13.90.44.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Brute forcing email accounts	2020-05-10 14:10:23

Comments on same subnet:

IP	Type	Details	Datetime
13.90.44.74	attack	Unauthorized connection attempt detected from IP address 13.90.44.74 to port 3389	2020-04-26 21:30:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.90.44.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38955
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.90.44.92.			IN	A

;; AUTHORITY SECTION:
.			356	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051000 1800 900 604800 86400

;; Query time: 144 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 10 14:10:18 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 92.44.90.13.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.44.90.13.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.219.188.169	attackbotsspam	Unauthorized connection attempt from IP address 196.219.188.169 on Port 445(SMB)	2020-08-11 05:04:31
183.89.221.37	attackspam	Unauthorized connection attempt from IP address 183.89.221.37 on Port 445(SMB)	2020-08-11 04:51:50
164.90.196.91	attackspambots	Aug 10 22:36:11 risk sshd[30417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.196.91 user=r.r Aug 10 22:36:12 risk sshd[30417]: Failed password for r.r from 164.90.196.91 port 58124 ssh2 Aug 10 22:36:13 risk sshd[30419]: Invalid user admin from 164.90.196.91 Aug 10 22:36:13 risk sshd[30419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.196.91 Aug 10 22:36:14 risk sshd[30419]: Failed password for invalid user admin from 164.90.196.91 port 60754 ssh2 Aug 10 22:36:14 risk sshd[30423]: Invalid user admin from 164.90.196.91 Aug 10 22:36:14 risk sshd[30423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.196.91 Aug 10 22:36:16 risk sshd[30423]: Failed password for invalid user admin from 164.90.196.91 port 34816 ssh2 Aug 10 22:36:16 risk sshd[30425]: Invalid user user from 164.90.196.91 Aug 10 22:36:16 risk sshd[30425]: pam_un........ -------------------------------	2020-08-11 04:46:32
35.247.148.211	attack	viw-Joomla User : try to access forms...	2020-08-11 04:40:04
119.139.136.85	attack	Email rejected due to spam filtering	2020-08-11 04:27:38
119.45.50.126	attackbotsspam	Aug 10 16:35:18 Tower sshd[35141]: Connection from 119.45.50.126 port 42860 on 192.168.10.220 port 22 rdomain "" Aug 10 16:35:19 Tower sshd[35141]: Failed password for root from 119.45.50.126 port 42860 ssh2 Aug 10 16:35:20 Tower sshd[35141]: Received disconnect from 119.45.50.126 port 42860:11: Bye Bye [preauth] Aug 10 16:35:20 Tower sshd[35141]: Disconnected from authenticating user root 119.45.50.126 port 42860 [preauth]	2020-08-11 05:00:51
121.10.41.167	attackbots	Unauthorized connection attempt from IP address 121.10.41.167 on Port 445(SMB)	2020-08-11 04:46:09
36.76.240.129	attackbots	Unauthorized connection attempt from IP address 36.76.240.129 on Port 445(SMB)	2020-08-11 04:34:51
103.217.244.61	attackspam	Unauthorized connection attempt from IP address 103.217.244.61 on Port 445(SMB)	2020-08-11 04:53:27
159.203.111.100	attack	Aug 11 03:25:42 webhost01 sshd[25159]: Failed password for root from 159.203.111.100 port 39986 ssh2 ...	2020-08-11 04:46:51
113.89.12.21	attack	Aug 10 23:44:10 journals sshd\[102681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.12.21 user=root Aug 10 23:44:12 journals sshd\[102681\]: Failed password for root from 113.89.12.21 port 42375 ssh2 Aug 10 23:46:40 journals sshd\[102932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.12.21 user=root Aug 10 23:46:42 journals sshd\[102932\]: Failed password for root from 113.89.12.21 port 59839 ssh2 Aug 10 23:49:09 journals sshd\[103195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.12.21 user=root ...	2020-08-11 04:58:00
185.220.100.243	attack	Automatic report - Banned IP Access	2020-08-11 04:42:08
14.178.157.207	attackbotsspam	Port Scan ...	2020-08-11 04:54:28
213.180.203.13	attackspam	[Mon Aug 10 19:00:21.442445 2020] [:error] [pid 9047:tid 140057317062400] [client 213.180.203.13:51938] [client 213.180.203.13] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XzE21UIx8Gjph59Oo2zzOAAAAhw"] ...	2020-08-11 04:29:44
113.167.179.67	attackspam	Unauthorized connection attempt from IP address 113.167.179.67 on Port 445(SMB)	2020-08-11 04:31:17

Recently Reported IPs

3.84.245.88	122.51.27.69	114.26.107.247	173.218.24.135
2a03:b0c0:3:e0::269:a001	60.48.188.80	218.2.220.66	106.116.64.181
200.52.61.134	208.70.68.132	72.167.190.72	122.176.103.233
168.228.168.36	70.38.27.252	106.105.85.164	116.101.18.203
60.169.214.182	247.142.183.153	148.56.199.130	117.206.89.17