JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 13.140.156.1

13.140.156.1 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3359112.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 13.140.156.1

Whois 13.140.156.1

IP Abuse Reports for 13.140.156.1:

This IP address has been reported a total of 174 times from 116 distinct sources. 13.140.156.1 was first reported on June 11th 2026, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 RAP	2026-06-14 18:17:12 (23 hours ago)	2026-06-14 18:17:12 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇳🇱 knock	2026-06-14 17:57:27 (1 day ago)	Knock-Knock honeypot brute-force: proto8 (46 total hits)	Brute-Force
Anonymous	2026-06-14 16:06:44 (1 day ago)	IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-cve-2021-41773; Action=ban; Events ... show more IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-cve-2021-41773; Action=ban; Events=1; Hosts=_; Paths=/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh; Country=DE; ASN=0 show less	Hacking Web App Attack
Anonymous	2026-06-14 15:32:43 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-cve-2021-41773	Web App Attack Hacking
Anonymous	2026-06-14 15:03:47 (1 day ago)	IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-cve-2021-42013; Action=ban; Events ... show more IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-cve-2021-42013; Action=ban; Events=1; Hosts=_; Paths=/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh; Country=DE; ASN=0 show less	Hacking Web App Attack
🇺🇸 bigscoots.com	2026-06-14 13:47:35 (1 day ago)	(sshd) Failed SSH login from 13.140.156.1 (DE/Germany/vmi3359112.contaboserver.net): 5 in the last 3 ... show more (sshd) Failed SSH login from 13.140.156.1 (DE/Germany/vmi3359112.contaboserver.net): 5 in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_SSHD; Logs: Jun 14 08:46:15 17913 sshd[30138]: Invalid user admin from 13.140.156.1 port 46896 Jun 14 08:46:17 17913 sshd[30138]: Failed password for invalid user admin from 13.140.156.1 port 46896 ssh2 Jun 14 08:46:48 17913 sshd[30275]: Invalid user orangepi from 13.140.156.1 port 53402 Jun 14 08:46:50 17913 sshd[30275]: Failed password for invalid user orangepi from 13.140.156.1 port 53402 ssh2 Jun 14 08:47:21 17913 sshd[30631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.140.156.1 user=root show less	Brute-Force SSH
🇫🇷 Lunix	2026-06-14 13:38:36 (1 day ago)		FTP Brute-Force Brute-Force
🇩🇪 IVski	2026-06-14 13:33:41 (1 day ago)	IVski WAF \| Path traversal detected - double encoding or cgi-bin abuse	Port Scan Brute-Force Web App Attack
🇺🇸 RAP	2026-06-14 12:43:24 (1 day ago)	2026-06-14 12:43:24 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 LSPCCU	2026-06-14 11:24:51 (1 day ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Br ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH, IoT Targeted. Honeypot: ssh-telnet, cowrie. Context: Attacker IP 13. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH IoT Targeted
🇨🇦 Slackin' Jack	2026-06-14 10:47:32 (1 day ago)	Triggered honeypot on port 2222. (13.140.156.1)	Port Scan
🇫🇷 EDSL	2026-06-14 08:58:58 (1 day ago)	[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)	Web App Attack Hacking Port Scan
🇧🇪 boxed-it	2026-06-14 08:41:39 (1 day ago)	2026-06-14T10:41:03.819719+02:00 poseidon sshd-session[2179623]: pam_unix(sshd:auth): authentication ... show more 2026-06-14T10:41:03.819719+02:00 poseidon sshd-session[2179623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.140.156.1 2026-06-14T10:41:06.225823+02:00 poseidon sshd-session[2179623]: Failed password for invalid user admin from 13.140.156.1 port 53856 ssh2 2026-06-14T10:41:38.038776+02:00 poseidon sshd-session[2180057]: Invalid user orangepi from 13.140.156.1 port 46932 show less	Brute-Force SSH
🇬🇧 Smish	2026-06-14 08:21:11 (1 day ago)	HONEYPOT HIT --> Fail2ban time=1781425270 log=2026-06-14T09:21:10+01:00 ip=13.140.156.1 host=89.39.2 ... show more HONEYPOT HIT --> Fail2ban time=1781425270 log=2026-06-14T09:21:10+01:00 ip=13.140.156.1 host=89.39.211.7 method=GET uri="/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php" status=404 ua="libredtail-http" ref="-" rid=fa0d31e67ac8c01d5bb59fdf1dc16251 show less	Web App Attack
🇺🇸 kipfel★	2026-06-14 08:16:02 (1 day ago)	2026-06-14T01:11:31.539312-07:00 dmit-vm-p-malibu-lax sshd-session[916440]: Invalid user admin from ... show more 2026-06-14T01:11:31.539312-07:00 dmit-vm-p-malibu-lax sshd-session[916440]: Invalid user admin from 13.140.156.1 port 50602 2026-06-14T01:12:05.758264-07:00 dmit-vm-p-malibu-lax sshd-session[916445]: Invalid user orangepi from 13.140.156.1 port 38174 2026-06-14T01:16:02.192298-07:00 dmit-vm-p-malibu-lax sshd-session[916523]: Invalid user test from 13.140.156.1 port 47712 ... show less	Brute-Force SSH

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.241.136.95

🇳🇱 176.65.139.43

🇪🇸 172.110.221.82

🇨🇦 142.160.240.20

🇧🇷 138.219.155.167

🇻🇳 103.154.62.14

🇺🇸 66.132.195.26

🇮🇳 52.140.76.154

🇺🇸 50.6.248.168

🇱🇹 45.227.254.170

🇩🇪 213.209.159.228

🇭🇰 199.45.155.105

🇺🇸 162.216.149.206

🇩🇪 151.243.11.37

🇬🇧 123.58.207.140

🇬🇧 45.82.76.110

🇺🇸 34.134.176.5

🇨🇳 27.155.92.28

🇧🇷 187.85.146.201

🇺🇸 172.215.239.215