119.92.14.148 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Philippines

Internet Service Provider: DSL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-10 08:32:17,510 INFO [amun_request_handler] PortScan Detected on Port: 445 (119.92.14.148)	2019-07-10 19:38:56

Comments on same subnet:

IP	Type	Details	Datetime
119.92.143.82	attack	C1,WP GET /lappan/wp-login.php	2019-11-07 21:18:35
119.92.141.51	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-13 10:36:48,741 INFO [amun_request_handler] PortScan Detected on Port: 445 (119.92.141.51)	2019-09-14 04:34:02
119.92.145.9	attackspam	Unauthorized connection attempt from IP address 119.92.145.9 on Port 445(SMB)	2019-08-31 14:59:21
119.92.140.39	attackbots	BURG,WP GET /wp-login.php	2019-07-29 18:12:55
119.92.145.9	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 02:51:21,093 INFO [shellcode_manager] (119.92.145.9) no match, writing hexdump (6d1cee8d97355b19cb6a9d4a3df05fcf :2240810) - MS17010 (EternalBlue)	2019-07-18 13:22:57
119.92.145.9	attackbotsspam	Unauthorized connection attempt from IP address 119.92.145.9 on Port 445(SMB)	2019-07-09 14:37:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.92.14.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5950
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.92.14.148.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 19:38:49 CST 2019
;; MSG SIZE  rcvd: 117

Host info

148.14.92.119.in-addr.arpa domain name pointer 119.92.14.148.static.pldt.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
148.14.92.119.in-addr.arpa	name = 119.92.14.148.static.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.100.242	attackbots	Apr 10 01:39:01 meumeu sshd[11544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.100.242 Apr 10 01:39:03 meumeu sshd[11544]: Failed password for invalid user clara from 62.234.100.242 port 59650 ssh2 Apr 10 01:43:56 meumeu sshd[12399]: Failed password for root from 62.234.100.242 port 58608 ssh2 ...	2020-04-10 10:06:30
40.117.187.141	attackbotsspam	SSH brute force	2020-04-10 09:40:20
153.35.203.79	attackbotsspam	Email rejected due to spam filtering	2020-04-10 10:15:09
52.130.85.172	attackbotsspam	SSH brute force attempt	2020-04-10 09:37:13
54.36.54.24	attack	Apr 10 00:13:57 vmd26974 sshd[25763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.54.24 Apr 10 00:14:00 vmd26974 sshd[25763]: Failed password for invalid user jatten from 54.36.54.24 port 39628 ssh2 ...	2020-04-10 09:53:33
182.61.45.42	attackspam	Apr 10 02:16:00 DAAP sshd[19102]: Invalid user alpha from 182.61.45.42 port 13218 Apr 10 02:16:00 DAAP sshd[19102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.45.42 Apr 10 02:16:00 DAAP sshd[19102]: Invalid user alpha from 182.61.45.42 port 13218 Apr 10 02:16:02 DAAP sshd[19102]: Failed password for invalid user alpha from 182.61.45.42 port 13218 ssh2 Apr 10 02:19:48 DAAP sshd[19160]: Invalid user deployer from 182.61.45.42 port 54364 ...	2020-04-10 09:59:54
86.245.25.253	attack	Apr 10 00:53:23 vps339862 kernel: \[5691719.481145\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=71 TOS=0x00 PREC=0x00 TTL=51 ID=13695 DF PROTO=UDP SPT=62858 DPT=53 LEN=51 Apr 10 00:53:25 vps339862 kernel: \[5691721.021041\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=66 TOS=0x00 PREC=0x00 TTL=51 ID=13665 DF PROTO=UDP SPT=37335 DPT=53 LEN=46 Apr 10 00:53:28 vps339862 kernel: \[5691723.611091\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=66 TOS=0x00 PREC=0x00 TTL=51 ID=9892 DF PROTO=UDP SPT=53063 DPT=53 LEN=46 Apr 10 00:53:33 vps339862 kernel: \[5691728.701103\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=66 TOS=0x00 PREC=0x00 TTL=51 ID=17244 DF PROTO=UDP SPT=53004 ...	2020-04-10 09:57:42
51.254.220.3	attackspam	detected by Fail2Ban	2020-04-10 09:44:47
46.29.165.223	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-04-10 09:36:44
222.89.92.196	attack	Scanned 3 times in the last 24 hours on port 22	2020-04-10 09:57:58
123.31.27.102	attackbots	Apr 10 03:39:56 ArkNodeAT sshd\[21052\]: Invalid user team from 123.31.27.102 Apr 10 03:39:56 ArkNodeAT sshd\[21052\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.27.102 Apr 10 03:39:58 ArkNodeAT sshd\[21052\]: Failed password for invalid user team from 123.31.27.102 port 45492 ssh2	2020-04-10 10:13:56
222.186.175.151	attackspam	Apr 10 03:53:47 server sshd[42200]: Failed none for root from 222.186.175.151 port 19258 ssh2 Apr 10 03:53:50 server sshd[42200]: Failed password for root from 222.186.175.151 port 19258 ssh2 Apr 10 03:53:53 server sshd[42200]: Failed password for root from 222.186.175.151 port 19258 ssh2	2020-04-10 09:55:18
41.39.119.209	attack	Automatic report - Port Scan Attack	2020-04-10 10:10:53
64.90.40.100	attackbotsspam	64.90.40.100 - - [09/Apr/2020:23:52:59 +0200] "POST /wp-login.php HTTP/1.0" 200 4325 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.90.40.100 - - [09/Apr/2020:23:53:00 +0200] "POST /wp-login.php HTTP/1.0" 200 4205 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-04-10 09:59:27
118.112.181.37	attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-04-10 09:39:49

Recently Reported IPs

66.249.64.152	103.19.80.99	83.110.102.186	185.234.219.108
77.247.108.154	212.216.176.105	40.77.167.181	222.64.15.220
156.195.179.65	7.96.87.177	125.166.140.181	212.92.112.41
113.179.210.203	59.57.4.86	116.86.21.60	37.190.61.228
196.188.156.122	96.246.226.109	119.118.159.194	185.165.58.59