138.68.80.227 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.80.235	attackbots	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 06:43:36
138.68.80.235	attack	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 22:52:10
138.68.80.235	attack	hacking	2020-10-05 14:46:56
138.68.80.235	attack	138.68.80.235 - - [29/Sep/2020:17:56:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2243 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:17:57:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:17:57:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 04:31:31
138.68.80.235	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-29 20:39:51
138.68.80.235	attackspam	138.68.80.235 - - [29/Sep/2020:03:56:38 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:03:56:40 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:03:56:41 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 12:48:53
138.68.80.235	attackbotsspam	C1,WP GET /suche/wp-login.php	2020-09-29 06:51:54
138.68.80.235	attack	xmlrpc attack	2020-09-28 23:19:46
138.68.80.235	attack	xmlrpc attack	2020-09-28 15:23:17
138.68.80.235	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-10 00:39:17
138.68.80.217	attackbotsspam	port 23	2020-08-14 14:33:03
138.68.80.235	attackspambots	Automatic report generated by Wazuh	2020-08-06 20:25:50
138.68.80.235	attackspambots	[03/Aug/2020:19:30:47 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-04 03:16:18
138.68.80.235	attackbotsspam	xmlrpc attack	2020-07-31 07:48:16
138.68.80.235	attack	Automatic report - XMLRPC Attack	2020-06-23 19:32:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.80.227
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.80.227.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025082002 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 21 02:00:23 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 227.80.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 227.80.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.166.128.171	attack	Feb 1 21:56:03 *** sshd[29748]: Did not receive identification string from 183.166.128.171	2020-02-02 08:29:11
54.36.148.17	attack	Automatic report - Banned IP Access	2020-02-02 08:35:32
123.207.78.83	attackbotsspam	Invalid user neelakshi from 123.207.78.83 port 53534	2020-02-02 08:37:15
118.24.40.136	attackbots	Unauthorized connection attempt detected from IP address 118.24.40.136 to port 2220 [J]	2020-02-02 08:40:08
148.70.210.77	attackbotsspam	Invalid user gs from 148.70.210.77 port 34240	2020-02-02 08:34:26
222.186.173.215	attack	Feb 1 19:29:14 plusreed sshd[13801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Feb 1 19:29:16 plusreed sshd[13801]: Failed password for root from 222.186.173.215 port 7428 ssh2 Feb 1 19:29:19 plusreed sshd[13801]: Failed password for root from 222.186.173.215 port 7428 ssh2 Feb 1 19:29:14 plusreed sshd[13801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Feb 1 19:29:16 plusreed sshd[13801]: Failed password for root from 222.186.173.215 port 7428 ssh2 Feb 1 19:29:19 plusreed sshd[13801]: Failed password for root from 222.186.173.215 port 7428 ssh2 Feb 1 19:29:14 plusreed sshd[13801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Feb 1 19:29:16 plusreed sshd[13801]: Failed password for root from 222.186.173.215 port 7428 ssh2 Feb 1 19:29:19 plusreed sshd[13801]: Failed password for root from 22	2020-02-02 09:05:31
103.134.133.29	attackspam	firewall-block, port(s): 23/tcp	2020-02-02 08:31:08
178.88.215.138	attack	Unauthorized connection attempt detected from IP address 178.88.215.138 to port 23 [J]	2020-02-02 08:58:42
85.214.64.38	attackspambots	Unauthorized connection attempt detected from IP address 85.214.64.38 to port 2323 [J]	2020-02-02 09:03:00
139.59.38.252	attack	Feb 2 00:58:57 pornomens sshd\[6448\]: Invalid user myftp from 139.59.38.252 port 46530 Feb 2 00:58:57 pornomens sshd\[6448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.38.252 Feb 2 00:58:59 pornomens sshd\[6448\]: Failed password for invalid user myftp from 139.59.38.252 port 46530 ssh2 ...	2020-02-02 08:16:53
5.202.150.179	attack	Unauthorized connection attempt detected from IP address 5.202.150.179 to port 8080 [J]	2020-02-02 09:08:30
79.166.108.122	attack	Unauthorized connection attempt detected from IP address 79.166.108.122 to port 81 [J]	2020-02-02 09:10:09
118.98.73.5	attack	Web App Attack	2020-02-02 08:22:18
45.116.33.138	attackbots	Unauthorized connection attempt detected from IP address 45.116.33.138 to port 1433 [J]	2020-02-02 08:57:45
212.98.73.146	attackbots	Jan 31 10:23:08 dcd-gentoo sshd[21645]: Invalid user admin from 212.98.73.146 port 33361 Jan 31 10:23:10 dcd-gentoo sshd[21645]: error: PAM: Authentication failure for illegal user admin from 212.98.73.146 Jan 31 10:23:08 dcd-gentoo sshd[21645]: Invalid user admin from 212.98.73.146 port 33361 Jan 31 10:23:10 dcd-gentoo sshd[21645]: error: PAM: Authentication failure for illegal user admin from 212.98.73.146 Jan 31 10:23:08 dcd-gentoo sshd[21645]: Invalid user admin from 212.98.73.146 port 33361 Jan 31 10:23:10 dcd-gentoo sshd[21645]: error: PAM: Authentication failure for illegal user admin from 212.98.73.146 Jan 31 10:23:10 dcd-gentoo sshd[21645]: Failed keyboard-interactive/pam for invalid user admin from 212.98.73.146 port 33361 ssh2 ...	2020-02-02 09:04:26

Recently Reported IPs

50.7.252.138	94.156.152.158	185.177.72.8	147.185.133.130
185.148.105.168	152.67.113.25	45.142.154.93	221.150.16.201
103.218.242.167	45.142.154.62	123.58.220.215	17.241.141.46
172.120.51.185	18.150.118.70	113.215.188.20	63.208.207.38
45.135.193.253	135.36.242.189	91.196.152.13	160.155.110.214