IP address

Search at other sites:
.85613.140.155.136vmi3358846.contaboserver.net
Shodan(more info)
Passive DNS
Tags:
IP blacklists
Spamhaus SBL CSS
13.140.155.136 is listed on the Spamhaus SBL CSS blacklist.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-19 09:30:32.409000
Was present on blacklist at: 2026-06-19 09:30
Spamhaus XBL CBL
13.140.155.136 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-06-19 09:30:32.409000
Was present on blacklist at: 2026-06-19 09:30
AbuseIPDB
13.140.155.136 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 04:00:00.618000
Was present on blacklist at: 2026-06-20 04:00, 2026-06-21 04:00, 2026-06-22 04:00, 2026-06-23 04:00, 2026-06-24 04:00
blocklist.de SSH
13.140.155.136 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-23 10:05:00.253000
Was present on blacklist at: 2026-06-20 04:05, 2026-06-20 10:05, 2026-06-20 16:05, 2026-06-20 22:05, 2026-06-21 04:05, 2026-06-21 10:05, 2026-06-21 16:05, 2026-06-21 22:05, 2026-06-22 04:05, 2026-06-22 10:05, 2026-06-22 16:05, 2026-06-22 22:05, 2026-06-23 04:05, 2026-06-23 10:05
CI Army
13.140.155.136 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 02:50:00.845000
Was present on blacklist at: 2026-06-21 02:50, 2026-06-22 02:50, 2026-06-23 02:50, 2026-06-24 02:50
Echelon admin panel hunt
13.140.155.136 is listed on the Echelon admin panel hunt blacklist.

Description: Scanning for administrative interfaces
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 09:05:01.345000
Was present on blacklist at: 2026-06-22 09:05, 2026-06-23 09:05, 2026-06-24 09:05
Echelon CMS enumeration
13.140.155.136 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 09:05:05.272000
Was present on blacklist at: 2026-06-22 09:05, 2026-06-23 09:05, 2026-06-24 09:05
Echelon database admin hunt
13.140.155.136 is listed on the Echelon database admin hunt blacklist.

Description: Scanning for database admin interfaces (phpMyAdmin, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 09:10:00.263000
Was present on blacklist at: 2026-06-22 09:10, 2026-06-23 09:10, 2026-06-24 09:10
Echelon directory traversal
13.140.155.136 is listed on the Echelon directory traversal blacklist.

Description: Path traversal attack attempting to access restricted files
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 09:15:00.331000
Was present on blacklist at: 2026-06-22 09:15, 2026-06-23 09:15, 2026-06-24 09:15
Echelon path traversal
13.140.155.136 is listed on the Echelon path traversal blacklist.

Description: Path traversal via encoded sequences
Type of feed: primary (feed detail page)

Last checked at: 2026-06-23 09:25:00.309000
Was present on blacklist at: 2026-06-22 09:25, 2026-06-23 09:25
Echelon web crawler
13.140.155.136 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-06-24 09:50:00.307000
Was present on blacklist at: 2026-06-22 09:50, 2026-06-23 09:50, 2026-06-24 09:50

Threat categories

TLRoleCategoryDetails
80 src scan port: 22, 23, 80, 443, 2222, 2375
67 src login protocol: ssh, telnet
port: 23
35 src
33 src exploit protocol: http
Warden events (165707)
2026-06-24
ReconScanning (node.9c1411): 20
ReconScanning (node.ce2b59): 19
IntrusionUserCompromise (node.cfb4f7): 14064
2026-06-23
ReconScanning (node.9c1411): 41
IntrusionUserCompromise (node.cfb4f7): 21191
ReconScanning (node.ce2b59): 30
2026-06-22
IntrusionUserCompromise (node.cfb4f7): 30097
ReconScanning (node.9c1411): 40
ReconScanning (node.ce2b59): 28
2026-06-21
IntrusionUserCompromise (node.cfb4f7): 36636
ReconScanning (node.ce2b59): 31
ReconScanning (node.9c1411): 43
2026-06-20
IntrusionUserCompromise (node.cfb4f7): 56025
ReconScanning (node.ce2b59): 49
ReconScanning (node.9c1411): 50
2026-06-19
ReconScanning (node.ce2b59): 47
IntrusionUserCompromise (node.cfb4f7): 7263
ReconScanning (node.9c1411): 33
DShield reports (IP summary, reports)
2026-06-19
Number of reports: 209
Distinct targets: 24
2026-06-20
Number of reports: 131
Distinct targets: 21
2026-06-21
Number of reports: 90
Distinct targets: 20
2026-06-22
Number of reports: 50
Distinct targets: 16
2026-06-23
Number of reports: 52
Distinct targets: 15
Origin AS
AS51167 - CONTABO
BGP Prefix
13.140.128.0/18
geo
France, Lauterbourg
🕑 Europe/Paris
hostname
vmi3358846.contaboserver.net
Address block ('inetnum' or 'NetRange' in whois database)
13.140.0.0 - 13.143.255.255
last_activity
2026-06-24 15:05:12
last_warden_event
2026-06-24 15:05:12
rep
0.8563695704204373
reserved_range
0
ts_added
2026-06-19 09:30:32.372000
ts_last_update
2026-06-24 15:06:20.369000

Warden event timeline

DShield event timeline

Presence on blacklists