IP address

Search at other sites:
.015138.113.0.157
Shodan(more info)
Passive DNS
Tags: Login attempts
IP blacklists
AbuseIPDB
138.113.0.157 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-05-25 04:00:00.664000
Was present on blacklist at: 2026-05-25 04:00
blocklist.de SSH
138.113.0.157 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-05-27 04:05:00.316000
Was present on blacklist at: 2026-05-25 04:05, 2026-05-25 10:05, 2026-05-25 16:05, 2026-05-25 22:05, 2026-05-26 04:05, 2026-05-26 10:05, 2026-05-26 16:05, 2026-05-26 22:05, 2026-05-27 04:05

Threat categories

TLRoleCategoryDetails
46 src login protocol: ssh
port: 22
25 src
25 src botnet_drone
Warden events (21)
2026-05-25
AttemptLogin (node.ce2b59): 3
AttemptLogin (node.03e7a9): 16
Malware (node.03e7a9): 1
IntrusionUserCompromise (node.03e7a9): 1
Origin AS
AS54994 - QUANTILNETWORKS
BGP Prefix
138.113.0.0/24
geo
Canada
🕑 America/Toronto
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
138.113.0.0 - 138.113.255.255
last_activity
2026-05-25 05:20:31.112000
last_warden_event
2026-05-25 05:20:31.112000
rep
0.014604604802205712
reserved_range
0
Shodan's InternetDB
Open ports: 80
Tags: eol-product
CPEs: cpe:/o:linux:linux_kernel, cpe:/o:canonical:ubuntu_linux, cpe:/a:f5:nginx:1.18.0
ts_added
2026-05-25 02:37:54.102000
ts_last_update
2026-06-04 02:38:00.360000

Warden event timeline

DShield event timeline

Presence on blacklists