41 (1 week ago)	[Thu Jun 18 15:19:36.197203 2026] [php:error] [pid 2226315] [client 185.220.101.130:37527] script '/ ... show more [Thu Jun 18 15:19:36.197203 2026] [php:error] [pid 2226315] [client 185.220.101.130:37527] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 15:19:36.318463 2026] [php:error] [pid 2226315] [client 185.220.101.130:37527] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 15:19:39.419122 2026] [php:error] [pid 2394216] [client 185.220.101.130:37529] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 15:19:39.940550 2026] [php:error] [pid 2394216] [client 185.220.101.130:37529] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 15:19:40.274548 2026] [php:error] [pid 2394216] [client 185.220.101.130:37529] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 15:19:40.465595 2026] [php:error] [pid 2394216] [client 185.220.101.130:37529] script '/var/www/html/index.php' not found or unable to stat ... show less	DDoS Attack Web App Attack
🇧🇷 SOC PR	2026-06-17 06:07:41 (1 week ago)	IPS: PHPUnit Command Injection (CVE-2017-9841).	Web App Attack
🇩🇪 LRob.fr	2026-06-16 15:30:07 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack

Showing 1 to 15 of 6350 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 139.59.132.8

🇩🇪 194.187.176.91

🇨🇳 183.210.230.119

🇺🇸 164.92.107.174

🇮🇳 159.65.144.72

🇺🇸 107.175.145.85

🇳🇱 91.92.40.231

🇨🇳 39.154.8.242

🇺🇸 20.163.2.35

🇻🇳 14.225.253.26

🇺🇸 3.235.179.87

🇺🇸 205.185.116.245

🇯🇵 202.212.191.16

🇺🇸 172.236.228.218

🇨🇦 142.44.220.145

🇫🇷 104.28.243.187

🇳🇱 45.148.10.147

🇺🇸 40.77.167.35

🇮🇳 182.19.35.57

🇨🇳 111.18.16.197