92.119.160.141

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Mosnet LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-10-07 03:21:36
attack	Oct 3 05:31:43 h2177944 kernel: \[2949675.961213\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=24443 PROTO=TCP SPT=52865 DPT=38468 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 3 05:33:46 h2177944 kernel: \[2949798.728296\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=54734 PROTO=TCP SPT=52865 DPT=3200 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 3 05:39:06 h2177944 kernel: \[2950118.427670\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=48849 PROTO=TCP SPT=52865 DPT=11009 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 3 05:40:53 h2177944 kernel: \[2950225.991795\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.141 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=21913 PROTO=TCP SPT=52865 DPT=3491 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 3 05:59:00 h2177944 kernel: \[2951312.599341\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.141 DST=85.21	2019-10-03 13:17:54
attackbots	Excessive Port-Scanning	2019-10-03 02:27:21
attackbots	Port scan on 3 port(s): 6548 23333 51011	2019-09-28 22:11:29
attackspam	firewall-block, port(s): 5523/tcp, 39156/tcp	2019-08-25 23:13:07
attack	Multiport scan : 20 ports scanned 70 81 444 1000 5666 6566 6669 6888 6900 7010 7306 8300 8767 9043 12000 16000 19000 22000 23000 30000	2019-07-19 18:32:10
attackbots	Jul 17 02:05:04 box kernel: [1436529.720146] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59251 PROTO=TCP SPT=46502 DPT=8087 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 02:06:22 box kernel: [1436607.655033] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=15794 PROTO=TCP SPT=46502 DPT=7306 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 03:01:11 box kernel: [1439896.579683] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=19792 PROTO=TCP SPT=46502 DPT=40 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 04:20:17 box kernel: [1444642.612719] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=21343 PROTO=TCP SPT=46502 DPT=7025 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 17 09:09:44 box kernel: [1462009.022174] [UFW BLOCK] IN=eth0 OUT= MAC=[munged] SRC=92.119.160.141 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=	2019-07-17 16:34:38

Comments on same subnet:

IP	Type	Details	Datetime
92.119.160.169	attackbotsspam	Hit honeypot r.	2020-09-30 01:48:55
92.119.160.169	attack	Hit honeypot r.	2020-09-29 17:48:37
92.119.160.145	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 14389 proto: TCP cat: Misc Attack	2020-06-06 08:31:08
92.119.160.145	attackbots	[Mon Jun 01 01:23:10 2020] - DDoS Attack From IP: 92.119.160.145 Port: 48630	2020-06-01 04:07:48
92.119.160.145	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 5989 proto: TCP cat: Misc Attack	2020-05-23 18:00:31
92.119.160.145	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 8042 proto: TCP cat: Misc Attack	2020-05-11 08:30:48
92.119.160.145	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 83 - port: 1009 proto: TCP cat: Misc Attack	2020-05-03 06:44:42
92.119.160.145	attackspam	[Mon Apr 20 16:58:40 2020] - DDoS Attack From IP: 92.119.160.145 Port: 57210	2020-04-23 20:34:48
92.119.160.177	attack	Unauthorized connection attempt detected from IP address 92.119.160.177 to port 3389	2020-04-13 00:37:35
92.119.160.17	attackspambots	2019-11-09T12:54:02.699Z CLOSE host=92.119.160.17 port=63206 fd=4 time=20.017 bytes=17 ...	2020-03-12 22:57:49
92.119.160.13	attackbots	firewall-block, port(s): 3389/tcp	2020-03-12 21:12:53
92.119.160.12	attack	Time: Tue Mar 10 13:16:07 2020 -0500 IP: 92.119.160.12 (RU/Russia/-) Hits: 11 Blocked: Permanent Block [PS_LIMIT]	2020-03-11 02:48:50
92.119.160.142	attack	Port scan detected on ports: 3414[TCP], 81[TCP], 20600[TCP]	2020-03-09 15:18:01
92.119.160.52	attackbots	firewall-block, port(s): 97/tcp, 1080/tcp, 1453/tcp, 11520/tcp, 50550/tcp	2020-03-08 06:38:47
92.119.160.143	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-07 02:37:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.119.160.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58468
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.119.160.141.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 16:34:30 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 141.160.119.92.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 141.160.119.92.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.40.97.109	attackspambots	(smtpauth) Failed SMTP AUTH login from 77.40.97.109 (RU/Russia/109.97.pppoe.mari-el.ru): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-03-25 08:26:20 plain authenticator failed for (localhost) [77.40.97.109]: 535 Incorrect authentication data (set_id=careers@fardineh.com)	2020-03-25 12:36:09
34.87.127.98	attackbots	xmlrpc attack	2020-03-25 12:20:36
156.199.26.97	attack	Telnetd brute force attack detected by fail2ban	2020-03-25 12:41:14
34.84.213.233	attack	Mar 25 06:56:40 hosting sshd[4262]: Invalid user linkinpark from 34.84.213.233 port 34262 ...	2020-03-25 12:18:02
88.12.16.234	attackbotsspam	Mar 25 05:30:43 OPSO sshd\[11478\]: Invalid user ttt from 88.12.16.234 port 55014 Mar 25 05:30:43 OPSO sshd\[11478\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.12.16.234 Mar 25 05:30:45 OPSO sshd\[11478\]: Failed password for invalid user ttt from 88.12.16.234 port 55014 ssh2 Mar 25 05:32:53 OPSO sshd\[11993\]: Invalid user javier from 88.12.16.234 port 10391 Mar 25 05:32:53 OPSO sshd\[11993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.12.16.234	2020-03-25 12:46:48
49.235.23.20	attackbots	2020-03-25T03:52:31.637692upcloud.m0sh1x2.com sshd[30555]: Invalid user catalina from 49.235.23.20 port 36628	2020-03-25 12:30:10
132.232.67.247	attackbots	Mar 25 05:52:11 lukav-desktop sshd\[13762\]: Invalid user sshuser from 132.232.67.247 Mar 25 05:52:11 lukav-desktop sshd\[13762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.67.247 Mar 25 05:52:14 lukav-desktop sshd\[13762\]: Failed password for invalid user sshuser from 132.232.67.247 port 55054 ssh2 Mar 25 05:56:54 lukav-desktop sshd\[20715\]: Invalid user maria from 132.232.67.247 Mar 25 05:56:54 lukav-desktop sshd\[20715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.67.247	2020-03-25 12:07:17
14.176.241.28	attackspam	LGS,WP GET /wp-login.php	2020-03-25 12:19:46
31.173.87.90	attackbotsspam	0,52-04/34 [bc03/m30] PostRequest-Spammer scoring: maputo01_x2b	2020-03-25 12:43:13
106.13.132.192	attackspam	Mar 25 04:51:29 ns382633 sshd\[19256\]: Invalid user vserver from 106.13.132.192 port 44270 Mar 25 04:51:29 ns382633 sshd\[19256\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.132.192 Mar 25 04:51:31 ns382633 sshd\[19256\]: Failed password for invalid user vserver from 106.13.132.192 port 44270 ssh2 Mar 25 04:56:26 ns382633 sshd\[20061\]: Invalid user mh from 106.13.132.192 port 40740 Mar 25 04:56:26 ns382633 sshd\[20061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.132.192	2020-03-25 12:31:51
51.178.52.185	attackbots	2020-03-25T03:49:00.520183abusebot-4.cloudsearch.cf sshd[24826]: Invalid user cari from 51.178.52.185 port 53473 2020-03-25T03:49:00.529612abusebot-4.cloudsearch.cf sshd[24826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.ip-51-178-52.eu 2020-03-25T03:49:00.520183abusebot-4.cloudsearch.cf sshd[24826]: Invalid user cari from 51.178.52.185 port 53473 2020-03-25T03:49:02.538802abusebot-4.cloudsearch.cf sshd[24826]: Failed password for invalid user cari from 51.178.52.185 port 53473 ssh2 2020-03-25T03:56:15.296679abusebot-4.cloudsearch.cf sshd[25241]: Invalid user etrust from 51.178.52.185 port 58423 2020-03-25T03:56:15.302158abusebot-4.cloudsearch.cf sshd[25241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.ip-51-178-52.eu 2020-03-25T03:56:15.296679abusebot-4.cloudsearch.cf sshd[25241]: Invalid user etrust from 51.178.52.185 port 58423 2020-03-25T03:56:17.004315abusebot-4.cloudsearch.cf sshd[252 ...	2020-03-25 12:42:56
31.209.136.34	attack	Mar 25 08:57:11 gw1 sshd[23028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.209.136.34 Mar 25 08:57:13 gw1 sshd[23028]: Failed password for invalid user rechnerplatine from 31.209.136.34 port 52366 ssh2 ...	2020-03-25 12:28:40
87.106.194.189	attack	Mar 25 04:56:47 * sshd[31286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.106.194.189 Mar 25 04:56:49 * sshd[31286]: Failed password for invalid user support from 87.106.194.189 port 36490 ssh2	2020-03-25 12:10:26
61.177.172.158	attackspam	2020-03-25T03:55:55.692873shield sshd\[22704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root 2020-03-25T03:55:57.979382shield sshd\[22704\]: Failed password for root from 61.177.172.158 port 31617 ssh2 2020-03-25T03:56:00.584156shield sshd\[22704\]: Failed password for root from 61.177.172.158 port 31617 ssh2 2020-03-25T03:56:02.461353shield sshd\[22704\]: Failed password for root from 61.177.172.158 port 31617 ssh2 2020-03-25T03:56:49.089542shield sshd\[22871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.158 user=root	2020-03-25 12:12:27
203.195.133.17	attackspambots	Mar 25 04:30:18 roki sshd[5132]: Invalid user jm from 203.195.133.17 Mar 25 04:30:18 roki sshd[5132]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.133.17 Mar 25 04:30:20 roki sshd[5132]: Failed password for invalid user jm from 203.195.133.17 port 34256 ssh2 Mar 25 04:56:24 roki sshd[7087]: Invalid user zhongjunquan from 203.195.133.17 Mar 25 04:56:24 roki sshd[7087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.133.17 ...	2020-03-25 12:32:13

Recently Reported IPs

14.226.84.241	21.18.191.150	176.36.119.166	166.161.5.146
150.109.170.68	68.183.147.224	191.240.37.14	116.74.123.28
189.155.72.243	115.127.124.203	88.152.72.241	104.129.130.214
95.170.193.186	122.167.138.194	46.166.151.200	85.96.196.155
74.208.159.180	82.201.31.101	37.49.224.137	34.221.144.168