13.92.97.196 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	hit -> srv3:22	2020-05-01 15:29:24

Comments on same subnet:

IP	Type	Details	Datetime
13.92.97.12	attackbotsspam	Invalid user daewon from 13.92.97.12 port 27567	2020-09-28 03:39:09
13.92.97.12	attack	SSH Brute Force	2020-09-27 19:52:06
13.92.97.12	attack	(sshd) Failed SSH login from 13.92.97.12 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 12:23:00 optimus sshd[2660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 user=root Sep 26 12:23:00 optimus sshd[2659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 user=root Sep 26 12:23:00 optimus sshd[2663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 user=root Sep 26 12:23:00 optimus sshd[2661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 user=root Sep 26 12:23:00 optimus sshd[2664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 user=root	2020-09-27 01:45:58
13.92.97.12	attackspam	Sep 26 11:20:43 [host] sshd[8070]: Invalid user ad Sep 26 11:20:43 [host] sshd[8070]: pam_unix(sshd:a Sep 26 11:20:45 [host] sshd[8070]: Failed password	2020-09-26 17:38:39
13.92.97.171	attackbots	k+ssh-bruteforce	2020-09-22 03:13:08
13.92.97.171	attackbotsspam	Sep 21 11:31:38 tuotantolaitos sshd[17797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.171 Sep 21 11:31:41 tuotantolaitos sshd[17797]: Failed password for invalid user testuser from 13.92.97.171 port 58052 ssh2 ...	2020-09-21 18:58:02
13.92.97.12	attack	Jul 18 05:56:31 pve1 sshd[9467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 Jul 18 05:56:32 pve1 sshd[9467]: Failed password for invalid user admin from 13.92.97.12 port 32103 ssh2 ...	2020-07-18 12:13:58
13.92.97.12	attackspambots	Jul 15 11:27:43 mail sshd\[36669\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.92.97.12 user=root ...	2020-07-15 23:46:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.92.97.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56945
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;13.92.97.196.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050101 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 15:29:20 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 196.97.92.13.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.97.92.13.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.41	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-24 22:56:45
77.222.117.55	attack	20/4/24@08:07:24: FAIL: Alarm-Network address from=77.222.117.55 ...	2020-04-24 22:41:29
185.50.149.13	attack	Apr 23 01:56:17 georgia postfix/smtpd[3154]: connect from unknown[185.50.149.13] Apr 23 01:56:22 georgia postfix/smtpd[3154]: warning: unknown[185.50.149.13]: SASL LOGIN authentication failed: authentication failure Apr 23 01:56:23 georgia postfix/smtpd[3154]: lost connection after AUTH from unknown[185.50.149.13] Apr 23 01:56:23 georgia postfix/smtpd[3154]: disconnect from unknown[185.50.149.13] ehlo=1 auth=0/1 commands=1/2 Apr 23 01:56:23 georgia postfix/smtpd[3154]: connect from unknown[185.50.149.13] Apr 23 01:56:27 georgia postfix/smtpd[3154]: warning: unknown[185.50.149.13]: SASL LOGIN authentication failed: authentication failure Apr 23 01:56:28 georgia postfix/smtpd[3154]: lost connection after AUTH from unknown[185.50.149.13] Apr 23 01:56:28 georgia postfix/smtpd[3154]: disconnect from unknown[185.50.149.13] ehlo=1 auth=0/1 commands=1/2 Apr 23 01:56:33 georgia postfix/smtpd[3154]: connect from unknown[185.50.149.13] Apr 23 01:56:38 georgia postfix/smtpd[3154]: ........ -------------------------------	2020-04-24 22:45:27
182.138.120.59	attack	Apr 24 14:22:49 vlre-nyc-1 sshd\[9817\]: Invalid user oracle from 182.138.120.59 Apr 24 14:22:49 vlre-nyc-1 sshd\[9817\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.138.120.59 Apr 24 14:22:52 vlre-nyc-1 sshd\[9817\]: Failed password for invalid user oracle from 182.138.120.59 port 53108 ssh2 Apr 24 14:26:40 vlre-nyc-1 sshd\[9909\]: Invalid user fwong from 182.138.120.59 Apr 24 14:26:40 vlre-nyc-1 sshd\[9909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.138.120.59 ...	2020-04-24 22:58:07
129.28.58.6	attackbots	(sshd) Failed SSH login from 129.28.58.6 (CN/China/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 24 11:51:09 andromeda sshd[6720]: Invalid user spy from 129.28.58.6 port 34394 Apr 24 11:51:12 andromeda sshd[6720]: Failed password for invalid user spy from 129.28.58.6 port 34394 ssh2 Apr 24 12:07:46 andromeda sshd[7243]: Invalid user Hely from 129.28.58.6 port 49672	2020-04-24 22:20:51
49.88.112.68	attackspambots	Apr 24 16:41:02 v22018053744266470 sshd[17058]: Failed password for root from 49.88.112.68 port 37074 ssh2 Apr 24 16:41:04 v22018053744266470 sshd[17058]: Failed password for root from 49.88.112.68 port 37074 ssh2 Apr 24 16:41:06 v22018053744266470 sshd[17058]: Failed password for root from 49.88.112.68 port 37074 ssh2 ...	2020-04-24 22:45:00
77.42.109.211	attack	Unauthorized connection attempt detected from IP address 77.42.109.211 to port 23	2020-04-24 22:16:53
51.91.127.201	attackspam	Apr 24 14:30:36 plex sshd[21637]: Invalid user guard from 51.91.127.201 port 49964	2020-04-24 22:27:17
35.202.129.108	attackbots	Apr 24 12:34:39 web8 sshd\[16396\]: Invalid user spotlight from 35.202.129.108 Apr 24 12:34:39 web8 sshd\[16396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.202.129.108 Apr 24 12:34:41 web8 sshd\[16396\]: Failed password for invalid user spotlight from 35.202.129.108 port 45046 ssh2 Apr 24 12:37:42 web8 sshd\[18046\]: Invalid user larissa from 35.202.129.108 Apr 24 12:37:42 web8 sshd\[18046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.202.129.108	2020-04-24 22:42:22
167.89.86.166	attackbotsspam	COVID-19 Spam Received: from o3.e2.carfinancetoday.net ([167.89.86.166]) by mx0.ncuk.net with esmtps (TLS1.2:RSA_AES_256_CBC_SHA256:256) (Exim 4.80)	2020-04-24 22:17:19
89.248.168.221	attackspambots	Apr 24 16:12:34 debian-2gb-nbg1-2 kernel: \[9996498.813676\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.221 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=16165 PROTO=TCP SPT=59822 DPT=7832 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-24 22:18:41
89.248.174.216	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 81 - port: 53413 proto: UDP cat: Misc Attack	2020-04-24 22:40:07
54.38.241.162	attackspambots	2020-04-24T14:16:04.832526shield sshd\[22832\]: Invalid user clamav from 54.38.241.162 port 34480 2020-04-24T14:16:04.836221shield sshd\[22832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.ip-54-38-241.eu 2020-04-24T14:16:07.068905shield sshd\[22832\]: Failed password for invalid user clamav from 54.38.241.162 port 34480 ssh2 2020-04-24T14:23:29.046574shield sshd\[24275\]: Invalid user matthew from 54.38.241.162 port 54134 2020-04-24T14:23:29.050445shield sshd\[24275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.ip-54-38-241.eu	2020-04-24 22:26:45
223.71.167.166	attackbots	Apr 24 15:42:31 debian-2gb-nbg1-2 kernel: \[9994695.378482\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=223.71.167.166 DST=195.201.40.59 LEN=44 TOS=0x04 PREC=0x00 TTL=114 ID=21643 PROTO=TCP SPT=28227 DPT=5555 WINDOW=29200 RES=0x00 SYN URGP=0	2020-04-24 22:22:22
128.199.220.232	attackspambots	Apr 24 14:07:48 ArkNodeAT sshd\[26341\]: Invalid user majordom from 128.199.220.232 Apr 24 14:07:48 ArkNodeAT sshd\[26341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.220.232 Apr 24 14:07:50 ArkNodeAT sshd\[26341\]: Failed password for invalid user majordom from 128.199.220.232 port 40880 ssh2	2020-04-24 22:21:18

Recently Reported IPs

130.137.176.59	194.36.186.252	81.176.121.144	65.124.56.12
60.75.194.248	115.43.154.6	83.59.240.91	134.11.102.188
102.250.86.127	119.122.67.183	34.97.85.81	207.148.78.138
52.240.73.147	206.189.148.142	119.112.46.87	123.191.158.83
118.101.131.50	59.232.62.66	222.117.64.136	97.171.11.95