103.138.109.219

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: MTK Technicial Equiptment Limited Company

Hostname: unknown

Organization: VIETNAM POSTS AND TELECOMMUNICATIONS GROUP

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Trying ports that it shouldn't be.	2019-07-12 02:57:45

Comments on same subnet:

IP	Type	Details	Datetime
103.138.109.68	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-11 01:38:20
103.138.109.44	attackspambots	07/25/2020-11:16:32.406346 103.138.109.44 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-07-25 23:17:49
103.138.109.190	attackbots	Jul 18 12:36:29 debian-2gb-nbg1-2 kernel: \[17327139.039675\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.138.109.190 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=18506 PROTO=TCP SPT=45046 DPT=15355 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-18 19:51:26
103.138.109.89	attackspam	MAIL: User Login Brute Force Attempt	2020-07-14 21:59:19
103.138.109.68	attackspam	Jul 6 03:05:07 main sshd[12946]: Failed password for invalid user alerm from 103.138.109.68 port 61607 ssh2 Jul 6 03:05:18 main sshd[12965]: Failed password for invalid user admin from 103.138.109.68 port 54785 ssh2 Jul 6 03:05:31 main sshd[12967]: Failed password for invalid user pi from 103.138.109.68 port 55292 ssh2 Jul 10 09:26:00 main sshd[12121]: Failed password for invalid user alerm from 103.138.109.68 port 63786 ssh2 Jul 10 09:27:41 main sshd[12186]: Failed password for invalid user admin from 103.138.109.68 port 63273 ssh2 Jul 10 09:27:48 main sshd[12190]: Failed password for invalid user pi from 103.138.109.68 port 63853 ssh2	2020-07-11 04:05:25
103.138.109.89	attackbots	(smtpauth) Failed SMTP AUTH login from 103.138.109.89 (VN/Vietnam/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-06 08:18:13 login authenticator failed for (7zIldrnobP) [103.138.109.89]: 535 Incorrect authentication data (set_id=info)	2020-07-06 19:13:12
103.138.109.68	attack	...	2020-06-30 17:01:34
103.138.109.89	attackspambots	Attempted Brute Force (dovecot)	2020-06-29 06:31:12
103.138.109.68	attackspam	Jun 24 06:33:16 mail sshd[8744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 Jun 24 06:33:17 mail sshd[8744]: Failed password for invalid user press from 103.138.109.68 port 52611 ssh2 ...	2020-06-24 18:00:41
103.138.109.68	attack	Jun 22 09:40:52 mail sshd[26097]: Failed password for root from 103.138.109.68 port 58571 ssh2 Jun 22 09:40:53 mail sshd[26097]: error: Received disconnect from 103.138.109.68 port 58571:3: com.jcraft.jsch.JSchException: Auth fail [preauth] ...	2020-06-22 15:48:31
103.138.109.221	attack	TCP (SYN) 103.138.109.221:46523 -> port 48933, len 44	2020-06-14 03:32:37
103.138.109.68	attackbots	May 25 15:51:02 abendstille sshd\[16955\]: Invalid user press from 103.138.109.68 May 25 15:51:02 abendstille sshd\[16955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 May 25 15:51:04 abendstille sshd\[16955\]: Failed password for invalid user press from 103.138.109.68 port 51289 ssh2 May 25 15:53:19 abendstille sshd\[19247\]: Invalid user press from 103.138.109.68 May 25 15:53:20 abendstille sshd\[19247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 ...	2020-05-26 01:57:49
103.138.109.76	attackspambots	[portscan] tcp/22 [SSH] [scan/connect: 6 time(s)] *(RWIN=8192)(04301449)	2020-05-01 01:11:32
103.138.109.95	attackspambots	Unauthorized connection attempt from IP address 103.138.109.95 on Port 3389(RDP)	2020-04-27 00:37:15
103.138.109.68	attack	Apr 25 20:27:38 vps647732 sshd[6223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 Apr 25 20:27:40 vps647732 sshd[6223]: Failed password for invalid user spam from 103.138.109.68 port 57029 ssh2 ...	2020-04-26 03:36:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.138.109.219
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2533
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.138.109.219.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 12 02:57:40 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 219.109.138.103.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 219.109.138.103.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.75.64.59	attack	Unauthorized connection attempt detected from IP address 106.75.64.59 to port 8880	2019-12-31 08:11:07
112.117.33.92	attack	Unauthorized connection attempt detected from IP address 112.117.33.92 to port 2086	2019-12-31 08:32:22
49.88.115.145	attackbotsspam	Unauthorized connection attempt detected from IP address 49.88.115.145 to port 5555	2019-12-31 08:37:23
180.95.238.116	attackspam	Unauthorized connection attempt detected from IP address 180.95.238.116 to port 2095	2019-12-31 08:46:28
110.5.5.140	attackbotsspam	Automatic report - Banned IP Access	2019-12-31 08:35:12
124.235.138.148	attackspam	Unauthorized connection attempt detected from IP address 124.235.138.148 to port 2087	2019-12-31 08:47:20
42.114.228.30	attackspam	Unauthorized connection attempt detected from IP address 42.114.228.30 to port 23	2019-12-31 08:38:52
113.64.145.8	attackbots	Unauthorized connection attempt detected from IP address 113.64.145.8 to port 23	2019-12-31 08:31:36
218.92.0.158	attackspambots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.158 user=root Failed password for root from 218.92.0.158 port 36652 ssh2 Failed password for root from 218.92.0.158 port 36652 ssh2 Failed password for root from 218.92.0.158 port 36652 ssh2 Failed password for root from 218.92.0.158 port 36652 ssh2	2019-12-31 08:20:07
27.211.57.136	attackspambots	Unauthorized connection attempt detected from IP address 27.211.57.136 to port 2095	2019-12-31 08:15:01
106.45.0.241	attack	Unauthorized connection attempt detected from IP address 106.45.0.241 to port 8080	2019-12-31 08:11:31
182.242.104.218	attackspambots	Unauthorized connection attempt detected from IP address 182.242.104.218 to port 2086	2019-12-31 08:45:33
106.1.48.8	attack	Unauthorized connection attempt detected from IP address 106.1.48.8 to port 8081	2019-12-31 08:36:16
36.32.3.187	attackspambots	Unauthorized connection attempt detected from IP address 36.32.3.187 to port 2095	2019-12-31 08:39:41
112.66.99.1	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095	2019-12-31 08:33:07

Recently Reported IPs

185.17.149.156	107.50.230.34	82.70.144.153	173.200.128.185
94.230.130.91	117.253.25.98	191.244.103.216	68.232.169.236
44.77.83.20	217.166.196.222	47.104.249.203	95.75.54.162
200.13.243.189	49.55.42.173	36.175.221.190	212.149.40.231
178.190.220.89	161.97.251.143	34.110.217.220	115.34.8.208