Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
138.68.71.18 attackspambots
Sep 28 01:37:21 pl2server sshd[26678]: Invalid user alex from 138.68.71.18 port 38504
Sep 28 01:37:21 pl2server sshd[26678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18
Sep 28 01:37:22 pl2server sshd[26678]: Failed password for invalid user alex from 138.68.71.18 port 38504 ssh2
Sep 28 01:37:22 pl2server sshd[26678]: Received disconnect from 138.68.71.18 port 38504:11: Bye Bye [preauth]
Sep 28 01:37:22 pl2server sshd[26678]: Disconnected from 138.68.71.18 port 38504 [preauth]
Sep 28 01:51:34 pl2server sshd[30416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18  user=www-data
Sep 28 01:51:36 pl2server sshd[30416]: Failed password for www-data from 138.68.71.18 port 44968 ssh2
Sep 28 01:51:36 pl2server sshd[30416]: Received disconnect from 138.68.71.18 port 44968:11: Bye Bye [preauth]
Sep 28 01:51:36 pl2server sshd[30416]: Disconnected from 138.68.71.18 port 4496........
-------------------------------
2020-09-30 09:26:07
138.68.71.18 attackbots
Sep 28 01:37:21 pl2server sshd[26678]: Invalid user alex from 138.68.71.18 port 38504
Sep 28 01:37:21 pl2server sshd[26678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18
Sep 28 01:37:22 pl2server sshd[26678]: Failed password for invalid user alex from 138.68.71.18 port 38504 ssh2
Sep 28 01:37:22 pl2server sshd[26678]: Received disconnect from 138.68.71.18 port 38504:11: Bye Bye [preauth]
Sep 28 01:37:22 pl2server sshd[26678]: Disconnected from 138.68.71.18 port 38504 [preauth]
Sep 28 01:51:34 pl2server sshd[30416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18  user=www-data
Sep 28 01:51:36 pl2server sshd[30416]: Failed password for www-data from 138.68.71.18 port 44968 ssh2
Sep 28 01:51:36 pl2server sshd[30416]: Received disconnect from 138.68.71.18 port 44968:11: Bye Bye [preauth]
Sep 28 01:51:36 pl2server sshd[30416]: Disconnected from 138.68.71.18 port 4496........
-------------------------------
2020-09-30 02:17:00
138.68.71.18 attack
Sep 29 11:15:01 l03 sshd[19472]: Invalid user dave from 138.68.71.18 port 37666
...
2020-09-29 18:19:16
138.68.71.18 attackbots
5x Failed Password
2020-09-26 03:09:10
138.68.71.18 attackspambots
Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)
2020-09-25 18:57:01
138.68.71.188 attackspambots
Exploited Host.
2020-07-26 02:40:16
138.68.71.174 attack
[Thu Jun 04 08:31:15.929570 2020] [php7:error] [pid 12674] [client 138.68.71.174:49980] script /Library/Server/Web/Data/Sites/omfocused.com/wp-login.php not found or unable to stat
2020-06-05 01:02:28
138.68.71.174 attackspambots
CMS (WordPress or Joomla) login attempt.
2020-06-02 00:17:57
138.68.71.188 attack
May  7 07:09:10 h2829583 sshd[15812]: Failed password for root from 138.68.71.188 port 46358 ssh2
2020-05-07 13:09:36
138.68.71.174 attackspam
2020-04-29T10:25:46.993070+00:00 [f2b-wordpress-hard-ddos] : Authentication attempt user [munged] from 138.68.71.174
2020-04-29T10:25:45.652329+00:00 [f2b-wordpress-hard-ddos] : Authentication attempt user [munged] from 138.68.71.174
2020-04-29T10:25:45.650309+00:00 [f2b-wordpress-hard-ddos] : Authentication attempt user [munged] from 138.68.71.174
2020-04-29 18:30:04
138.68.71.174 attack
138.68.71.174 - - [24/Apr/2020:14:03:32 +0200] "GET /wp-login.php HTTP/1.1" 200 5982 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.71.174 - - [24/Apr/2020:14:03:35 +0200] "POST /wp-login.php HTTP/1.1" 200 6174 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
138.68.71.174 - - [24/Apr/2020:14:03:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-04-25 01:23:52
138.68.71.174 attackspam
Automatic report - XMLRPC Attack
2020-03-12 14:42:12
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.71.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16624
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.71.92.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020601 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 12:15:54 CST 2022
;; MSG SIZE  rcvd: 105
Host info
Host 92.71.68.138.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.71.68.138.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
111.67.202.196 attack
...
2020-06-28 19:34:26
193.112.44.102 attackbots
2020-06-28T08:52:34+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)
2020-06-28 19:41:40
217.165.236.254 attackbotsspam
Port probing on unauthorized port 22
2020-06-28 19:33:29
12.26.109.27 attack
Jun 28 03:38:30 XXX sshd[27806]: Invalid user admin from 12.26.109.27
Jun 28 03:38:30 XXX sshd[27806]: Received disconnect from 12.26.109.27: 11: Bye Bye [preauth]
Jun 28 03:38:32 XXX sshd[27814]: User r.r from 12.26.109.27 not allowed because none of user's groups are listed in AllowGroups
Jun 28 03:38:32 XXX sshd[27814]: Received disconnect from 12.26.109.27: 11: Bye Bye [preauth]
Jun 28 03:38:33 XXX sshd[27823]: Invalid user admin from 12.26.109.27
Jun 28 03:38:33 XXX sshd[27823]: Received disconnect from 12.26.109.27: 11: Bye Bye [preauth]
Jun 28 03:38:35 XXX sshd[27841]: Invalid user admin from 12.26.109.27
Jun 28 03:38:35 XXX sshd[27841]: Received disconnect from 12.26.109.27: 11: Bye Bye [preauth]
Jun 28 03:38:36 XXX sshd[27845]: Invalid user admin from 12.26.109.27
Jun 28 03:38:36 XXX sshd[27845]: Received disconnect from 12.26.109.27: 11: Bye Bye [preauth]
Jun 28 03:38:38 XXX sshd[27849]: Invalid user apache from 12.26.109.27
Jun 28 03:38:38 XXX sshd[27849]: Re........
-------------------------------
2020-06-28 19:41:08
123.126.106.88 attack
Jun 28 13:04:02 * sshd[13123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.126.106.88
Jun 28 13:04:05 * sshd[13123]: Failed password for invalid user ccm from 123.126.106.88 port 33612 ssh2
2020-06-28 19:14:47
34.66.160.47 attackbots
SSH Brute-Force reported by Fail2Ban
2020-06-28 19:34:06
45.134.179.57 attackbots
Jun 28 13:06:35 debian-2gb-nbg1-2 kernel: \[15601043.047290\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=4334 PROTO=TCP SPT=46943 DPT=38015 WINDOW=1024 RES=0x00 SYN URGP=0
2020-06-28 19:23:19
162.144.111.86 attackspam
SpamScore above: 10.0
2020-06-28 19:24:41
13.68.222.199 attack
[AUTOMATIC REPORT] - 21 tries in total - SSH BRUTE FORCE - IP banned
2020-06-28 19:26:27
78.128.113.117 attackspambots
2020-06-28T13:25:54.176280web.dutchmasterserver.nl postfix/smtps/smtpd[58689]: warning: unknown[78.128.113.117]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-28T13:26:10.284689web.dutchmasterserver.nl postfix/smtps/smtpd[58689]: warning: unknown[78.128.113.117]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-28T13:26:17.176452web.dutchmasterserver.nl postfix/smtps/smtpd[58728]: warning: unknown[78.128.113.117]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-28T13:26:23.437646web.dutchmasterserver.nl postfix/smtps/smtpd[58689]: warning: unknown[78.128.113.117]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-28T13:26:30.186239web.dutchmasterserver.nl postfix/smtps/smtpd[58728]: warning: unknown[78.128.113.117]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-28 19:40:42
123.58.5.36 attackspam
2020-06-28T12:51:49.113785vps751288.ovh.net sshd\[9454\]: Invalid user ubuntu from 123.58.5.36 port 52814
2020-06-28T12:51:49.123360vps751288.ovh.net sshd\[9454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.58.5.36
2020-06-28T12:51:50.937674vps751288.ovh.net sshd\[9454\]: Failed password for invalid user ubuntu from 123.58.5.36 port 52814 ssh2
2020-06-28T13:01:22.106002vps751288.ovh.net sshd\[9587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.58.5.36  user=root
2020-06-28T13:01:24.251264vps751288.ovh.net sshd\[9587\]: Failed password for root from 123.58.5.36 port 60612 ssh2
2020-06-28 19:20:11
178.128.150.158 attackbotsspam
" "
2020-06-28 19:34:59
88.149.248.9 attack
Automatic report BANNED IP
2020-06-28 19:35:57
222.186.42.7 attack
Jun 28 09:37:33 vm0 sshd[18662]: Failed password for root from 222.186.42.7 port 58365 ssh2
...
2020-06-28 19:01:07
131.221.194.10 attack
1593316085 - 06/28/2020 05:48:05 Host: 131.221.194.10/131.221.194.10 Port: 8080 TCP Blocked
2020-06-28 19:28:03

Recently Reported IPs

128.199.239.134 112.12.204.26 185.162.192.32 14.240.196.65
167.172.148.145 180.215.192.131 83.48.68.3 58.27.233.82
218.29.167.122 124.217.248.153 114.67.111.123 112.193.216.150
79.110.17.43 37.205.122.242 206.189.51.160 106.53.239.180
180.76.247.65 178.176.78.227 162.142.125.162 64.62.197.180