13.92.134.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 13.92.134.72 to port 1433	2020-07-22 19:27:05
attackspam	Jul 15 04:42:41 ourumov-web sshd\[24812\]: Invalid user admin from 13.92.134.72 port 65447 Jul 15 04:42:41 ourumov-web sshd\[24812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.72 Jul 15 04:42:43 ourumov-web sshd\[24812\]: Failed password for invalid user admin from 13.92.134.72 port 65447 ssh2 ...	2020-07-15 10:44:04
attackspambots	Jul 14 20:27:32 zooi sshd[8007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.72 Jul 14 20:27:34 zooi sshd[8007]: Failed password for invalid user 123 from 13.92.134.72 port 28095 ssh2 ...	2020-07-15 04:16:51

Type

Details

Datetime

attackbots

Unauthorized connection attempt detected from IP address 13.92.134.72 to port 1433

2020-07-22 19:27:05

attackspam

Jul 15 04:42:41 ourumov-web sshd\[24812\]: Invalid user admin from 13.92.134.72 port 65447
Jul 15 04:42:41 ourumov-web sshd\[24812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.72
Jul 15 04:42:43 ourumov-web sshd\[24812\]: Failed password for invalid user admin from 13.92.134.72 port 65447 ssh2
...

2020-07-15 10:44:04

attackspambots

Jul 14 20:27:32 zooi sshd[8007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.72
Jul 14 20:27:34 zooi sshd[8007]: Failed password for invalid user 123 from 13.92.134.72 port 28095 ssh2
...

2020-07-15 04:16:51

Comments on same subnet:

IP	Type	Details	Datetime
13.92.134.70	attackbotsspam	Invalid user ubuntu from 13.92.134.70 port 4614	2020-09-28 03:03:16
13.92.134.70	attackbots	Invalid user admin from 13.92.134.70 port 62164	2020-09-27 19:11:37
13.92.134.70	attackbots	SSH bruteforce	2020-09-27 04:22:33
13.92.134.70	attackspambots	$f2bV_matches	2020-09-26 20:30:25
13.92.134.70	attackbots	Sep 26 06:00:48 ns3164893 sshd[4115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 Sep 26 06:00:50 ns3164893 sshd[4115]: Failed password for invalid user 120 from 13.92.134.70 port 11086 ssh2 ...	2020-09-26 12:13:40
13.92.134.70	attackbotsspam	2020-07-17 UTC: (2x) - admin(2x)	2020-07-18 18:19:37
13.92.134.70	attackbots	Jul 18 05:37:58 lunarastro sshd[5498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 Jul 18 05:38:00 lunarastro sshd[5498]: Failed password for invalid user admin from 13.92.134.70 port 52848 ssh2	2020-07-18 08:30:26
13.92.134.70	attackbotsspam	Jul 15 12:33:18 mail sshd\[39320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=root ...	2020-07-16 02:42:37
13.92.134.70	attackbots	Jul 15 12:54:20 mout sshd[6588]: Invalid user admin from 13.92.134.70 port 6697 Jul 15 12:54:22 mout sshd[6588]: Failed password for invalid user admin from 13.92.134.70 port 6697 ssh2 Jul 15 12:54:23 mout sshd[6588]: Disconnected from invalid user admin 13.92.134.70 port 6697 [preauth]	2020-07-15 18:54:40
13.92.134.70	attackbotsspam	Jul 15 08:57:34 icecube sshd[11721]: Failed password for invalid user admin from 13.92.134.70 port 21650 ssh2	2020-07-15 14:59:20
13.92.134.70	attackbotsspam	Jul 14 13:13:00 v26 sshd[8730]: Invalid user bu-fi.de from 13.92.134.70 port 33671 Jul 14 13:13:00 v26 sshd[8733]: Invalid user bu-fi.de from 13.92.134.70 port 33669 Jul 14 13:13:00 v26 sshd[8729]: Invalid user bu-fi.de from 13.92.134.70 port 33668 Jul 14 13:13:00 v26 sshd[8731]: Invalid user bu-fi.de from 13.92.134.70 port 33672 Jul 14 13:13:00 v26 sshd[8732]: Invalid user bu-fi.de from 13.92.134.70 port 33670 Jul 14 13:13:00 v26 sshd[8741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=r.r Jul 14 13:13:00 v26 sshd[8739]: Invalid user bu-fi.de from 13.92.134.70 port 33673 Jul 14 13:13:00 v26 sshd[8742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=r.r Jul 14 13:13:00 v26 sshd[8743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=r.r Jul 14 13:13:00 v26 sshd[8738]: pam_unix(sshd:auth): auth........ -------------------------------	2020-07-15 01:20:38
13.92.134.70	attack	Jul 14 13:13:00 v26 sshd[8730]: Invalid user bu-fi.de from 13.92.134.70 port 33671 Jul 14 13:13:00 v26 sshd[8733]: Invalid user bu-fi.de from 13.92.134.70 port 33669 Jul 14 13:13:00 v26 sshd[8729]: Invalid user bu-fi.de from 13.92.134.70 port 33668 Jul 14 13:13:00 v26 sshd[8731]: Invalid user bu-fi.de from 13.92.134.70 port 33672 Jul 14 13:13:00 v26 sshd[8732]: Invalid user bu-fi.de from 13.92.134.70 port 33670 Jul 14 13:13:00 v26 sshd[8741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=r.r Jul 14 13:13:00 v26 sshd[8739]: Invalid user bu-fi.de from 13.92.134.70 port 33673 Jul 14 13:13:00 v26 sshd[8742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=r.r Jul 14 13:13:00 v26 sshd[8743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.134.70 user=r.r Jul 14 13:13:00 v26 sshd[8738]: pam_unix(sshd:auth): auth........ -------------------------------	2020-07-14 20:20:32
13.92.134.114	attack	k+ssh-bruteforce	2019-11-15 19:32:04
13.92.134.114	attackspambots	SSH Brute-Force reported by Fail2Ban	2019-11-09 17:07:42
13.92.134.114	attack	$f2bV_matches	2019-10-31 03:37:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.92.134.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58394
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.92.134.72.			IN	A

;; AUTHORITY SECTION:
.			510	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071402 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 04:16:48 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 72.134.92.13.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.134.92.13.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.71.65.174	attackspambots	Jul 2 15:39:10 ArkNodeAT sshd\[11123\]: Invalid user jira from 177.71.65.174 Jul 2 15:39:10 ArkNodeAT sshd\[11123\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.71.65.174 Jul 2 15:39:12 ArkNodeAT sshd\[11123\]: Failed password for invalid user jira from 177.71.65.174 port 37180 ssh2	2019-07-03 05:33:53
198.108.67.83	attack	Port scan: Attack repeated for 24 hours	2019-07-03 05:54:01
51.39.214.191	attack	Trying to deliver email spam, but blocked by RBL	2019-07-03 05:49:15
188.254.0.160	attackspam	Feb 23 21:34:39 motanud sshd\[26927\]: Invalid user ftpuser from 188.254.0.160 port 33078 Feb 23 21:34:39 motanud sshd\[26927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.160 Feb 23 21:34:41 motanud sshd\[26927\]: Failed password for invalid user ftpuser from 188.254.0.160 port 33078 ssh2	2019-07-03 06:05:05
157.230.125.101	attackbots	2019-07-02T15:38:45.782269centos sshd\[24017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.125.101 user=root 2019-07-02T15:38:47.719806centos sshd\[24017\]: Failed password for root from 157.230.125.101 port 51290 ssh2 2019-07-02T15:38:48.149012centos sshd\[24020\]: Invalid user admin from 157.230.125.101 port 56588	2019-07-03 05:39:45
203.85.107.15	attack	Trying to deliver email spam, but blocked by RBL	2019-07-03 05:52:27
84.205.222.254	attackspambots	Trying to deliver email spam, but blocked by RBL	2019-07-03 05:43:18
170.79.14.18	attack	Reported by AbuseIPDB proxy server.	2019-07-03 05:39:15
49.231.174.229	attackbots	Jul 2 21:10:59 mail sshd\[29694\]: Invalid user git from 49.231.174.229 port 39865 Jul 2 21:10:59 mail sshd\[29694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.174.229 Jul 2 21:11:01 mail sshd\[29694\]: Failed password for invalid user git from 49.231.174.229 port 39865 ssh2 Jul 2 21:13:38 mail sshd\[30491\]: Invalid user zenenko from 49.231.174.229 port 52902 Jul 2 21:13:38 mail sshd\[30491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.231.174.229 ...	2019-07-03 05:34:40
173.236.169.5	attack	173.236.169.5 - - [02/Jul/2019:15:38:13 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.169.5 - - [02/Jul/2019:15:38:13 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.169.5 - - [02/Jul/2019:15:38:13 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.169.5 - - [02/Jul/2019:15:38:14 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.169.5 - - [02/Jul/2019:15:38:14 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.169.5 - - [02/Jul/2019:15:38:15 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-03 05:51:49
52.184.98.106	attackbots	52.184.98.106 - - [02/Jul/2019:15:39:05 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.184.98.106 - - [02/Jul/2019:15:39:06 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.184.98.106 - - [02/Jul/2019:15:39:07 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.184.98.106 - - [02/Jul/2019:15:39:07 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.184.98.106 - - [02/Jul/2019:15:39:08 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.184.98.106 - - [02/Jul/2019:15:39:09 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-03 05:35:08
119.205.220.98	attack	Jul 2 18:10:34 dedicated sshd[32473]: Invalid user sophie from 119.205.220.98 port 38380	2019-07-03 05:57:04
157.230.227.48	attackspam	Automatic report - Web App Attack	2019-07-03 05:41:22
41.73.5.2	attackspambots	Invalid user nagios from 41.73.5.2 port 40773	2019-07-03 05:58:59
188.166.68.119	attackbotsspam	Automatic report - Web App Attack	2019-07-03 05:47:55

Recently Reported IPs

131.82.212.172	40.119.165.147	29.229.34.103	191.156.49.167
101.196.242.111	14.0.224.38	198.220.210.104	51.103.131.225
212.122.56.222	141.226.207.31	196.47.214.232	239.188.200.139
37.187.124.209	0.80.6.231	175.248.233.163	67.4.218.179
179.13.29.75	101.38.27.210	195.107.224.196	146.197.230.115