Check an IP Address, Domain Name, Subnet, or ASN

13.83.90.155 was found in our database!

$ whois 13.83.90.155

country·🇺🇸 United States

city·San Jose

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 13.83.90.155scoring →

confidence

98%Very High

first_seen·Mar 4, 2026

last_seen·1h ago

first_reported·Mar 20, 2026

last_reported·22h ago

sessions·29

events·29

reports·1

$ sikker protocols 13.83.90.155

HTTP

11 / 11 / 1r

HTTPS

7 / 7

DOCKER

6 / 6

SSH

4 / 4

TELNET

1 / 1

$ sikker summary 13.83.90.155

13.83.90.155 has a threat confidence score of 98%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 29 honeypot sessions and reported 1 times targeting HTTP, HTTPS, DOCKER, SSH, TELNET protocols. Detected attack patterns include http mass web rce exploitation scanning. First observed on March 4, 2026, most recently active March 21, 2026.

$ sikker behaviors 13.83.90.155catalog →

highHttp Mass Web Rce Exploitation Scanning10x

Coordinated automated exploitation attempts targeting public-facing web services, including PHPUnit eval-stdin access, PHP-CGI argument injection, Docker API exposure, directory traversal, ThinkPHP invokeFunction abuse, and command execution patterns (wget/curl pipe to shell). Identifies opportunistic bot-driven RCE scanning and framework-specific exploit chaining against internet-exposed applications.

$ sikker primitives 13.83.90.155

http_method_get462 http_php_echo_md5_hello_phpunit_marker407 http_body_wget_curl_pipe_to_sh_selfrep22 http_thinkphp_invokefunction_call_user_func_array_md522 http_php_cgi_allow_url_include_auto_prepend_input_injection22 docker_post_method18 https_query_thinkphp_invokefunction_md5_probe14 https_body_wget_curl_pipe_to_sh_apache_selfrep14 https_php_ini_directive_injection_allow_url_include_auto_prepend_file14 docker_container_exec_path12 http_cgi_bin_direct_bin_sh_access11 http_phpunit_eval_stdin_php_path_access11 http_phpunit_license_eval_stdin_path_probe11 http_docker_api_containers_json_path_access11 http_phpunit_util_php_eval_stdin_path_access11 http_root_phpunit_src_eval_stdin_path_access11 http_root_phpunit_util_eval_stdin_path_access11 http_double_vendor_phpunit_eval_stdin_path_probe11 http_phpunit_src_util_php_eval_stdin_path_access11 http_root_phpunit_util_php_eval_stdin_path_access11

$ sikker reports 13.83.90.155submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 20, 2026, 20:09	Brute Force	HTTP	SikkerGuard: 4 blocked packets

$ sikker related 13.83.90.155

🇺🇸·More threats fromUnited States→AS·More threats fromMicrosoft Corporation→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→DOCK·More threats targetingDOCKER→SSH·More threats targetingSSH→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
20.102.112.104	82%	1,272
20.168.7.3	51%	57
20.127.192.218	61%	49
74.249.178.165	80%	151
20.106.186.120	63%	51

IP Address	Confidence	Events
34.82.98.110	79%	5,607
92.118.39.95	100%	81,817
205.210.31.211	94%	247
97.74.90.88	97%	2,882
92.118.39.63	100%	49,755