Check an IP Address, Domain Name, Subnet, or ASN

13.83.90.155 was found in our database!

$ whois 13.83.90.155

country·🇺🇸 United States

city·San Jose

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 13.83.90.155scoring →

confidence

100%Very High

first_seen·Mar 4, 2026

last_seen·23h ago

first_reported·Mar 20, 2026

last_reported·16d ago

sessions·80

events·80

reports·2

$ sikker protocols 13.83.90.155

HTTPS

31 / 31

DOCKER

22 / 22

HTTP

21 / 21 / 1r

SSH

4 / 4 / 1r

TELNET

2 / 2

$ sikker summary 13.83.90.155

13.83.90.155 has a threat confidence score of 100%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 80 honeypot sessions and reported 2 times targeting HTTPS, DOCKER, HTTP, SSH, TELNET protocols. Detected attack patterns include http mass web rce exploitation scanning. First observed on March 4, 2026, most recently active April 12, 2026.

$ sikker behaviors 13.83.90.155catalog →

highHttp Mass Web Rce Exploitation Scanning19x

Coordinated automated exploitation attempts targeting public-facing web services, including PHPUnit eval-stdin access, PHP-CGI argument injection, Docker API exposure, directory traversal, ThinkPHP invokeFunction abuse, and command execution patterns (wget/curl pipe to shell). Identifies opportunistic bot-driven RCE scanning and framework-specific exploit chaining against internet-exposed applications.

$ sikker primitives 13.83.90.155

http_method_get880 http_php_echo_md5_hello_phpunit_marker777 php_phpunit_md5_marker259 docker_post_method66 https_query_thinkphp_invokefunction_md5_probe62 https_body_wget_curl_pipe_to_sh_apache_selfrep62 https_php_ini_directive_injection_allow_url_include_auto_prepend_file62 docker_container_exec_path44 http_body_wget_curl_pipe_to_sh_selfrep42 http_thinkphp_invokefunction_call_user_func_array_md542 http_php_cgi_allow_url_include_auto_prepend_input_injection42 https_path_root31 https_phpunit_eval_stdin_rce_probe31 phpunit_eval_stdin_php_header_execution31 phpunit_eval_stdin_endpoint_access_legacy_path31 phpunit_eval_stdin_endpoint_access_src_variant31 phpunit_eval_stdin_endpoint_access_nested_src_path31 phpunit_eval_stdin_endpoint_access_nested_legacy_path31 https_cgi_bin_percent_encoded_directory_traversal_bin_sh31 docker_get_method22

$ sikker reports 13.83.90.155submit →

Showing 2 of 2 reports from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 28, 2026, 02:09	Brute Force	SSH	Fail2Ban Report - Bruteforce attempt
User	Mar 20, 2026, 20:09	Brute Force	HTTP	SikkerGuard: 4 blocked packets

$ sikker related 13.83.90.155

🇺🇸·More threats fromUnited States→AS·More threats fromMicrosoft Corporation→HTTP·More threats targetingHTTPS→DOCK·More threats targetingDOCKER→HTTP·More threats targetingHTTP→SSH·More threats targetingSSH→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
135.235.138.43	100%	1,083
20.203.42.204	100%	3,946
20.80.88.134	93%	158
52.172.244.6	95%	20
64.236.131.211	23%	1

IP Address	Confidence	Events
162.216.150.241	69%	104
205.210.31.15	97%	306
208.109.34.31	97%	4,598
66.132.224.224	98%	256
66.132.195.109	100%	730