JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.131.85.222

103.131.85.222 was found in our database!

This IP was reported 108 times. Confidence of Abuse is 18%: ?

18%

ISP	HVT TM AND XNK COMPANY LIMITED
Usage Type	Commercial
ASN	AS149137
Domain Name	vnnic.vn
Country	🇻🇳 Viet Nam
City	Ho Chi Minh City, Ho Chi Minh City (HCMC)

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.131.85.222

Whois 103.131.85.222

IP Abuse Reports for 103.131.85.222:

This IP address has been reported a total of 108 times from 76 distinct sources. 103.131.85.222 was first reported on October 12th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 RAP	2026-05-25 16:26:10 (3 weeks ago)	2026-05-25 16:26:10 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇫🇷 security.rdmc.fr	2026-05-09 15:21:18 (1 month ago)	Port Scan Attack proto:TCP src:41150 dst:23	Port Scan
🇺🇸 cybsecaoccol	2026-05-09 14:38:48 (1 month ago)	multiple malicious connection attempts on tcp port 23 - dr	DDoS Attack Port Scan Hacking Brute-Force
🇮🇳 evicky2002	2026-05-01 06:17:05 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=92, sources=1)	Hacking Brute-Force SSH
🇬🇧 thetomtaylor.co.uk	2026-04-08 23:08:07 (2 months ago)	Fail2Ban - [SSH]Brute-force login attempts on sshd ... [ice01,ice02,wa02]	Brute-Force SSH
🇿🇦 agentics	2026-04-01 02:14:42 (2 months ago)	103.131.85.222 report : IP INFO: - IP 103.131.85.222 - Anycast false - City ... show more 103.131.85.222 report : IP INFO: - IP 103.131.85.222 - Anycast false - City Tây Mỗ (Duong Noi) - Region N/A - Region Code N/A - Country Vietnam (VN) - Continent Asia (AS) - Range 103.131.85.0/24 - Provider TAN THANH AN INTERNATIONAL TRADE DEVELOPMENT COMPANY LIMITED - Organisation HVT TM and XNK Company Limited - Proxy no - Type Business show less	DDoS Attack FTP Brute-Force Port Scan Hacking Spoofing Brute-Force Exploited Host
🇹🇷 sh97	2026-03-28 13:21:05 (2 months ago)	tr01: SSH Brute Force from 103.131.85.222 at 2026-03-28 18:51:04 IST	Brute-Force SSH
🇦🇹 urnilxfgbez	2026-03-27 23:45:00 (2 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇹🇷 rtbh.com.tr	2026-03-27 16:12:17 (2 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇩🇪 iNetWorker	2026-03-27 15:10:36 (2 months ago)	firewall-block, port(s): 23/tcp	Port Scan
🇨🇿 gszasz	2026-03-27 08:18:19 (2 months ago)	2026-03-27T09:17:43.821940+01:00 thor sshd-session[56926]: Failed password for root from 103.131.85. ... show more 2026-03-27T09:17:43.821940+01:00 thor sshd-session[56926]: Failed password for root from 103.131.85.222 port 57446 ssh2 2026-03-27T09:17:45.072812+01:00 thor sshd-session[56926]: Connection closed by authenticating user root 103.131.85.222 port 57446 [preauth] 2026-03-27T09:18:18.300154+01:00 thor sshd-session[56940]: Invalid user admin from 103.131.85.222 port 45574 ... show less	Brute-Force SSH
🇵🇱 skillhost.pl	2026-03-27 04:02:13 (2 months ago)	Automated SSH brute-force attack detected. The IP repeatedly attempted to authenticate to port 22 us ... show more Automated SSH brute-force attack detected. The IP repeatedly attempted to authenticate to port 22 using multiple usernames and password guesses within a short timeframe. show less	Brute-Force SSH
🇨🇦 Largnet SOC	2026-03-26 20:44:01 (2 months ago)	103.131.85.222 triggered Icarus honeypot on port 23. Check us out on github.	Port Scan Hacking
🇹🇷 rtbh.com.tr	2026-03-26 12:12:15 (2 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-26 04:18:02 (2 months ago)	Honeypot hit: Unauthorized connection attempt detected on 23/TELNET	Hacking IoT Targeted Port Scan

Showing 1 to 15 of 108 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.120.42.242

🇨🇳 223.85.111.227

🇪🇹 196.189.236.162

🇺🇸 195.184.76.130

🇬🇧 193.163.125.208

🇮🇳 115.96.126.198

🇧🇬 78.128.112.6

🇺🇸 205.210.31.59

🇺🇸 185.92.182.129

🇳🇱 176.65.139.31

🇺🇸 147.185.132.148

🇩🇪 139.59.138.20

🇭🇰 138.199.62.25

🇰🇷 118.43.235.198

🇰🇷 112.166.89.17

🇺🇸 91.230.168.187

🇲🇾 2001:e68:544f:6a36:f00f:1202:24ea:3665

🇩🇪 213.209.159.231

🇨🇳 113.200.71.102

🇭🇰 112.119.21.245