92.53.59.25 - IPInfo

Basic Info

City: Skopje

Region: Grad Skopje

Country: North Macedonia

Internet Service Provider: Company for communications services A1 Makedonija DOOEL Skopje

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 05:11:05

Type

Details

Datetime

attack

2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-28 05:11:05

Comments on same subnet:

IP	Type	Details	Datetime
92.53.59.56	attack	Email rejected due to spam filtering	2020-05-05 09:10:32
92.53.59.214	attackspam	Honeypot attack, port: 445, PTR: ctel-92-53-59-214.cabletel.com.mk.	2020-02-10 07:44:55
92.53.59.19	attack	Autoban 92.53.59.19 AUTH/CONNECT	2019-08-05 07:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.53.59.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37197
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.53.59.25.			IN	A

;; AUTHORITY SECTION:
.			167	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012701 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 05:11:01 CST 2020
;; MSG SIZE  rcvd: 115

Host info

25.59.53.92.in-addr.arpa domain name pointer ctel-92-53-59-25.cabletel.com.mk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
25.59.53.92.in-addr.arpa	name = ctel-92-53-59-25.cabletel.com.mk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.182.190.64	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:58:56,477 INFO [shellcode_manager] (37.182.190.64) no match, writing hexdump (1902f87d71ef67b6a51d22b6d558c3d9 :2028332) - MS17010 (EternalBlue)	2019-07-06 10:23:57
91.236.66.123	attackspam	Autoban 91.236.66.123 AUTH/CONNECT	2019-07-06 10:23:11
58.64.200.156	attackspam	firewall-block, port(s): 445/tcp	2019-07-06 10:32:03
159.69.221.33	attack	Jul 6 03:19:11 dcd-gentoo sshd[9177]: Invalid user Stockholm from 159.69.221.33 port 58348 Jul 6 03:19:13 dcd-gentoo sshd[9177]: error: PAM: Authentication failure for illegal user Stockholm from 159.69.221.33 Jul 6 03:19:11 dcd-gentoo sshd[9177]: Invalid user Stockholm from 159.69.221.33 port 58348 Jul 6 03:19:13 dcd-gentoo sshd[9177]: error: PAM: Authentication failure for illegal user Stockholm from 159.69.221.33 Jul 6 03:19:11 dcd-gentoo sshd[9177]: Invalid user Stockholm from 159.69.221.33 port 58348 Jul 6 03:19:13 dcd-gentoo sshd[9177]: error: PAM: Authentication failure for illegal user Stockholm from 159.69.221.33 Jul 6 03:19:13 dcd-gentoo sshd[9177]: Failed keyboard-interactive/pam for invalid user Stockholm from 159.69.221.33 port 58348 ssh2 ...	2019-07-06 10:52:09
188.254.38.186	attackspam	188.254.38.186 - - \[05/Jul/2019:20:54:57 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 188.254.38.186 - - \[05/Jul/2019:20:54:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-07-06 10:19:47
171.253.194.49	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:58:47,472 INFO [shellcode_manager] (171.253.194.49) no match, writing hexdump (993c42cf24d635c522db7b4a1cc2b751 :2219695) - MS17010 (EternalBlue)	2019-07-06 10:41:29
116.235.244.73	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-03 22:29:03,823 INFO [shellcode_manager] (116.235.244.73) no match, writing hexdump (068d96ad7da5c15b31262499eddec8d4 :2117768) - MS17010 (EternalBlue)	2019-07-06 10:48:29
197.50.239.28	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 16:08:07,936 INFO [amun_request_handler] PortScan Detected on Port: 445 (197.50.239.28)	2019-07-06 10:15:48
183.83.135.121	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 15:58:48,727 INFO [shellcode_manager] (183.83.135.121) no match, writing hexdump (666c839490f463e67c45cee65a1993fa :2177599) - MS17010 (EternalBlue)	2019-07-06 10:39:25
92.19.139.126	attackspam	NAME : CPWBBSERV-NET CIDR : 92.16.0.0/13 DDoS attack United Kingdom - block certain countries :) IP: 92.19.139.126 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-06 10:09:17
176.37.107.167	attackbots	[portscan] Port scan	2019-07-06 10:43:46
213.136.88.141	attack	Jul 6 01:03:00 rpi sshd[14849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.136.88.141 Jul 6 01:03:01 rpi sshd[14849]: Failed password for invalid user pass from 213.136.88.141 port 38340 ssh2	2019-07-06 10:11:17
104.236.2.45	attackspambots	Jul 6 02:48:12 mail sshd[11423]: Invalid user ltenti from 104.236.2.45 Jul 6 02:48:12 mail sshd[11423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.2.45 Jul 6 02:48:12 mail sshd[11423]: Invalid user ltenti from 104.236.2.45 Jul 6 02:48:14 mail sshd[11423]: Failed password for invalid user ltenti from 104.236.2.45 port 56546 ssh2 Jul 6 02:53:54 mail sshd[11999]: Invalid user idc from 104.236.2.45 ...	2019-07-06 10:33:16
117.131.215.170	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-07-06 10:06:11
176.109.176.162	attackspambots	" "	2019-07-06 10:07:02

Recently Reported IPs

165.113.98.64	75.205.113.137	62.160.193.37	31.48.63.34
35.153.138.226	77.189.17.144	163.172.100.71	82.195.7.104
42.98.61.38	92.53.44.49	187.212.241.183	73.9.102.40
87.241.160.23	88.153.238.214	90.23.201.138	203.229.64.175
80.179.22.127	129.206.205.123	108.16.238.200	24.168.234.72