JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.238.111.68

5.238.111.68 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 83%: ?

83%

ISP	Iran Telecommunication Company PJS
Usage Type	Fixed Line ISP
ASN	AS58224
Domain Name	tci.ir
Country	🇮🇷 Iran (Islamic Republic of)
City	Karaj, Alborz Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.238.111.68

Whois 5.238.111.68

IP Abuse Reports for 5.238.111.68:

This IP address has been reported a total of 15 times from 13 distinct sources. 5.238.111.68 was first reported on June 14th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-15 22:45:00 (3 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-15 21:53:25 (4 hours ago)	Honeypot hit: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB	Hacking
🇩🇪 KPS	2026-06-15 17:54:08 (8 hours ago)	PortscanN	Port Scan
🇫🇷 Hiigara	2026-06-15 16:30:49 (9 hours ago)	connection attempt : 5.238.111.68 on port : tcp/1433 (MSSQL)	Port Scan
🇧🇷 SOC Blue Team	2026-06-15 11:26:07 (14 hours ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇩🇪 femboy.cat	2026-06-15 05:13:48 (21 hours ago)	Port scan to tcp/1433 from 5.238.111.68	Brute-Force
🇳🇱 Yachiyo Runami	2026-06-15 05:02:38 (21 hours ago)	Port Scan on Honeypot \| Ports: 445/SMB \| Proto: TCP(1) \| Flags: all SYN \| TTL: 243 \| Len: 40B \| Win: ... show more Port Scan on Honeypot \| Ports: 445/SMB \| Proto: TCP(1) \| Flags: all SYN \| TTL: 243 \| Len: 40B \| Win: 1024(1) \| F2B/ufw-honeypot@2026-06-15T05:02:38Z show less	Port Scan Hacking
🇺🇸 RAP	2026-06-15 00:49:12 (1 day ago)	2026-06-15 00:49:12 UTC Unauthorized activity to TCP port 1433. SQL	Port Scan
🇩🇪 Admins@FBN	2026-06-15 00:06:47 (1 day ago)	FW-PortScan: Traffic Blocked srcport=21999 dstport=1433	Port Scan Hacking SQL Injection
🇺🇸 Cyber Crusader	2026-06-15 00:00:47 (1 day ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
Anonymous	2026-06-14 23:15:42 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 Robert Gilliam	2026-06-14 22:42:34 (1 day ago)	Port scan / honeypot hit on ny.robgilm.com	Port Scan
🇺🇸 RAP	2026-06-14 21:56:12 (1 day ago)	2026-06-14 21:56:12 UTC Unauthorized activity to TCP port 1433. SQL	Port Scan
🇺🇸 RAP	2026-06-14 20:07:26 (1 day ago)	2026-06-14 20:07:26 UTC Unauthorized activity to TCP port 1433. SQL	Port Scan
🇫🇷 sthoyer.de	2026-06-14 14:57:38 (1 day ago)	Jun 14 16:57:37 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Jun 14 16:57:37 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=5.238.111.68 DST=173.212.223.67 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=9824 PROTO=TCP SPT=21999 DPT=445 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 180.190.165.81

🇺🇸 172.104.11.51

🇨🇲 154.70.102.114

🇨🇳 120.236.49.131

🇨🇳 115.190.165.165

🇱🇹 45.227.254.170

🇺🇸 40.77.167.32

🇮🇩 36.79.238.140

🇧🇷 205.210.31.206

🇹🇭 203.172.213.166

🇺🇸 198.11.178.150

🇺🇸 195.184.76.193

🇮🇳 182.75.197.174

🇲🇳 180.149.125.167

🇺🇸 172.239.64.155

🇺🇸 172.236.228.224

🇺🇸 162.216.149.52

🇺🇸 73.176.188.102

🇻🇳 14.176.169.144

🇺🇸 3.216.176.159