92.119.160.145

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Mosnet LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 14389 proto: TCP cat: Misc Attack	2020-06-06 08:31:08
attackbots	[Mon Jun 01 01:23:10 2020] - DDoS Attack From IP: 92.119.160.145 Port: 48630	2020-06-01 04:07:48
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 5989 proto: TCP cat: Misc Attack	2020-05-23 18:00:31
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 86 - port: 8042 proto: TCP cat: Misc Attack	2020-05-11 08:30:48
attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 83 - port: 1009 proto: TCP cat: Misc Attack	2020-05-03 06:44:42
attackspam	[Mon Apr 20 16:58:40 2020] - DDoS Attack From IP: 92.119.160.145 Port: 57210	2020-04-23 20:34:48
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 2001 proto: TCP cat: Misc Attack	2020-01-24 23:53:41
attackspambots	Triggered: repeated knocking on closed ports.	2020-01-02 15:13:27
attackbots	Sep 23 12:36:36 TCP Attack: SRC=92.119.160.145 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=241 PROTO=TCP SPT=40103 DPT=54718 WINDOW=1024 RES=0x00 SYN URGP=0	2019-09-24 00:57:57
attackbotsspam	Port scan on 3 port(s): 19382 19901 48209	2019-09-10 09:43:32
attack	Sep 3 02:09:18 TCP Attack: SRC=92.119.160.145 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=241 PROTO=TCP SPT=40103 DPT=54505 WINDOW=1024 RES=0x00 SYN URGP=0	2019-09-03 12:25:45
attackbotsspam	Port scan	2019-09-01 17:54:56
attack	firewall-block, port(s): 7820/tcp, 34648/tcp	2019-08-25 23:07:09
attackbots	23.07.2019 14:01:04 Connection to port 17270 blocked by firewall	2019-07-23 22:43:32
attackbots	Jul 16 16:13:10 localhost kernel: [14552183.761853] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=92.119.160.145 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=61992 PROTO=TCP SPT=47102 DPT=33886 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 16 16:13:10 localhost kernel: [14552183.761877] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=92.119.160.145 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=61992 PROTO=TCP SPT=47102 DPT=33886 SEQ=2399147528 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 16 18:53:02 localhost kernel: [14561775.907718] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=92.119.160.145 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=13277 PROTO=TCP SPT=47102 DPT=60300 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 16 18:53:02 localhost kernel: [14561775.907743] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=92.119.160.145 DST=[mungedIP2] LEN=40 TO	2019-07-17 07:30:44

Comments on same subnet:

IP	Type	Details	Datetime
92.119.160.169	attackbotsspam	Hit honeypot r.	2020-09-30 01:48:55
92.119.160.169	attack	Hit honeypot r.	2020-09-29 17:48:37
92.119.160.177	attack	Unauthorized connection attempt detected from IP address 92.119.160.177 to port 3389	2020-04-13 00:37:35
92.119.160.17	attackspambots	2019-11-09T12:54:02.699Z CLOSE host=92.119.160.17 port=63206 fd=4 time=20.017 bytes=17 ...	2020-03-12 22:57:49
92.119.160.13	attackbots	firewall-block, port(s): 3389/tcp	2020-03-12 21:12:53
92.119.160.12	attack	Time: Tue Mar 10 13:16:07 2020 -0500 IP: 92.119.160.12 (RU/Russia/-) Hits: 11 Blocked: Permanent Block [PS_LIMIT]	2020-03-11 02:48:50
92.119.160.142	attack	Port scan detected on ports: 3414[TCP], 81[TCP], 20600[TCP]	2020-03-09 15:18:01
92.119.160.52	attackbots	firewall-block, port(s): 97/tcp, 1080/tcp, 1453/tcp, 11520/tcp, 50550/tcp	2020-03-08 06:38:47
92.119.160.143	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-07 02:37:19
92.119.160.52	attack	port	2020-02-27 22:01:42
92.119.160.13	attackspam	Port 3389 (MS RDP) access denied	2020-02-27 01:58:27
92.119.160.52	attackspambots	02/26/2020-12:01:46.069364 92.119.160.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-27 01:58:03
92.119.160.143	attackspambots	02/26/2020-12:41:22.085822 92.119.160.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-27 01:57:33
92.119.160.143	attackbotsspam	Feb 24 23:31:01 h2177944 kernel: \[5781255.261009\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40040 PROTO=TCP SPT=51103 DPT=6501 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:31:01 h2177944 kernel: \[5781255.261023\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=40040 PROTO=TCP SPT=51103 DPT=6501 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:59:45 h2177944 kernel: \[5782978.232172\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=36864 PROTO=TCP SPT=51103 DPT=5617 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 24 23:59:45 h2177944 kernel: \[5782978.232185\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=36864 PROTO=TCP SPT=51103 DPT=5617 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 00:24:47 h2177944 kernel: \[5784480.365772\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.143 DST=85.214.	2020-02-25 08:17:47
92.119.160.52	attackspambots	02/24/2020-03:27:53.332623 92.119.160.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-24 16:58:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.119.160.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21468
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.119.160.145.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 07:30:34 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 145.160.119.92.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 145.160.119.92.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.227.187.185	attack	Invalid user cvsrts from 165.227.187.185 port 34928	2020-02-16 14:51:56
176.120.201.183	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 14:56:54
176.120.210.177	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 14:35:00
78.140.20.137	attackspam	Fail2Ban Ban Triggered	2020-02-16 14:50:20
51.91.139.107	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-16 14:39:14
106.52.6.248	attackspambots	Feb 16 07:41:10 server sshd\[2802\]: Invalid user xgridagent from 106.52.6.248 Feb 16 07:41:10 server sshd\[2802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.6.248 Feb 16 07:41:12 server sshd\[2802\]: Failed password for invalid user xgridagent from 106.52.6.248 port 36992 ssh2 Feb 16 07:57:55 server sshd\[6147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.6.248 user=root Feb 16 07:57:57 server sshd\[6147\]: Failed password for root from 106.52.6.248 port 50070 ssh2 ...	2020-02-16 14:29:30
176.120.202.231	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-16 14:55:18
14.166.231.128	attack	Fail2Ban Ban Triggered	2020-02-16 14:38:16
196.46.192.73	attackbots	Feb 16 06:58:23 MK-Soft-VM8 sshd[17737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.46.192.73 Feb 16 06:58:24 MK-Soft-VM8 sshd[17737]: Failed password for invalid user avdcodel from 196.46.192.73 port 41818 ssh2 ...	2020-02-16 14:30:48
177.159.146.68	attackbots	Triggered by Fail2Ban at Ares web server	2020-02-16 14:18:48
78.196.136.19	attack	Feb 16 04:57:46 localhost sshd\[29347\]: Invalid user pi from 78.196.136.19 port 46182 Feb 16 04:57:46 localhost sshd\[29347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.196.136.19 Feb 16 04:57:46 localhost sshd\[29349\]: Invalid user pi from 78.196.136.19 port 46190 ...	2020-02-16 14:36:59
187.190.235.89	attackbotsspam	Feb 16 06:33:12 haigwepa sshd[13662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.190.235.89 Feb 16 06:33:15 haigwepa sshd[13662]: Failed password for invalid user cai from 187.190.235.89 port 51441 ssh2 ...	2020-02-16 14:36:41
94.156.163.220	attackspam	1581829080 - 02/16/2020 11:58:00 Host: 94.156.163.220/94.156.163.220 Port: 23 TCP Blocked ...	2020-02-16 14:22:05
45.188.66.80	attack	Automatic report - Banned IP Access	2020-02-16 14:19:59
111.229.48.106	attackspambots	Feb 16 05:58:06 pornomens sshd\[8865\]: Invalid user yasmine from 111.229.48.106 port 44800 Feb 16 05:58:06 pornomens sshd\[8865\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.106 Feb 16 05:58:09 pornomens sshd\[8865\]: Failed password for invalid user yasmine from 111.229.48.106 port 44800 ssh2 ...	2020-02-16 14:15:54

Recently Reported IPs

159.89.126.117	197.57.170.28	134.73.129.4	101.67.248.145
109.159.41.40	107.180.108.30	189.223.222.138	110.86.166.23
188.162.132.250	119.34.0.23	113.160.150.233	179.181.136.207
45.238.210.38	179.98.33.100	207.46.13.76	174.138.27.173
87.255.196.2	200.39.236.93	177.45.51.148	36.85.102.222