40.92.18.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 20 09:29:50 debian-2gb-vpn-nbg1-1 kernel: [1201749.941866] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.45 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=41540 DF PROTO=TCP SPT=9225 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-20 15:25:09

Type

Details

Datetime

attack

Dec 20 09:29:50 debian-2gb-vpn-nbg1-1 kernel: [1201749.941866] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.45 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=41540 DF PROTO=TCP SPT=9225 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0

2019-12-20 15:25:09

Comments on same subnet:

IP	Type	Details	Datetime
40.92.18.104	spam	I receive blackmail from this ip	2020-04-17 03:53:20
40.92.18.33	spam	Made threatening comments demanding bitcoin they say they have a password and have installed spyware...	2020-04-16 05:56:03
40.92.18.33	spam	Made threatening comments demanding bitcoin they say they have a password and have installed spyware...	2020-04-16 05:55:57
40.92.18.35	attackspam	Threaten email asking for money and claiming that having installed malware and keylogger	2020-04-11 04:39:50
40.92.18.33	attackbotsspam	Dec 20 17:46:35 debian-2gb-vpn-nbg1-1 kernel: [1231554.071769] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.33 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=34967 DF PROTO=TCP SPT=17082 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-21 06:48:23
40.92.18.57	attackbots	Dec 20 13:22:14 debian-2gb-vpn-nbg1-1 kernel: [1215694.047803] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.57 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=35916 DF PROTO=TCP SPT=10113 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-20 22:21:38
40.92.18.18	attack	Dec 20 09:25:00 debian-2gb-vpn-nbg1-1 kernel: [1201460.629909] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.18 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=100 ID=16533 DF PROTO=TCP SPT=5692 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-20 20:24:35
40.92.18.104	attackspam	Dec 20 09:25:52 debian-2gb-vpn-nbg1-1 kernel: [1201512.526512] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.104 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=13237 DF PROTO=TCP SPT=11329 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-20 19:32:28
40.92.18.83	attackspambots	Dec 17 21:41:25 debian-2gb-vpn-nbg1-1 kernel: [986452.126330] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.83 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=28739 DF PROTO=TCP SPT=16516 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 04:56:30
40.92.18.54	attackbotsspam	Dec 17 19:13:07 debian-2gb-vpn-nbg1-1 kernel: [977553.689567] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.54 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=32694 DF PROTO=TCP SPT=30848 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 03:43:40
40.92.18.79	attackspambots	Dec 17 17:22:25 debian-2gb-vpn-nbg1-1 kernel: [970912.241715] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.79 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=100 ID=25278 DF PROTO=TCP SPT=4288 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-18 03:08:51
40.92.18.59	attack	Dec 17 17:23:44 debian-2gb-vpn-nbg1-1 kernel: [970990.845093] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.59 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=1592 DF PROTO=TCP SPT=6390 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 01:52:59
40.92.18.39	attackspam	Dec 17 17:23:44 debian-2gb-vpn-nbg1-1 kernel: [970991.346239] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.39 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=100 ID=10704 DF PROTO=TCP SPT=6390 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-18 01:52:17
40.92.18.92	attack	Dec 17 17:24:25 debian-2gb-vpn-nbg1-1 kernel: [971031.915585] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.92 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=100 ID=28648 DF PROTO=TCP SPT=37248 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-18 01:15:51
40.92.18.12	attackspambots	Dec 16 13:48:44 debian-2gb-vpn-nbg1-1 kernel: [871694.175211] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.18.12 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=228 ID=11100 DF PROTO=TCP SPT=49943 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-16 19:01:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 40.92.18.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35729
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;40.92.18.45.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121902 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 15:25:05 CST 2019
;; MSG SIZE  rcvd: 115

Host info

45.18.92.40.in-addr.arpa domain name pointer mail-co1nam11olkn2045.outbound.protection.outlook.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.18.92.40.in-addr.arpa	name = mail-co1nam11olkn2045.outbound.protection.outlook.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
66.70.130.151	attackspambots	Jul 9 23:30:29 MK-Soft-VM5 sshd\[9476\]: Invalid user martina from 66.70.130.151 port 42902 Jul 9 23:30:29 MK-Soft-VM5 sshd\[9476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.151 Jul 9 23:30:31 MK-Soft-VM5 sshd\[9476\]: Failed password for invalid user martina from 66.70.130.151 port 42902 ssh2 ...	2019-07-10 10:25:48
190.24.146.202	attack	Unauthorized connection attempt from IP address 190.24.146.202 on Port 445(SMB)	2019-07-10 09:42:58
167.99.158.136	attack	Jul 10 03:28:34 ovpn sshd\[14955\]: Invalid user come from 167.99.158.136 Jul 10 03:28:34 ovpn sshd\[14955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.158.136 Jul 10 03:28:35 ovpn sshd\[14955\]: Failed password for invalid user come from 167.99.158.136 port 56644 ssh2 Jul 10 03:30:41 ovpn sshd\[15358\]: Invalid user roger from 167.99.158.136 Jul 10 03:30:41 ovpn sshd\[15358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.158.136	2019-07-10 09:59:50
212.83.170.35	attackspam	\[2019-07-09 21:14:14\] NOTICE\[13443\] chan_sip.c: Registration from '"106"\' failed for '212.83.170.35:6597' - Wrong password \[2019-07-09 21:14:14\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-09T21:14:14.532-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="106",SessionID="0x7f02f8dab428",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.170.35/6597",Challenge="7c01e3cf",ReceivedChallenge="7c01e3cf",ReceivedHash="d0e209dc792d965b65610853db7b7457" \[2019-07-09 21:21:05\] NOTICE\[13443\] chan_sip.c: Registration from '"108"\' failed for '212.83.170.35:6780' - Wrong password \[2019-07-09 21:21:05\] SECURITY\[13451\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-09T21:21:05.719-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="108",SessionID="0x7f02f8f2dd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/21	2019-07-10 09:37:35
201.243.50.70	attackspam	Unauthorized connection attempt from IP address 201.243.50.70 on Port 445(SMB)	2019-07-10 09:54:36
36.75.56.180	attackspambots	Unauthorized connection attempt from IP address 36.75.56.180 on Port 445(SMB)	2019-07-10 10:12:20
182.61.170.23	attack	10 attempts against mh-pma-try-ban on oak.magehost.pro	2019-07-10 10:03:41
27.116.18.122	attack	Unauthorized connection attempt from IP address 27.116.18.122 on Port 445(SMB)	2019-07-10 10:21:35
118.70.203.68	attackbotsspam	Unauthorized connection attempt from IP address 118.70.203.68 on Port 445(SMB)	2019-07-10 09:57:02
220.194.237.43	attackbots	firewall-block, port(s): 6381/tcp	2019-07-10 10:22:46
206.189.132.184	attackbots	Jul 9 19:28:56 localhost sshd[12048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.184 Jul 9 19:28:58 localhost sshd[12048]: Failed password for invalid user oracle from 206.189.132.184 port 49726 ssh2 Jul 9 19:31:37 localhost sshd[12091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.184 Jul 9 19:31:39 localhost sshd[12091]: Failed password for invalid user jzhao from 206.189.132.184 port 49280 ssh2 ...	2019-07-10 09:42:34
138.229.101.206	attackbotsspam	Automatic report - Web App Attack	2019-07-10 09:54:57
190.72.43.108	attack	Unauthorized connection attempt from IP address 190.72.43.108 on Port 445(SMB)	2019-07-10 09:36:59
107.170.202.224	attack	09.07.2019 23:47:42 Connection to port 7199 blocked by firewall	2019-07-10 10:05:12
200.166.248.111	attackspam	Unauthorized connection attempt from IP address 200.166.248.111 on Port 445(SMB)	2019-07-10 10:24:27

Recently Reported IPs

200.66.54.132	52.168.17.46	40.92.9.61	196.188.72.19
2404:8680:1101:320:150:95:24:187	90.159.230.120	37.212.56.211	124.195.199.171
59.213.105.148	167.172.165.46	40.92.70.40	66.176.45.203
45.143.221.33	31.29.38.41	222.119.159.103	185.153.199.201
117.3.174.232	115.79.26.80	35.173.204.148	182.187.140.211