192.160.102.164 is a Tor IP used by Hackers

IP informations Cybercrime IP Feeds Raw whois

192.160.102.164

is a

Tor IP

used by

Hackers

100 %

Canada

Report Abuse

387attacks reported

132Brute-ForceSSH

62Web App Attack

37PhishingWeb Spam

31Brute-Force

30SSH

15uncategorized

14Hacking

7HackingBrute-Force

4DDoS Attack

...

78abuse reported

43Web Spam

7Web SpamForum Spam

6Bad Web BotWeb SpamBlog Spam

4Bad Web BotWeb App Attack

4Bad Web Bot

3Web SpamBrute-ForceWeb App Attack

3Blog Spam

2Email Spam

2Web SpamBad Web BotWeb App Attack

1Email SpamBrute-ForceWeb App Attack

...

27anonymizers reported

4Open ProxyWeb SpamBad Web BotWeb App Attack

4Tor IP

2Open ProxyWeb Spam

2Open ProxyWeb SpamBrute-ForceWeb App Attack

2Open Proxy

1Open ProxyPort ScanHackingSQL InjectionBrute-ForceWeb App AttackSSH

1Open ProxyWeb SpamWeb App Attack

1Open ProxyWeb SpamEmail SpamBrute-ForceBad Web BotWeb App Attack

1Open ProxyWeb SpamEmail SpamBad Web BotWeb App Attack

1Open ProxyWeb SpamEmail SpamWeb App AttackBad Web BotBrute-ForceHacking

...

1malware reported

1Malware

from 158 distinct reporters

and 20 distinct sources : BadIPs.com, torstatus.blutmagie.de, CleanTalk, dan.me.uk, Emerging Threats, MaxMind.com, sblam.com, Snort.org Labs, StopForumSpam.com, TalosIntel.com, TorProject.org, FireHOL, GreenSnow.co, blocklist.net.ua, NoThink.org, BotScout.com, NormShield.com, danger.rulez.sk, darklist.de, AbuseIPDB

192.160.102.164 was first signaled at 2017-12-02 11:54 and last record was at 2019-08-26 11:21.

192.160.102.164

Organization

Hextet Systems

all IP owned by Hextet Systems

Localisation

Canada

Manitoba, Winnipeg

NetRange : First & Last IP

192.160.102.0 - 192.160.102.255

Network CIDR

192.160.102.0/24

ASN

395089

list IP by ASN 395089

Note about 192.0.0.0/8

192.0.2.0/24 reserved for TEST-NET-1 [RFC5737]. Complete registration details for 192.0.2.0/24 are found in [IANA registry iana-ipv4-special-registry]. 192.88.99.0/24 reserved for 6to4 Relay Anycast [RFC3068] Complete registration details for 192.88.99.0/24 are found in [IANA registry iana-ipv4-special-registry]. 192.88.99.2/32 reserved for 6a44 Relay Anycast [RFC6751] (possibly collocated with 6to4 Relay at 192.88.99.1/32 - see [RFC3068] section 2.4) 192.168.0.0/16 reserved for Private-Use Networks [RFC1918]. Complete registration details for 192.168.0.0/16 are found in [IANA registry iana-ipv4-special-registry].

192.0.0.0/24 reserved for IANA IPv4 Special Purpose Address Registry [RFC5736]. Complete registration details for 192.0.0.0/24 are found in [IANA registry iana-ipv4-special-registry].

Cybercrime IP Feeds

Date UTC	Category	Sub Categories	Source List	Source	Logs
2019-08-12 14:16	attacks	Brute-ForceSSH		AbuseIPDB	SSH Brute-Force attacks
2019-08-12 13:14	attacks	Brute-ForceSSH		AbuseIPDB	Aug 13 01:04:52 master sshd[16474]: Failed password for root from 192.160.102.164 port 35789 ssh2 Aug 13 01:04:55 master sshd[16474]: Failed password
2019-08-12 13:11	attacks	Brute-Force		AbuseIPDB	$f2bV_matches
2019-08-12 11:47	attacks	Brute-ForceSSH		AbuseIPDB	SSH bruteforce
2019-08-12 10:31	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 15:29:34 testbed sshd[23926]: error: maximum authentication attempts exceeded for root from 192.160
2019-08-12 10:31	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 15:29:34 testbed sshd[23926]: Failed password for root from 192.160.102.164 port 45565 ssh2
2019-08-12 10:29	attacks	Hacking		AbuseIPDB	08/12/2019-15:29:16.818580 192.160.102.164 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 14
2019-08-12 10:29	attacks	Hacking		AbuseIPDB	08/12/2019-15:29:16.818580 192.160.102.164 Protocol: 6 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 43
2019-08-12 10:29	attacks	Hacking		AbuseIPDB	08/12/2019-15:29:16.818580 192.160.102.164 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 43
2019-08-12 09:55	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 14:52:41 testbed sshd[15813]: Failed password for root from 192.160.102.164 port 46805 ssh2
2019-08-12 09:54	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 14:52:46 testbed sshd[15813]: error: maximum authentication attempts exceeded for root from 192.160
2019-08-12 09:54	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 14:52:44 testbed sshd[15813]: Failed password for root from 192.160.102.164 port 46805 ssh2
2019-08-12 09:54	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 14:52:35 testbed sshd[15813]: Failed password for root from 192.160.102.164 port 46805 ssh2
2019-08-12 09:54	attacks	SSH		AbuseIPDB	Splunk® : Brute-Force login attempt on SSH: Aug 12 14:52:38 testbed sshd[15813]: Failed password for root from 192.160.102.164 port 46805 ssh2
2019-08-12 09:52	attacks	Hacking		AbuseIPDB	08/12/2019-14:52:28.238247 192.160.102.164 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 14
2019-08-12 09:52	attacks	Hacking		AbuseIPDB	08/12/2019-14:52:28.238247 192.160.102.164 Protocol: 6 ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 43
2019-08-12 09:52	attacks	Hacking		AbuseIPDB	08/12/2019-14:52:28.238247 192.160.102.164 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 43
2019-08-12 09:41	attacks	Brute-ForceSSH		AbuseIPDB	Aug 12 20:40:48 plex sshd[10183]: Failed password for root from 192.160.102.164 port 39381 ssh2 Aug 12 20:40:51 plex sshd[10183]: Failed password for
2019-08-12 09:20	attacks	Brute-ForceSSH		AbuseIPDB	detected by Fail2Ban
2019-08-12 08:12	attacks	Brute-ForceSSH		AbuseIPDB	Reported by AbuseIPDB proxy server.
2019-08-12 05:50	attacks	Brute-Force		AbuseIPDB	Aug 12 14:50:44 localhost sshd\[29967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 us
2019-08-12 04:03	attacks	DDoS Attack		AbuseIPDB	$f2bV_matches
2019-08-12 00:50	attacks	Brute-ForceSSH		AbuseIPDB
2019-08-11 23:39	attacks	SSH		AbuseIPDB	Aug 12 08:39:09 thevastnessof sshd[30514]: Failed password for root from 192.160.102.164 port 43355 ssh2
2019-08-11 23:15	attacks	SSH		AbuseIPDB	Aug 12 08:15:36 thevastnessof sshd[29843]: Failed password for root from 192.160.102.164 port 41549 ssh2
2019-08-11 19:04	attacks	Brute-ForceSSH		AbuseIPDB	Aug 12 05:44:59 vpn01 sshd\[7462\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 user=ro
2019-08-11 18:38	attacks	Brute-ForceSSH		AbuseIPDB	2019-08-12T05:38:39.9591041240 sshd\[10351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.1
2019-08-11 15:30	attacks	Brute-ForceSSH		AbuseIPDB	[AUTOMATIC REPORT] - 24 tries in total - SSH BRUTE FORCE - IP banned
2019-08-11 14:04	attacks	Brute-ForceSSH		AbuseIPDB	Fail2Ban - SSH Bruteforce Attempt
2019-08-11 07:57	attacks	Brute-ForceSSH		AbuseIPDB	$f2bV_matches
2019-08-11 07:32	attacks	Brute-ForceSSH		AbuseIPDB	Aug 11 16:32:41 MK-Soft-VM3 sshd\[7744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 u
2019-08-11 05:10	attacks	Web App Attack		AbuseIPDB	Automatic report - Banned IP Access
2019-08-10 14:47	attacks	Brute-ForceSSH		AbuseIPDB	Aug 11 01:47:12 vpn01 sshd\[30285\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 user=r
2019-08-10 11:22	attacks	Brute-Force		AbuseIPDB	Aug 10 23:22:05 vtv3 sshd\[28354\]: Invalid user user from 192.160.102.164 port 39903 Aug 10 23:22:05 vtv3 sshd\[28354\]: pam_unix$sshd:auth$: authe
2019-08-10 08:18	attacks	Brute-ForceSSH		AbuseIPDB	SSH login attempts brute force.
2019-08-10 01:41	attacks	Brute-ForceSSH		AbuseIPDB	Aug 6 21:45:05 itv-usvr-01 sshd[21488]: Invalid user administrator from 192.160.102.164 Aug 6 21:45:05 itv-usvr-01 sshd[21488]: pam_unix(sshd:auth): a
2019-08-10 01:01	attacks	Brute-ForceSSH		AbuseIPDB	2019-08-10T09:59:11.064088abusebot.cloudsearch.cf sshd\[16379\]: Invalid user user from 192.160.102.164 port 41101
2019-08-10 00:43	attacks	Web App Attack		AbuseIPDB	Automatic report - Banned IP Access
2019-08-09 19:06	attacks	Brute-ForceSSH		AbuseIPDB	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 user=root Failed password for root from 192
2019-08-08 23:39	attacks	Brute-ForceSSH		AbuseIPDB	Aug 9 10:39:37 ncomp sshd[5156]: Invalid user vagrant from 192.160.102.164 Aug 9 10:39:37 ncomp sshd[5156]: pam_unix(sshd:auth): authentication failur
2019-08-08 22:54	attacks	Brute-ForceSSH		AbuseIPDB	$f2bV_matches
2019-08-08 20:54	attacks	Brute-ForceSSH		AbuseIPDB	Aug 9 07:54:13 web2 sshd[15730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 Aug 9 07:54:1
2019-08-08 17:11	attacks	Brute-Force		AbuseIPDB	" "
2019-08-08 07:35	attacks	Brute-ForceSSH		AbuseIPDB	ssh failed login
2019-08-07 13:31	attacks	Brute-ForceSSH		AbuseIPDB	Aug 7 22:29:39 MK-Soft-VM7 sshd\[13037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 u
2019-08-07 12:51	attacks	Brute-ForceSSH		AbuseIPDB	Aug 7 21:51:29 MK-Soft-VM4 sshd\[2651\]: Invalid user admin from 192.160.102.164 port 37093 Aug 7 21:51:29 MK-Soft-VM4 sshd\[2651\]: pam_unix\(sshd:au
2019-08-07 11:09	attacks	Brute-ForceSSH		AbuseIPDB	Aug 7 01:53:03 *** sshd[5944]: Failed password for invalid user USERID from 192.160.102.164 port 37661 ssh2
2019-08-07 05:41	attacks	Brute-ForceSSH		AbuseIPDB	Aug 7 16:41:12 jane sshd\[26385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 user=roo
2019-08-06 22:09	attacks	Brute-ForceSSH		AbuseIPDB	Aug 7 09:09:30 ubuntu-2gb-nbg1-dc3-1 sshd[29827]: Failed password for root from 192.160.102.164 port 35295 ssh2 Aug 7 09:09:36 ubuntu-2gb-nbg1-dc3-1 s
2019-08-06 16:20	attacks	Brute-ForceSSH		AbuseIPDB	Aug 7 03:20:50 * sshd[14526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.160.102.164 Aug 7 03:20:52 *
2017-12-02 11:54	abuse	Web Spam		AbuseIPDB
2017-12-02 14:10	attacks	Web App Attack		AbuseIPDB	/root/.ssh/id_dsa
2017-12-02 14:22	attacks	Brute-ForceDDoS Attack		AbuseIPDB
2017-12-02 15:00	attacks	SSH		AbuseIPDB	Unauthorized access to SSH at 7/Nov/2017:00:06:06 +0000. Received: (SSH-2.0-libssh2_1.8.0)
2017-12-02 15:01	attacks	Brute-Force		AbuseIPDB	Nov 6 22:14:19 home sshd\[14232\]: Invalid user admin from 192.160.102.164 Nov 6 22:14:19 home sshd\[14232\]: pam_unix$sshd:auth$: authentication fa
2017-12-02 15:23	attacks	Brute-Force		AbuseIPDB	Nov 1 01:21:27 mail sshd[32766]: Invalid user admin from 192.160.102.164 Nov 1 01:21:27 mail sshd[32766]: pam_unix(sshd:auth): authentication failure;
2017-12-02 15:34	attacks	SSH		AbuseIPDB	Unauthorized access to SSH at 29/Oct/2017:20:18:09 +0000. Received: (SSH-2.0-libssh2_1.8.0)
2017-12-02 15:55	attacks	DDoS AttackWeb SpamEmail SpamPort Scan		AbuseIPDB
2017-12-02 16:02	attacks	Web App Attack		AbuseIPDB
2017-12-02 16:11	attacks	Brute-Force		AbuseIPDB	Oct 14 16:14:48 www sshd\[3660\]: Invalid user admin from 192.160.102.164 Oct 14 16:14:48 www sshd\[3660\]: pam_unix$sshd:auth$: authentication fail
2019-03-29 18:19	attacks		bi_any_1_7d	BadIPs.com
2019-03-29 18:19	attacks		bi_any_2_30d	BadIPs.com
2019-03-29 18:19	attacks		bi_any_2_7d	BadIPs.com
2019-03-29 18:19	attacks	Web App AttackCMS Attack	bi_cms_2_30d	BadIPs.com
2019-03-29 18:19	attacks		bi_http_2_30d	BadIPs.com
2019-03-29 18:20	attacks	Brute-ForceMailserver Attack	bi_mail_2_30d	BadIPs.com
2019-03-29 18:20	attacks	SSH	bi_sshd_2_30d	BadIPs.com
2019-03-29 18:20	attacks	SSH	bi_ssh_1_7d	BadIPs.com
2019-03-29 18:20	attacks	SSH	bi_ssh_2_30d	BadIPs.com
2019-03-29 18:20	attacks	Brute-ForceWindows RDP Attack	bi_wordpress_2_30d	BadIPs.com
2019-03-29 18:21	anonymizers	Tor IP	bm_tor	torstatus.blutmagie.de
2019-03-29 18:22	abuse	Bad Web BotWeb SpamBlog Spam	cleantalk_1d	CleanTalk
2019-03-29 18:23	abuse	Bad Web BotWeb SpamBlog Spam	cleantalk_updated_1d	CleanTalk
2019-03-29 18:23	anonymizers	Tor IP	dm_tor	dan.me.uk
2019-03-29 18:24	anonymizers	Tor IP	et_tor	Emerging Threats
2019-03-29 18:41	anonymizers	Open Proxy	maxmind_proxy_fraud	MaxMind.com
2019-03-29 18:42	abuse	Web SpamBad Web BotBlog SpamForum Spam	sblam	sblam.com
2019-03-29 18:42	attacks		snort_ipfilter	Snort.org Labs
2019-03-29 18:45	abuse	Web SpamForum Spam	stopforumspam	StopForumSpam.com
2019-03-29 18:47	abuse	Web SpamForum Spam	stopforumspam_180d	StopForumSpam.com
2019-03-29 18:47	abuse	Web SpamForum Spam	stopforumspam_1d	StopForumSpam.com
2019-03-29 18:48	abuse	Web SpamForum Spam	stopforumspam_30d	StopForumSpam.com
2019-03-29 18:50	abuse	Web SpamForum Spam	stopforumspam_365d	StopForumSpam.com
2019-03-29 18:51	abuse	Web SpamForum Spam	stopforumspam_7d	StopForumSpam.com
2019-03-29 18:52	abuse	Web SpamForum Spam	stopforumspam_90d	StopForumSpam.com
2019-03-29 18:53	attacks		talosintel_ipfilter	TalosIntel.com
2019-03-29 18:53	anonymizers	Tor IP	tor_exits	TorProject.org
2019-05-28 23:19	attacks	Web App AttackCMS Attack	bi_cms_1_7d	BadIPs.com
2019-05-28 23:19	attacks		bi_http_1_7d	BadIPs.com
2019-05-28 23:19	attacks	Brute-ForceWindows RDP Attack	bi_wordpress_1_7d	BadIPs.com
2019-05-28 23:30	attacks		firehol_level2	FireHOL
2019-05-28 23:34	attacks		greensnow	GreenSnow.co
2019-06-03 22:45	abuse	Email Spam	blocklist_net_ua	blocklist.net.ua
2019-06-03 23:00	attacks	SSH	nt_ssh_7d	NoThink.org
2019-06-08 17:29	abuse	Bad Web Bot	botscout_1d	BotScout.com
2019-06-18 08:30	abuse	Bad Web BotWeb SpamBlog Spam	cleantalk	CleanTalk
2019-06-18 08:32	abuse	Bad Web BotWeb SpamBlog Spam	cleantalk_updated	CleanTalk
2019-06-23 02:56	abuse	Bad Web Bot	botscout	BotScout.com
2019-06-24 02:29	attacks		bi_any_0_1d	BadIPs.com
2019-06-24 02:29	attacks		bi_any_2_1d	BadIPs.com
2019-06-24 02:30	attacks	SSH	bi_sshd_0_1d	BadIPs.com
2019-06-24 02:30	attacks	SSH	bi_sshd_1_7d	BadIPs.com
2019-06-24 02:30	attacks	SSH	bi_ssh_0_1d	BadIPs.com
2019-06-28 22:44	abuse	Bad Web BotWeb SpamBlog Spam	cleantalk_7d	CleanTalk
2019-06-28 22:44	abuse	Bad Web BotWeb SpamBlog Spam	cleantalk_updated_7d	CleanTalk
2019-06-28 22:52	attacks	Brute-Force	normshield_all_bruteforce	NormShield.com
2019-06-28 22:52	attacks	Brute-Force	normshield_high_bruteforce	NormShield.com
2019-07-09 10:39	attacks	Brute-Force	bruteforceblocker	danger.rulez.sk
2019-07-10 09:57	attacks		et_compromised	Emerging Threats
2019-07-13 06:06	attacks	Brute-ForceMailserver Attack	bi_mail_0_1d	BadIPs.com
2019-07-13 06:06	attacks	Brute-ForceMailserver Attack	bi_mail_1_7d	BadIPs.com
2019-07-13 06:06	attacks	Email Spam	bi_spam_0_1d	BadIPs.com
2019-07-13 06:06	attacks	Email Spam	bi_spam_1_7d	BadIPs.com
2019-07-26 23:20	anonymizers	Open Proxy	firehol_proxies	FireHOL
2019-07-26 23:20	malware	Malware	firehol_webclient	FireHOL
2019-07-26 23:20	attacks		firehol_webserver	FireHOL
2019-08-06 12:04	attacks	Web App AttackCMS Attack	bi_cms_0_1d	BadIPs.com
2019-08-06 12:05	attacks		bi_http_0_1d	BadIPs.com
2019-08-26 11:21	abuse	Bad Web Bot	botscout_7d	BotScout.com
2019-06-28 22:44	attacks		darklist_de	darklist.de
2019-03-29 18:22	abuse	Bad Web Bot	botscout_30d	BotScout.com

only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse

IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)

anonymizer

Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.

attacks

bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.

malware

Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 192.160.102.0 - 192.160.102.255
CIDR: 192.160.102.0/24
NetName: HEXTET
NetHandle: NET-192-160-102-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS395089
Organization: Hextet Systems (HS-291)
RegDate: 2015-07-09
Updated: 2018-01-12
Ref: https://rdap.arin.net/registry/ip/ 192.160.102.0

OrgName: Hextet Systems
OrgId: HS-291
Address: 227 Houde Dr
City: Winnipeg
StateProv: MB
PostalCode: R3V 1C7
Country: CA
RegDate: 2014-10-30
Updated: 2016-01-28
Ref: https://rdap.arin.net/registry/entity/HS-291

OrgNOCHandle: NETWO7700-ARIN
OrgNOCName: Network Operations
OrgNOCPhone: +1-204-666-2634
OrgNOCEmail: noc@hextet.net
OrgNOCRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN

OrgAbuseHandle: ABUSE5339-ARIN
OrgAbuseName: Abuse Dept
OrgAbusePhone: +1-204-666-2634
OrgAbuseEmail: abuse@hextet.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5339-ARIN

OrgTechHandle: NETWO7700-ARIN
OrgTechName: Network Operations
OrgTechPhone: +1-204-666-2634
OrgTechEmail: noc@hextet.net
OrgTechRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN

RTechHandle: NETWO7700-ARIN
RTechName: Network Operations
RTechPhone: +1-204-666-2634
RTechEmail: noc@hextet.net
RTechRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN

RAbuseHandle: ABUSE5339-ARIN
RAbuseName: Abuse Dept
RAbusePhone: +1-204-666-2634
RAbuseEmail: abuse@hextet.net
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5339-ARIN

RNOCHandle: NETWO7700-ARIN
RNOCName: Network Operations
RNOCPhone: +1-204-666-2634
RNOCEmail: noc@hextet.net
RNOCRef: https://rdap.arin.net/registry/entity/NETWO7700-ARIN

most specific ip range is highlighted

Updated : 2019-08-31