93.190.13.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Finland

Internet Service Provider: Verinoks Teknoloji Anonim Sirketi

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Aug 30 05:52:38 our-server-hostname postfix/smtpd[803]: connect from unknown[93.190.13.52] Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug x@x Aug 30 05:52:54 our-server-hostname postfix/smtpd[803]: too many errors after DATA from unknown[93.190.13.52] Aug 30 05:52:54 our-server-hostname postfix/smtpd[803]: disconnect from unknown[93.190.13.52] Aug 30 05:52:55 our-server-hostname postfix/smtpd[6187]: connect from unknown[93.190.13.52] Aug x@x Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.190.13.52	2019-08-30 06:44:49

Type

Details

Datetime

attackspam

Aug 30 05:52:38 our-server-hostname postfix/smtpd[803]: connect from unknown[93.190.13.52]
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug x@x
Aug 30 05:52:54 our-server-hostname postfix/smtpd[803]: too many errors after DATA from unknown[93.190.13.52]
Aug 30 05:52:54 our-server-hostname postfix/smtpd[803]: disconnect from unknown[93.190.13.52]
Aug 30 05:52:55 our-server-hostname postfix/smtpd[6187]: connect from unknown[93.190.13.52]
Aug x@x
Aug x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=93.190.13.52

2019-08-30 06:44:49

Comments on same subnet:

IP	Type	Details	Datetime
93.190.139.45	attack	Jul 11, 1:42:21 PM GMT+10 - 93.190.139.45 - GET /fonts.googleapis.com/css?family=if(now()%3dsysdate()%2csleep(9)%2c0)/'XOR(if(now()%3dsysdate()%2csleep(9)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(9)%2c0))OR%22/	2019-07-11 12:19:26
93.190.137.125	attack	NAME : WORLDSTREAM CIDR : \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Netherlands "" - block certain countries :) IP: 93.190.137.125 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-23 19:18:20

Type

Details

Datetime

93.190.139.45

attack

Jul 11, 1:42:21 PM GMT+10 - 93.190.139.45 - GET /fonts.googleapis.com/css?family=if(now()%3dsysdate()%2csleep(9)%2c0)/*'XOR(if(now()%3dsysdate()%2csleep(9)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(9)%2c0))OR%22*/

2019-07-11 12:19:26

93.190.137.125

attack

NAME : WORLDSTREAM CIDR :  | STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Netherlands "" - block certain countries :) IP: 93.190.137.125  Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery https://help-dysk.pl

2019-06-23 19:18:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.190.13.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27628
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.190.13.52.			IN	A

;; AUTHORITY SECTION:
.			2017	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 30 06:44:44 CST 2019
;; MSG SIZE  rcvd: 116

Host info

52.13.190.93.in-addr.arpa domain name pointer 52.13.190.93.in-addr.arpa.routergate.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
52.13.190.93.in-addr.arpa	name = 52.13.190.93.in-addr.arpa.routergate.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.125.140	attackbots	Apr 16 06:22:22 srv01 sshd[25683]: Invalid user ubuntu from 106.12.125.140 port 48634 Apr 16 06:22:22 srv01 sshd[25683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 Apr 16 06:22:22 srv01 sshd[25683]: Invalid user ubuntu from 106.12.125.140 port 48634 Apr 16 06:22:24 srv01 sshd[25683]: Failed password for invalid user ubuntu from 106.12.125.140 port 48634 ssh2 Apr 16 06:25:24 srv01 sshd[27621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.140 user=root Apr 16 06:25:26 srv01 sshd[27621]: Failed password for root from 106.12.125.140 port 33338 ssh2 ...	2020-04-16 14:26:43
189.105.171.241	attackspambots	(sshd) Failed SSH login from 189.105.171.241 (BR/Brazil/189-105-171-241.user.veloxzone.com.br): 5 in the last 3600 secs	2020-04-16 14:16:45
93.47.194.190	attackbotsspam	port scan and connect, tcp 22 (ssh)	2020-04-16 14:22:23
138.68.50.18	attackbots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-04-16 14:21:51
149.202.18.215	spam	spam e-mails	2020-04-16 14:27:03
120.236.189.171	attack	Invalid user test from 120.236.189.171 port 56632	2020-04-16 14:20:19
81.182.248.193	attackbotsspam	Apr 16 06:44:54 lukav-desktop sshd\[29624\]: Invalid user seb from 81.182.248.193 Apr 16 06:44:54 lukav-desktop sshd\[29624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.182.248.193 Apr 16 06:44:57 lukav-desktop sshd\[29624\]: Failed password for invalid user seb from 81.182.248.193 port 24667 ssh2 Apr 16 06:53:42 lukav-desktop sshd\[30010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.182.248.193 user=root Apr 16 06:53:44 lukav-desktop sshd\[30010\]: Failed password for root from 81.182.248.193 port 52031 ssh2	2020-04-16 14:31:39
182.56.51.213	attack	2020-04-16T06:11:54.355980centos sshd[2030]: Invalid user aws from 182.56.51.213 port 57896 2020-04-16T06:11:56.707224centos sshd[2030]: Failed password for invalid user aws from 182.56.51.213 port 57896 ssh2 2020-04-16T06:16:56.473232centos sshd[2361]: Invalid user azure from 182.56.51.213 port 58536 ...	2020-04-16 14:11:04
37.49.230.14	attackbotsspam	8080/tcp 49153/tcp 9527/tcp... [2020-04-04/16]23pkt,5pt.(tcp)	2020-04-16 14:18:37
42.115.49.223	attack	Fail2Ban Ban Triggered	2020-04-16 14:17:43
158.69.192.35	attackbots	Apr 16 08:12:15 roki sshd[6274]: Invalid user rosalba from 158.69.192.35 Apr 16 08:12:15 roki sshd[6274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.192.35 Apr 16 08:12:16 roki sshd[6274]: Failed password for invalid user rosalba from 158.69.192.35 port 36382 ssh2 Apr 16 08:19:19 roki sshd[6738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.192.35 user=root Apr 16 08:19:21 roki sshd[6738]: Failed password for root from 158.69.192.35 port 47300 ssh2 ...	2020-04-16 14:20:35
217.182.95.16	attackbots	Apr 15 23:33:53 server1 sshd\[11312\]: Failed password for invalid user smkatj from 217.182.95.16 port 37692 ssh2 Apr 15 23:37:38 server1 sshd\[12338\]: Invalid user user from 217.182.95.16 Apr 15 23:37:38 server1 sshd\[12338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.95.16 Apr 15 23:37:41 server1 sshd\[12338\]: Failed password for invalid user user from 217.182.95.16 port 41143 ssh2 Apr 15 23:41:20 server1 sshd\[13393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.95.16 user=root ...	2020-04-16 13:58:37
177.44.208.107	attackbots	$f2bV_matches	2020-04-16 14:24:21
179.42.217.254	attack	DATE:2020-04-16 05:54:30, IP:179.42.217.254, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-04-16 13:55:15
103.255.216.166	attack	Automatic report - Banned IP Access	2020-04-16 14:27:09

Recently Reported IPs

213.35.26.182	47.72.80.84	195.248.122.116	139.219.137.246
108.142.201.213	101.223.178.109	172.210.134.14	57.78.35.170
186.57.143.42	105.151.18.216	33.252.3.207	138.49.187.101
188.166.181.139	193.199.110.72	78.35.253.203	172.44.61.48
23.235.97.60	17.38.28.244	124.81.127.215	240.121.161.26