92.53.59.25 - IPInfo

Basic Info

City: Skopje

Region: Grad Skopje

Country: North Macedonia

Internet Service Provider: Company for communications services A1 Makedonija DOOEL Skopje

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 05:11:05

Type

Details

Datetime

attack

2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-28 05:11:05

Comments on same subnet:

IP	Type	Details	Datetime
92.53.59.56	attack	Email rejected due to spam filtering	2020-05-05 09:10:32
92.53.59.214	attackspam	Honeypot attack, port: 445, PTR: ctel-92-53-59-214.cabletel.com.mk.	2020-02-10 07:44:55
92.53.59.19	attack	Autoban 92.53.59.19 AUTH/CONNECT	2019-08-05 07:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.53.59.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37197
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.53.59.25.			IN	A

;; AUTHORITY SECTION:
.			167	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012701 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 05:11:01 CST 2020
;; MSG SIZE  rcvd: 115

Host info

25.59.53.92.in-addr.arpa domain name pointer ctel-92-53-59-25.cabletel.com.mk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
25.59.53.92.in-addr.arpa	name = ctel-92-53-59-25.cabletel.com.mk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.147.64.98	attackbotsspam	(imapd) Failed IMAP login from 203.147.64.98 (NC/New Caledonia/host-203-147-64-98.h17.canl.nc): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 25 08:21:55 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=203.147.64.98, lip=5.63.12.44, TLS: Connection closed, session=	2020-04-25 17:16:18
14.135.120.19	attackbots	[Fri Apr 24 23:22:17 2020] - DDoS Attack From IP: 14.135.120.19 Port: 61310	2020-04-25 17:20:13
104.168.248.155	attack	US - - [24/Apr/2020:19:09:50 +0300] POST /wp-login.php HTTP/1.1 200 4795 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 16:46:39
187.177.32.99	attackspam	Automatic report - Port Scan Attack	2020-04-25 17:07:11
185.50.149.13	attack	Apr 25 11:20:23 mail.srvfarm.net postfix/smtpd[964445]: warning: unknown[185.50.149.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 25 11:20:23 mail.srvfarm.net postfix/smtpd[964445]: lost connection after AUTH from unknown[185.50.149.13] Apr 25 11:20:24 mail.srvfarm.net postfix/smtpd[956687]: warning: unknown[185.50.149.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 25 11:20:24 mail.srvfarm.net postfix/smtpd[964661]: warning: unknown[185.50.149.13]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 25 11:20:24 mail.srvfarm.net postfix/smtpd[956687]: lost connection after AUTH from unknown[185.50.149.13]	2020-04-25 17:29:22
80.82.78.104	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 60001 proto: TCP cat: Misc Attack	2020-04-25 17:06:36
116.255.213.176	attack	Apr 25 05:36:12 ws12vmsma01 sshd[37505]: Invalid user guest from 116.255.213.176 Apr 25 05:36:14 ws12vmsma01 sshd[37505]: Failed password for invalid user guest from 116.255.213.176 port 58016 ssh2 Apr 25 05:42:39 ws12vmsma01 sshd[38422]: Invalid user maybechat from 116.255.213.176 ...	2020-04-25 16:54:48
205.205.150.19	attackspam	205.205.150.19 was recorded 207 times by 2 hosts attempting to connect to the following ports: 2404,13579,1099,14147,16010,17000,5003,8010,5432,3306,1200,8001,5001,1234,2480,3310,5900,7000,6666,2628,1311,5901,18245,5560,5007,6667,5060,8069,3000,1400,8080,7071,3388,5577,5938,7218,19150,8081,3460,3001,7474,5672,20000,5985,8086,5986,3542,7548,3260,8087,5269,6000,7657,8089,3689,7777,6001,8098,6060,3749,5357,8099,3780,6379,3784,8000,8101,4000,8126,9051,4022,9080,8129,4040,1521,2087,1433,502,2082,8181,9100,1599,465,135,4063,81,9151,2083,25565,503,8333,4064,1471,70,2086,1604,8334,21379,79,9160,2181,83,8443,9200,523,84,143,2222,4369,9390,23424,2323,27017,4443,8649,1883,175,2332,102,4444,2375,9443,179,8834,1911,9595,4567,1962,195,104,1991,323,8888,631,2021,389,636,9943,4848,113,8889,9944,2081,666,9981,8899,4949,9000,123,9999,129,789,10000,444,9001,9002,10001,992,9042,993,10243,11211,1010,12345,1023,1025. Incident counter (4h, 24h, all-time): 207, 222, 1963	2020-04-25 17:21:24
47.6.141.153	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-25 17:07:53
157.230.61.132	attackspam	$f2bV_matches	2020-04-25 17:07:27
49.235.10.177	attackbots	SSH invalid-user multiple login attempts	2020-04-25 17:06:20
218.92.0.148	attackspam	Apr 25 10:47:58 PorscheCustomer sshd[29249]: Failed password for root from 218.92.0.148 port 2514 ssh2 Apr 25 10:48:11 PorscheCustomer sshd[29249]: error: maximum authentication attempts exceeded for root from 218.92.0.148 port 2514 ssh2 [preauth] Apr 25 10:48:18 PorscheCustomer sshd[29253]: Failed password for root from 218.92.0.148 port 35193 ssh2 ...	2020-04-25 17:01:22
104.168.198.26	attackspambots	SSH login attempts.	2020-04-25 17:26:34
94.191.101.69	attackspam	SSH login attempts.	2020-04-25 17:02:03
5.101.0.209	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 4 - port: 8088 proto: TCP cat: Misc Attack	2020-04-25 16:52:50

Recently Reported IPs

165.113.98.64	75.205.113.137	62.160.193.37	31.48.63.34
35.153.138.226	77.189.17.144	163.172.100.71	82.195.7.104
42.98.61.38	92.53.44.49	187.212.241.183	73.9.102.40
87.241.160.23	88.153.238.214	90.23.201.138	203.229.64.175
80.179.22.127	129.206.205.123	108.16.238.200	24.168.234.72