JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 156.38.168.138

156.38.168.138 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 100%: ?

100%

ISP	xneelo-tscolo
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37153
Domain Name	xneelo.com
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 156.38.168.138

Whois 156.38.168.138

IP Abuse Reports for 156.38.168.138:

This IP address has been reported a total of 44 times from 38 distinct sources. 156.38.168.138 was first reported on June 20th 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 Mr.Singh	2026-06-20 18:30:08 (5 hours ago)	NFT blocked 156.38.168.138 on 21-Jun-2026..	Port Scan Brute-Force
🇸🇪 NordhTech	2026-06-20 17:15:08 (6 hours ago)	More than 3 malicious connection attempts, trying port(s) 5038/tcp, then blocked from services ...	Port Scan Hacking
🇩🇪 iNetWorker	2026-06-20 17:00:30 (6 hours ago)	firewall-block, port(s): 5038/tcp	Port Scan
🇩🇪 xserverx.ru	2026-06-20 16:54:35 (7 hours ago)	[UFW SCAN!!!!] SRC=156.38.168.138 LEN=40 TOS=0x00 PREC=0x00 TTL=236 PROTO=TCP SPT=54473 DPT=5038 WIN ... show more [UFW SCAN!!!!] SRC=156.38.168.138 LEN=40 TOS=0x00 PREC=0x00 TTL=236 PROTO=TCP SPT=54473 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 dispaisyenterprises	2026-06-20 16:15:58 (7 hours ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 5038 [1] TCP Reported by DisPaisy ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 5038 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇨🇦 polycoda	2026-06-20 16:09:45 (7 hours ago)	📡 Port scan	Hacking Web App Attack
🇺🇸 xmission.com	2026-06-20 15:50:05 (8 hours ago)	Blocked by UFW (TCP on 5038) Source port: 54473 TTL: 230 Packet length: 40 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 5038) Source port: 54473 TTL: 230 Packet length: 40 TOS: 0x08 This report (for 156.38.168.138) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-20 15:49:05 (8 hours ago)	Honeypot hit: Empty payload (likely service probe); 5038 [1] TCP	Port Scan
🇳🇱 VMHeaven.io	2026-06-20 15:40:22 (8 hours ago)	Blocked by UFW [5038/tcp] Source port: 54473 TTL: 237 Packet length: 40	Port Scan
🇺🇸 MPL	2026-06-20 15:25:53 (8 hours ago)	tcp/5038 (11 or more attempts)	Port Scan
🇺🇸 cwytech	2026-06-20 15:13:28 (8 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/pf-geofence-high.	Hacking
Anonymous	2026-06-20 14:58:16 (8 hours ago)	unsolicited connect TCP dport 5038 (sport 54473)	Hacking
🇺🇸 MPL	2026-06-20 14:43:48 (9 hours ago)	tcp/5038 (2 or more attempts)	Port Scan
🇯🇵 jay hung	2026-06-20 14:38:57 (9 hours ago)	2026-06-20T14:38:56.497953+00:00 quarktech kernel: [610989.889211] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-20T14:38:56.497953+00:00 quarktech kernel: [610989.889211] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=156.38.168.138 DST=172.237.20.248 LEN=40 TOS=0x00 PREC=0x00 TTL=230 ID=41077 PROTO=TCP SPT=54473 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇮 6kilowatti	2026-06-20 14:36:50 (9 hours ago)	2026-06-20T17:36:48.620128+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-06-20T17:36:48.620128+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=156.38.168.138 DST=5.61.88.83 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=30372 PROTO=TCP SPT=54473 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 82.19.12.103

🇵🇱 45.141.233.195

🇬🇧 35.203.210.188

🇬🇧 209.97.141.74

🇹🇼 198.235.24.108

🇲🇿 197.242.170.10

🇺🇸 185.226.198.4

🇺🇸 173.244.60.241

🇮🇹 172.253.228.151

🇻🇳 125.212.244.35

🇨🇳 112.51.27.82

🇭🇰 103.229.125.106

🇷🇴 80.94.92.167

🇳🇱 5.255.121.192

🇺🇸 185.191.171.13

🇯🇵 133.18.122.63

🇮🇳 122.185.101.50

🇸🇬 119.28.101.155

🇺🇸 104.22.1.116

🇮🇩 103.168.135.187