103.138.109.154

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.138.109.68	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-11 01:38:20
103.138.109.44	attackspambots	07/25/2020-11:16:32.406346 103.138.109.44 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-25 23:17:49
103.138.109.190	attackbots	Jul 18 12:36:29 debian-2gb-nbg1-2 kernel: \[17327139.039675\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.138.109.190 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=18506 PROTO=TCP SPT=45046 DPT=15355 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-18 19:51:26
103.138.109.89	attackspam	MAIL: User Login Brute Force Attempt	2020-07-14 21:59:19
103.138.109.68	attackspam	Jul 6 03:05:07 main sshd[12946]: Failed password for invalid user alerm from 103.138.109.68 port 61607 ssh2 Jul 6 03:05:18 main sshd[12965]: Failed password for invalid user admin from 103.138.109.68 port 54785 ssh2 Jul 6 03:05:31 main sshd[12967]: Failed password for invalid user pi from 103.138.109.68 port 55292 ssh2 Jul 10 09:26:00 main sshd[12121]: Failed password for invalid user alerm from 103.138.109.68 port 63786 ssh2 Jul 10 09:27:41 main sshd[12186]: Failed password for invalid user admin from 103.138.109.68 port 63273 ssh2 Jul 10 09:27:48 main sshd[12190]: Failed password for invalid user pi from 103.138.109.68 port 63853 ssh2	2020-07-11 04:05:25
103.138.109.89	attackbots	(smtpauth) Failed SMTP AUTH login from 103.138.109.89 (VN/Vietnam/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-06 08:18:13 login authenticator failed for (7zIldrnobP) [103.138.109.89]: 535 Incorrect authentication data (set_id=info)	2020-07-06 19:13:12
103.138.109.68	attack	...	2020-06-30 17:01:34
103.138.109.89	attackspambots	Attempted Brute Force (dovecot)	2020-06-29 06:31:12
103.138.109.68	attackspam	Jun 24 06:33:16 mail sshd[8744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 Jun 24 06:33:17 mail sshd[8744]: Failed password for invalid user press from 103.138.109.68 port 52611 ssh2 ...	2020-06-24 18:00:41
103.138.109.68	attack	Jun 22 09:40:52 mail sshd[26097]: Failed password for root from 103.138.109.68 port 58571 ssh2 Jun 22 09:40:53 mail sshd[26097]: error: Received disconnect from 103.138.109.68 port 58571:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-06-22 15:48:31
103.138.109.221	attack	TCP (SYN) 103.138.109.221:46523 -> port 48933, len 44	2020-06-14 03:32:37
103.138.109.68	attackbots	May 25 15:51:02 abendstille sshd\[16955\]: Invalid user press from 103.138.109.68 May 25 15:51:02 abendstille sshd\[16955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 May 25 15:51:04 abendstille sshd\[16955\]: Failed password for invalid user press from 103.138.109.68 port 51289 ssh2 May 25 15:53:19 abendstille sshd\[19247\]: Invalid user press from 103.138.109.68 May 25 15:53:20 abendstille sshd\[19247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 ...	2020-05-26 01:57:49
103.138.109.76	attackspambots	[portscan] tcp/22 [SSH] [scan/connect: 6 time(s)] *(RWIN=8192)(04301449)	2020-05-01 01:11:32
103.138.109.95	attackspambots	Unauthorized connection attempt from IP address 103.138.109.95 on Port 3389(RDP)	2020-04-27 00:37:15
103.138.109.68	attack	Apr 25 20:27:38 vps647732 sshd[6223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 Apr 25 20:27:40 vps647732 sshd[6223]: Failed password for invalid user spam from 103.138.109.68 port 57029 ssh2 ...	2020-04-26 03:36:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.138.109.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2509
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.138.109.154.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025010501 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 06 03:21:46 CST 2025
;; MSG SIZE  rcvd: 108

Host info

Host 154.109.138.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.109.138.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.41	attack	DATE:2019-10-25 23:37:02, IP:222.186.180.41, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc-bis)	2019-10-26 05:49:15
112.85.42.186	attack	auto-add	2019-10-26 06:23:09
185.153.196.80	attack	10/25/2019-17:40:11.505902 185.153.196.80 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-26 05:47:48
106.12.47.216	attackspam	Oct 25 11:47:04 friendsofhawaii sshd\[31198\]: Invalid user adrc from 106.12.47.216 Oct 25 11:47:04 friendsofhawaii sshd\[31198\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.216 Oct 25 11:47:06 friendsofhawaii sshd\[31198\]: Failed password for invalid user adrc from 106.12.47.216 port 43574 ssh2 Oct 25 11:51:47 friendsofhawaii sshd\[31545\]: Invalid user milena from 106.12.47.216 Oct 25 11:51:47 friendsofhawaii sshd\[31545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.47.216	2019-10-26 06:05:29
81.12.159.146	attackspambots	Oct 26 03:01:35 gw1 sshd[7039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.12.159.146 Oct 26 03:01:37 gw1 sshd[7039]: Failed password for invalid user oracle from 81.12.159.146 port 45982 ssh2 ...	2019-10-26 06:21:10
41.87.72.102	attackspambots	2019-10-25T22:27:25.5338281240 sshd\[4378\]: Invalid user travelblog from 41.87.72.102 port 49968 2019-10-25T22:27:25.5365571240 sshd\[4378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.87.72.102 2019-10-25T22:27:27.3877661240 sshd\[4378\]: Failed password for invalid user travelblog from 41.87.72.102 port 49968 ssh2 ...	2019-10-26 06:05:52
218.75.207.11	attackspam	Oct 21 19:31:36 netserv300 sshd[24062]: Connection from 218.75.207.11 port 7741 on 188.40.78.197 port 22 Oct 21 19:31:43 netserv300 sshd[24064]: Connection from 218.75.207.11 port 10933 on 188.40.78.197 port 22 Oct 21 19:31:47 netserv300 sshd[24066]: Connection from 218.75.207.11 port 12865 on 188.40.78.197 port 22 Oct 21 19:31:51 netserv300 sshd[24069]: Connection from 218.75.207.11 port 14835 on 188.40.78.197 port 22 Oct 21 19:31:55 netserv300 sshd[24071]: Connection from 218.75.207.11 port 16709 on 188.40.78.197 port 22 Oct 21 19:32:01 netserv300 sshd[24073]: Connection from 218.75.207.11 port 19912 on 188.40.78.197 port 22 Oct 21 19:32:05 netserv300 sshd[24075]: Connection from 218.75.207.11 port 21784 on 188.40.78.197 port 22 Oct 21 19:32:09 netserv300 sshd[24077]: Connection from 218.75.207.11 port 23814 on 188.40.78.197 port 22 Oct 21 19:32:13 netserv300 sshd[24081]: Connection from 218.75.207.11 port 25719 on 188.40.78.197 port 22 Oct 21 19:32:18 netserv300 sshd[........ ------------------------------	2019-10-26 06:15:17
103.92.84.102	attackspambots	Oct 25 23:28:36 ArkNodeAT sshd\[20252\]: Invalid user woodland from 103.92.84.102 Oct 25 23:28:36 ArkNodeAT sshd\[20252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.84.102 Oct 25 23:28:38 ArkNodeAT sshd\[20252\]: Failed password for invalid user woodland from 103.92.84.102 port 37340 ssh2	2019-10-26 06:08:18
193.112.108.135	attackspambots	Oct 25 22:27:44 [host] sshd[22075]: Invalid user leon from 193.112.108.135 Oct 25 22:27:44 [host] sshd[22075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.108.135 Oct 25 22:27:46 [host] sshd[22075]: Failed password for invalid user leon from 193.112.108.135 port 55922 ssh2	2019-10-26 05:50:33
49.234.25.11	attack	Lines containing failures of 49.234.25.11 Oct 24 22:18:14 shared09 sshd[2478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.25.11 user=r.r Oct 24 22:18:16 shared09 sshd[2478]: Failed password for r.r from 49.234.25.11 port 46026 ssh2 Oct 24 22:18:16 shared09 sshd[2478]: Received disconnect from 49.234.25.11 port 46026:11: Bye Bye [preauth] Oct 24 22:18:16 shared09 sshd[2478]: Disconnected from authenticating user r.r 49.234.25.11 port 46026 [preauth] Oct 24 22:38:57 shared09 sshd[8657]: Invalid user artemio from 49.234.25.11 port 52768 Oct 24 22:38:57 shared09 sshd[8657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.25.11 Oct 24 22:38:59 shared09 sshd[8657]: Failed password for invalid user artemio from 49.234.25.11 port 52768 ssh2 Oct 24 22:39:00 shared09 sshd[8657]: Received disconnect from 49.234.25.11 port 52768:11: Bye Bye [preauth] Oct 24 22:39:00 shared09 sshd[8657........ ------------------------------	2019-10-26 06:15:43
79.137.72.171	attack	Oct 26 00:31:44 pkdns2 sshd\[32362\]: Invalid user deskjet from 79.137.72.171Oct 26 00:31:46 pkdns2 sshd\[32362\]: Failed password for invalid user deskjet from 79.137.72.171 port 39686 ssh2Oct 26 00:35:41 pkdns2 sshd\[32539\]: Invalid user cornelia from 79.137.72.171Oct 26 00:35:43 pkdns2 sshd\[32539\]: Failed password for invalid user cornelia from 79.137.72.171 port 58653 ssh2Oct 26 00:39:46 pkdns2 sshd\[32691\]: Invalid user uouo from 79.137.72.171Oct 26 00:39:48 pkdns2 sshd\[32691\]: Failed password for invalid user uouo from 79.137.72.171 port 49385 ssh2 ...	2019-10-26 06:14:41
222.186.175.161	attackbotsspam	2019-10-25T22:04:09.350005hub.schaetter.us sshd\[383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.161 user=root 2019-10-25T22:04:11.657201hub.schaetter.us sshd\[383\]: Failed password for root from 222.186.175.161 port 3762 ssh2 2019-10-25T22:04:15.715455hub.schaetter.us sshd\[383\]: Failed password for root from 222.186.175.161 port 3762 ssh2 2019-10-25T22:04:20.216785hub.schaetter.us sshd\[383\]: Failed password for root from 222.186.175.161 port 3762 ssh2 2019-10-25T22:04:24.507872hub.schaetter.us sshd\[383\]: Failed password for root from 222.186.175.161 port 3762 ssh2 ...	2019-10-26 06:22:38
23.94.160.159	attackbotsspam	1,80-05/05 [bc02/m43] concatform PostRequest-Spammer scoring: luanda01	2019-10-26 05:53:34
42.159.4.104	attackspambots	Oct 25 20:56:00 game-panel sshd[3087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.4.104 Oct 25 20:56:02 game-panel sshd[3087]: Failed password for invalid user QWEqwe!@# from 42.159.4.104 port 51804 ssh2 Oct 25 21:01:27 game-panel sshd[3249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.4.104	2019-10-26 05:46:27
165.227.18.169	attackspam	Oct 25 10:18:36 web1 sshd\[24951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.18.169 user=root Oct 25 10:18:39 web1 sshd\[24951\]: Failed password for root from 165.227.18.169 port 41068 ssh2 Oct 25 10:22:37 web1 sshd\[25298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.18.169 user=root Oct 25 10:22:39 web1 sshd\[25298\]: Failed password for root from 165.227.18.169 port 51428 ssh2 Oct 25 10:26:35 web1 sshd\[25642\]: Invalid user data from 165.227.18.169 Oct 25 10:26:35 web1 sshd\[25642\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.18.169	2019-10-26 06:23:35

Recently Reported IPs

116.22.126.158	113.94.114.25	123.17.156.158	232.5.198.110
75.67.179.211	9.22.182.215	172.190.66.78	132.240.141.36
172.241.120.50	197.180.137.177	126.214.57.140	44.252.57.96
81.138.196.129	131.221.133.31	77.123.69.164	235.29.183.14
248.77.162.41	74.159.175.239	67.205.135.51	109.226.235.180