40.92.5.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Microsoft Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 17 20:19:47 debian-2gb-vpn-nbg1-1 kernel: [981554.129176] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.80 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=2483 DF PROTO=TCP SPT=6845 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-18 06:05:28

类型

评论内容

时间

attack

Dec 17 20:19:47 debian-2gb-vpn-nbg1-1 kernel: [981554.129176] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.80 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=2483 DF PROTO=TCP SPT=6845 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0

2019-12-18 06:05:28

相同子网IP讨论:

IP	类型	评论内容	时间
40.92.52.99	spam	tried to tell me DPD parcel delivery couldn't deliver a parcel I never ordered. SPAM.	2023-07-13 05:03:55
40.92.55.35	attackspam	persona non grata	2020-05-27 07:51:34
40.92.5.44	attackspam	Dec 20 11:03:59 debian-2gb-vpn-nbg1-1 kernel: [1207399.081674] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.44 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=7625 DF PROTO=TCP SPT=35810 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-20 18:01:03
40.92.5.32	attackspam	Dec 20 09:48:10 debian-2gb-vpn-nbg1-1 kernel: [1202849.819287] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.32 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=48742 DF PROTO=TCP SPT=44263 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-20 17:20:28
40.92.5.65	attackspam	Dec 20 07:55:59 debian-2gb-vpn-nbg1-1 kernel: [1196119.185370] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.65 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=28004 DF PROTO=TCP SPT=46311 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-20 13:53:59
40.92.5.22	attackspam	Dec 18 17:58:26 debian-2gb-vpn-nbg1-1 kernel: [1059470.724362] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.22 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=29633 DF PROTO=TCP SPT=32398 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-19 06:11:51
40.92.5.97	attackspambots	Dec 18 17:31:05 debian-2gb-vpn-nbg1-1 kernel: [1057829.799740] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.97 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=12839 DF PROTO=TCP SPT=61550 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-19 05:22:53
40.92.5.72	attackbots	Dec 18 19:54:45 debian-2gb-vpn-nbg1-1 kernel: [1066448.800397] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.72 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=14936 DF PROTO=TCP SPT=2272 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-19 02:00:47
40.92.5.12	attackbotsspam	Dec 18 17:34:45 debian-2gb-vpn-nbg1-1 kernel: [1058049.628596] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.12 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=348 DF PROTO=TCP SPT=61414 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-19 01:59:50
40.92.5.46	attackbotsspam	Dec 18 18:46:25 debian-2gb-vpn-nbg1-1 kernel: [1062349.704333] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.46 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=1830 DF PROTO=TCP SPT=55938 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-19 01:19:50
40.92.5.59	attack	Dec 18 17:36:04 debian-2gb-vpn-nbg1-1 kernel: [1058128.865046] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.59 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=21903 DF PROTO=TCP SPT=60455 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-19 00:40:46
40.92.5.27	attack	Dec 18 09:50:09 debian-2gb-vpn-nbg1-1 kernel: [1030173.918395] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.27 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=231 ID=9591 DF PROTO=TCP SPT=10281 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 19:07:12
40.92.5.63	attackspambots	Dec 18 09:29:27 debian-2gb-vpn-nbg1-1 kernel: [1028932.643285] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.63 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=103 ID=28254 DF PROTO=TCP SPT=13829 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-18 16:08:18
40.92.5.41	attackspam	Dec 18 01:26:25 debian-2gb-vpn-nbg1-1 kernel: [999951.231737] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.41 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=54470 DF PROTO=TCP SPT=44942 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 07:14:04
40.92.5.41	attackbotsspam	Dec 17 19:18:25 debian-2gb-vpn-nbg1-1 kernel: [977871.625948] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.41 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=56932 DF PROTO=TCP SPT=33671 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 05:50:12

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 40.92.5.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47241
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;40.92.5.80.			IN	A

;; AUTHORITY SECTION:
.			273	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121702 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 18 06:05:25 CST 2019
;; MSG SIZE  rcvd: 114

HOST信息:

80.5.92.40.in-addr.arpa domain name pointer mail-oln040092005080.outbound.protection.outlook.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
80.5.92.40.in-addr.arpa	name = mail-oln040092005080.outbound.protection.outlook.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.201.143.16	attackspam	port scan and connect, tcp 23 (telnet)	2020-01-11 20:12:03
42.118.219.202	attackbots	Unauthorized connection attempt from IP address 42.118.219.202 on Port 445(SMB)	2020-01-11 20:09:11
14.242.109.66	attackbots	Jan 11 05:47:09 grey postfix/smtpd\[10131\]: NOQUEUE: reject: RCPT from unknown\[14.242.109.66\]: 554 5.7.1 Service unavailable\; Client host \[14.242.109.66\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[14.242.109.66\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 20:30:16
200.109.223.235	attack	Unauthorized connection attempt from IP address 200.109.223.235 on Port 445(SMB)	2020-01-11 20:21:54
117.4.120.185	attackbotsspam	Unauthorized connection attempt from IP address 117.4.120.185 on Port 445(SMB)	2020-01-11 20:04:18
196.29.164.164	attack	Unauthorized connection attempt from IP address 196.29.164.164 on Port 445(SMB)	2020-01-11 20:04:41
222.89.6.58	attack	Unauthorized connection attempt from IP address 222.89.6.58 on Port 445(SMB)	2020-01-11 20:43:00
174.4.245.109	attack	$f2bV_matches	2020-01-11 20:36:36
14.155.220.235	attackbotsspam	1578723848 - 01/11/2020 07:24:08 Host: 14.155.220.235/14.155.220.235 Port: 445 TCP Blocked	2020-01-11 20:42:36
60.170.209.19	attack	Unauthorized connection attempt detected from IP address 60.170.209.19 to port 22 [T]	2020-01-11 20:35:01
186.92.111.124	attackbotsspam	1578718017 - 01/11/2020 05:46:57 Host: 186.92.111.124/186.92.111.124 Port: 445 TCP Blocked	2020-01-11 20:41:02
190.64.213.155	attackbots	Jan 7 04:32:35 kmh-wsh-001-nbg03 sshd[324]: Invalid user deploy from 190.64.213.155 port 57634 Jan 7 04:32:35 kmh-wsh-001-nbg03 sshd[324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.213.155 Jan 7 04:32:38 kmh-wsh-001-nbg03 sshd[324]: Failed password for invalid user deploy from 190.64.213.155 port 57634 ssh2 Jan 7 04:32:38 kmh-wsh-001-nbg03 sshd[324]: Received disconnect from 190.64.213.155 port 57634:11: Bye Bye [preauth] Jan 7 04:32:38 kmh-wsh-001-nbg03 sshd[324]: Disconnected from 190.64.213.155 port 57634 [preauth] Jan 7 04:42:47 kmh-wsh-001-nbg03 sshd[1499]: Invalid user voicebot from 190.64.213.155 port 58720 Jan 7 04:42:47 kmh-wsh-001-nbg03 sshd[1499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.213.155 Jan 7 04:42:50 kmh-wsh-001-nbg03 sshd[1499]: Failed password for invalid user voicebot from 190.64.213.155 port 58720 ssh2 Jan 7 04:42:50 kmh-wsh-001-nb........ -------------------------------	2020-01-11 20:40:10
36.74.34.69	attack	Unauthorized connection attempt from IP address 36.74.34.69 on Port 445(SMB)	2020-01-11 20:37:52
165.22.78.222	attackbots	Jan 11 10:05:33 ws12vmsma01 sshd[38894]: Failed password for invalid user pluto from 165.22.78.222 port 56018 ssh2 Jan 11 10:08:11 ws12vmsma01 sshd[39257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.222 user=root Jan 11 10:08:13 ws12vmsma01 sshd[39257]: Failed password for root from 165.22.78.222 port 56002 ssh2 ...	2020-01-11 20:44:07
118.69.109.37	attackspam	Unauthorized connection attempt from IP address 118.69.109.37 on Port 445(SMB)	2020-01-11 20:05:09

最近上报的IP列表

36.90.41.100	200.169.2.226	52.191.197.216	58.224.193.185
40.92.41.14	90.157.63.62	40.92.66.56	75.213.26.21
41.3.3.60	223.108.61.28	189.172.56.21	62.215.92.170
125.161.104.163	46.214.46.55	163.172.152.52	194.111.90.194
175.34.50.50	226.187.111.92	184.173.113.255	99.176.217.213