92.119.160.143

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Mosnet LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-07 02:37:19
attackspambots	02/26/2020-12:41:22.085822 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-27 01:57:33
attackbotsspam	Feb 24 23:31:01 h2177944 kernel: \[5781255.261009\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40040 PROTO=TCP SPT=51103 DPT=6501 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:31:01 h2177944 kernel: \[5781255.261023\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40040 PROTO=TCP SPT=51103 DPT=6501 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:59:45 h2177944 kernel: \[5782978.232172\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=36864 PROTO=TCP SPT=51103 DPT=5617 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:59:45 h2177944 kernel: \[5782978.232185\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=36864 PROTO=TCP SPT=51103 DPT=5617 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 00:24:47 h2177944 kernel: \[5784480.365772\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.	2020-02-25 08:17:47
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 87 - port: 9397 proto: TCP cat: Misc Attack	2020-02-21 19:05:56
attackbotsspam	firewall-block, port(s): 5535/tcp	2020-02-20 04:11:56
attackbots	02/19/2020-08:12:39.112041 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-19 21:30:08
attack	ATTEMPT ON VARIOUS NETWORK DEVICES	2020-02-15 21:34:29
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 91 - port: 101 proto: TCP cat: Misc Attack	2020-02-12 08:59:35
attackbots	Feb 11 20:36:33 h2177944 kernel: \[4647790.736639\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=38675 PROTO=TCP SPT=43222 DPT=11700 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 11 20:36:33 h2177944 kernel: \[4647790.736657\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=38675 PROTO=TCP SPT=43222 DPT=11700 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 11 21:04:51 h2177944 kernel: \[4649487.596707\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31296 PROTO=TCP SPT=43222 DPT=30111 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 11 21:04:51 h2177944 kernel: \[4649487.596721\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31296 PROTO=TCP SPT=43222 DPT=30111 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 11 21:19:54 h2177944 kernel: \[4650391.089117\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.	2020-02-12 05:18:25
attackbots	02/10/2020-19:13:27.172695 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-11 08:36:29
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 92 - port: 3338 proto: TCP cat: Misc Attack	2020-02-09 20:36:02
attackspambots	slow and persistent scanner	2020-02-05 05:31:55
attackbots	Automatic report - Port Scan	2020-02-04 19:30:03
attackspam	01/31/2020-12:32:15.866062 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-01 01:40:08
attack	Jan 26 05:49:41 h2177944 kernel: \[3212435.688793\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=26641 PROTO=TCP SPT=51756 DPT=3313 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 05:49:41 h2177944 kernel: \[3212435.688807\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=26641 PROTO=TCP SPT=51756 DPT=3313 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 05:52:03 h2177944 kernel: \[3212577.725487\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=42733 PROTO=TCP SPT=51756 DPT=44798 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 05:52:03 h2177944 kernel: \[3212577.725502\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=42733 PROTO=TCP SPT=51756 DPT=44798 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 26 05:54:57 h2177944 kernel: \[3212751.715981\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.21	2020-01-26 13:20:55
attack	Multiport scan : 15 ports scanned 3311 3334 3900 4004 6002 9876 15963 16898 20063 24683 33335 35271 35641 39654 56772	2020-01-18 07:51:54
attackbots	01/17/2020-09:48:19.197137 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-17 23:41:43
attack	01/13/2020-10:28:34.082744 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-13 23:31:55
attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 776 proto: TCP cat: Misc Attack	2020-01-13 14:45:15
attack	firewall-block, port(s): 776/tcp, 1123/tcp, 3386/tcp, 8080/tcp, 8889/tcp	2020-01-11 06:41:34
attackspambots	01/09/2020-23:58:04.411166 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-10 13:40:12
attackbots	01/04/2020-08:55:32.030327 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-04 22:56:46
attack	01/03/2020-23:56:25.966301 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-04 13:31:42
attack	firewall-block, port(s): 27440/tcp, 38928/tcp, 41420/tcp, 58285/tcp, 59518/tcp, 60628/tcp, 62931/tcp, 65490/tcp	2019-12-29 16:19:47
attack	Dec 27 09:07:10 h2177944 kernel: \[632745.066403\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=14331 PROTO=TCP SPT=48764 DPT=63616 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 09:07:10 h2177944 kernel: \[632745.066417\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=14331 PROTO=TCP SPT=48764 DPT=63616 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 09:11:43 h2177944 kernel: \[633018.494373\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=39460 PROTO=TCP SPT=48764 DPT=34460 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 09:11:43 h2177944 kernel: \[633018.494391\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=39460 PROTO=TCP SPT=48764 DPT=34460 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 09:23:04 h2177944 kernel: \[633699.458272\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.1	2019-12-27 17:52:42
attack	12/26/2019-13:50:50.174918 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-27 03:07:30
attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 61462 proto: TCP cat: Misc Attack	2019-12-23 21:18:49
attackbots	12/21/2019-16:29:23.885577 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-22 06:54:41
attackbots	Dec 18 23:39:04 debian-2gb-vpn-nbg1-1 kernel: [1079907.825035] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=92.119.160.143 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=38741 PROTO=TCP SPT=42598 DPT=64927 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-19 06:37:35
attackbots	12/16/2019-16:59:49.443002 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-17 06:21:30

Comments on same subnet:

IP	Type	Details	Datetime
92.119.160.169	attackbotsspam	Hit honeypot r.	2020-09-30 01:48:55
92.119.160.169	attack	Hit honeypot r.	2020-09-29 17:48:37
92.119.160.145	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 14389 proto: TCP cat: Misc Attack	2020-06-06 08:31:08
92.119.160.145	attackbots	[Mon Jun 01 01:23:10 2020] - DDoS Attack From IP: 92.119.160.145 Port: 48630	2020-06-01 04:07:48
92.119.160.145	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 5989 proto: TCP cat: Misc Attack	2020-05-23 18:00:31
92.119.160.145	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 8042 proto: TCP cat: Misc Attack	2020-05-11 08:30:48
92.119.160.145	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 83 - port: 1009 proto: TCP cat: Misc Attack	2020-05-03 06:44:42
92.119.160.145	attackspam	[Mon Apr 20 16:58:40 2020] - DDoS Attack From IP: 92.119.160.145 Port: 57210	2020-04-23 20:34:48
92.119.160.177	attack	Unauthorized connection attempt detected from IP address 92.119.160.177 to port 3389	2020-04-13 00:37:35
92.119.160.17	attackspambots	2019-11-09T12:54:02.699Z CLOSE host=92.119.160.17 port=63206 fd=4 time=20.017 bytes=17 ...	2020-03-12 22:57:49
92.119.160.13	attackbots	firewall-block, port(s): 3389/tcp	2020-03-12 21:12:53
92.119.160.12	attack	Time: Tue Mar 10 13:16:07 2020 -0500 IP: 92.119.160.12 (RU/Russia/-) Hits: 11 Blocked: Permanent Block [PS_LIMIT]	2020-03-11 02:48:50
92.119.160.142	attack	Port scan detected on ports: 3414[TCP], 81[TCP], 20600[TCP]	2020-03-09 15:18:01
92.119.160.52	attackbots	firewall-block, port(s): 97/tcp, 1080/tcp, 1453/tcp, 11520/tcp, 50550/tcp	2020-03-08 06:38:47
92.119.160.52	attack	port	2020-02-27 22:01:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.119.160.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11924
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.119.160.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072100 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 18:08:10 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 143.160.119.92.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 143.160.119.92.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.248.17.76	attack	Port probing on unauthorized port 23	2020-02-23 05:23:12
190.92.56.13	attackspam	Unauthorized connection attempt from IP address 190.92.56.13 on Port 445(SMB)	2020-02-23 05:25:15
198.108.66.196	attack	Unauthorized connection attempt from IP address 198.108.66.196 on Port 110(POP3)	2020-02-23 05:34:24
171.236.125.35	attack	Unauthorized connection attempt from IP address 171.236.125.35 on Port 445(SMB)	2020-02-23 05:28:20
151.80.41.205	attackbotsspam	Feb 22 11:00:54 php1 sshd\[13396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.41.205 user=root Feb 22 11:00:56 php1 sshd\[13396\]: Failed password for root from 151.80.41.205 port 60218 ssh2 Feb 22 11:04:21 php1 sshd\[13724\]: Invalid user liangmm from 151.80.41.205 Feb 22 11:04:21 php1 sshd\[13724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.41.205 Feb 22 11:04:23 php1 sshd\[13724\]: Failed password for invalid user liangmm from 151.80.41.205 port 32812 ssh2	2020-02-23 05:26:35
105.112.104.53	attack	Unauthorized connection attempt from IP address 105.112.104.53 on Port 445(SMB)	2020-02-23 05:13:08
116.66.238.152	attackbotsspam	Unauthorized connection attempt detected from IP address 116.66.238.152 to port 445	2020-02-23 05:27:02
49.205.182.223	attackspam	Feb 22 19:34:30 srv-ubuntu-dev3 sshd[97684]: Invalid user 123456789 from 49.205.182.223 Feb 22 19:34:30 srv-ubuntu-dev3 sshd[97684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.205.182.223 Feb 22 19:34:30 srv-ubuntu-dev3 sshd[97684]: Invalid user 123456789 from 49.205.182.223 Feb 22 19:34:32 srv-ubuntu-dev3 sshd[97684]: Failed password for invalid user 123456789 from 49.205.182.223 port 53832 ssh2 Feb 22 19:37:43 srv-ubuntu-dev3 sshd[98005]: Invalid user 123456789 from 49.205.182.223 Feb 22 19:37:43 srv-ubuntu-dev3 sshd[98005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.205.182.223 Feb 22 19:37:43 srv-ubuntu-dev3 sshd[98005]: Invalid user 123456789 from 49.205.182.223 Feb 22 19:37:44 srv-ubuntu-dev3 sshd[98005]: Failed password for invalid user 123456789 from 49.205.182.223 port 18214 ssh2 Feb 22 19:40:55 srv-ubuntu-dev3 sshd[98412]: Invalid user password123 from 49.205.182.223 ...	2020-02-23 05:36:23
185.195.27.206	attackspambots	Feb 22 18:46:11 minden010 sshd[14787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.195.27.206 Feb 22 18:46:13 minden010 sshd[14787]: Failed password for invalid user ec2-user from 185.195.27.206 port 43282 ssh2 Feb 22 18:49:51 minden010 sshd[16263]: Failed password for root from 185.195.27.206 port 34272 ssh2 ...	2020-02-23 05:37:40
71.56.11.32	attack	$f2bV_matches_ltvn	2020-02-23 05:32:59
182.160.119.225	attackbots	Honeypot attack, port: 139, PTR: 182-160-119-225.aamranetworks.com.	2020-02-23 05:29:16
192.169.215.124	attackspam	suspicious action Sat, 22 Feb 2020 13:45:40 -0300	2020-02-23 05:26:15
194.55.132.250	attackbots	02/22/2020-14:08:44.854495 194.55.132.250 Protocol: 17 ET SCAN Sipvicious User-Agent Detected (friendly-scanner)	2020-02-23 05:41:04
45.40.142.66	attackspam	Automatic report - XMLRPC Attack	2020-02-23 05:14:47
199.192.24.70	attack	Feb 22 20:59:59 163-172-32-151 sshd[8268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=contact.digintrigue.com user=root Feb 22 21:00:01 163-172-32-151 sshd[8268]: Failed password for root from 199.192.24.70 port 56204 ssh2 ...	2020-02-23 05:14:04

Recently Reported IPs

36.68.57.202	203.139.94.180	49.150.38.251	122.172.76.79
58.9.44.113	39.45.134.37	5.77.254.100	210.245.33.167
169.159.120.1	14.240.79.92	14.165.112.142	14.98.82.178
179.38.52.59	156.208.90.46	156.196.252.159	103.211.15.237
36.91.39.83	23.89.29.43	183.182.114.191	136.232.15.222