92.53.59.214 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: North Macedonia

Internet Service Provider: Company for communications services A1 Makedonija DOOEL Skopje

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: ctel-92-53-59-214.cabletel.com.mk.	2020-02-10 07:44:55

Comments on same subnet:

IP	Type	Details	Datetime
92.53.59.56	attack	Email rejected due to spam filtering	2020-05-05 09:10:32
92.53.59.25	attack	2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 05:11:05
92.53.59.19	attack	Autoban 92.53.59.19 AUTH/CONNECT	2019-08-05 07:46:56

Type

Details

Datetime

92.53.59.56

attack

Email rejected due to spam filtering

2020-05-05 09:10:32

92.53.59.25

attack

2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-28 05:11:05

92.53.59.19

attack

Autoban   92.53.59.19 AUTH/CONNECT

2019-08-05 07:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.53.59.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23979
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.53.59.214.			IN	A

;; AUTHORITY SECTION:
.			184	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020901 1800 900 604800 86400

;; Query time: 215 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 07:44:52 CST 2020
;; MSG SIZE  rcvd: 116

Host info

214.59.53.92.in-addr.arpa domain name pointer ctel-92-53-59-214.cabletel.com.mk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.59.53.92.in-addr.arpa	name = ctel-92-53-59-214.cabletel.com.mk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.171	attackspam	Nov 21 15:46:52 sso sshd[18309]: Failed password for root from 218.92.0.171 port 19542 ssh2 Nov 21 15:47:05 sso sshd[18309]: Failed password for root from 218.92.0.171 port 19542 ssh2 ...	2019-11-22 06:19:06
40.68.102.132	attackbotsspam	Lines containing failures of 40.68.102.132 Nov 18 15:12:57 shared12 sshd[7718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.68.102.132 user=r.r Nov 18 15:12:59 shared12 sshd[7718]: Failed password for r.r from 40.68.102.132 port 46004 ssh2 Nov 18 15:12:59 shared12 sshd[7718]: Received disconnect from 40.68.102.132 port 46004:11: Bye Bye [preauth] Nov 18 15:12:59 shared12 sshd[7718]: Disconnected from authenticating user r.r 40.68.102.132 port 46004 [preauth] Nov 18 15:30:47 shared12 sshd[13042]: Invalid user chinshu from 40.68.102.132 port 44922 Nov 18 15:30:47 shared12 sshd[13042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.68.102.132 Nov 18 15:30:49 shared12 sshd[13042]: Failed password for invalid user chinshu from 40.68.102.132 port 44922 ssh2 Nov 18 15:30:49 shared12 sshd[13042]: Received disconnect from 40.68.102.132 port 44922:11: Bye Bye [preauth] Nov 18 15:30:49 share........ ------------------------------	2019-11-22 06:24:18
51.83.32.232	attackbots	Nov 21 23:26:13 SilenceServices sshd[6053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.32.232 Nov 21 23:26:16 SilenceServices sshd[6053]: Failed password for invalid user mauri from 51.83.32.232 port 40752 ssh2 Nov 21 23:30:23 SilenceServices sshd[8879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.32.232 Nov 21 23:30:25 SilenceServices sshd[8879]: Failed password for invalid user users from 51.83.32.232 port 57800 ssh2	2019-11-22 06:33:51
27.75.44.107	attackspam	Unauthorized connection attempt from IP address 27.75.44.107 on Port 445(SMB)	2019-11-22 06:32:15
152.0.227.133	attackspam	SSH bruteforce (Triggered fail2ban)	2019-11-22 06:33:08
185.244.167.52	attackbotsspam	2019-11-21T14:47:18.247127abusebot-3.cloudsearch.cf sshd\[31106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.244.167.52 user=root	2019-11-22 06:06:12
185.206.224.236	attackspambots	Malicious Traffic/Form Submission	2019-11-22 06:00:50
115.236.100.114	attackbotsspam	Nov 21 21:40:03 venus sshd\[24610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.100.114 user=root Nov 21 21:40:04 venus sshd\[24610\]: Failed password for root from 115.236.100.114 port 23504 ssh2 Nov 21 21:43:56 venus sshd\[24682\]: Invalid user dinghao from 115.236.100.114 port 40503 ...	2019-11-22 06:03:13
110.42.4.3	attackspam	Nov 21 17:34:38 cavern sshd[28145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.42.4.3	2019-11-22 06:21:00
191.246.6.63	attack	SSH/22 MH Probe, BF, Hack -	2019-11-22 06:14:41
218.92.0.191	attack	Nov 21 23:06:44 dcd-gentoo sshd[14642]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 21 23:06:47 dcd-gentoo sshd[14642]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 21 23:06:44 dcd-gentoo sshd[14642]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 21 23:06:47 dcd-gentoo sshd[14642]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 21 23:06:44 dcd-gentoo sshd[14642]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 21 23:06:47 dcd-gentoo sshd[14642]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 21 23:06:47 dcd-gentoo sshd[14642]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 55838 ssh2 ...	2019-11-22 06:14:08
81.133.73.161	attackspam	SSHScan	2019-11-22 05:54:13
181.28.208.64	attackspambots	2019-11-21T13:03:51.868165-07:00 suse-nuc sshd[8686]: Invalid user raaf from 181.28.208.64 port 8213 ...	2019-11-22 05:54:24
113.22.20.73	attackbots	Unauthorized connection attempt from IP address 113.22.20.73 on Port 445(SMB)	2019-11-22 06:18:41
112.85.42.176	attack	firewall-block, port(s): 22/tcp	2019-11-22 06:24:00

Recently Reported IPs

222.222.31.70	202.124.129.68	121.233.226.96	80.211.65.73
2.52.72.96	195.128.100.129	177.53.105.87	218.28.159.8
119.237.59.250	141.98.10.151	117.7.106.57	185.2.100.97
180.251.181.51	171.242.122.128	138.128.52.212	69.156.133.68
164.132.183.206	141.98.10.152	79.173.84.160	198.12.108.14