92.53.59.56 - IPInfo

Basic Info

City: Skopje

Region: unknown

Country: North Macedonia

Internet Service Provider: Company for communications services A1 Makedonija DOOEL Skopje

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Email rejected due to spam filtering	2020-05-05 09:10:32

Comments on same subnet:

IP	Type	Details	Datetime
92.53.59.214	attackspam	Honeypot attack, port: 445, PTR: ctel-92-53-59-214.cabletel.com.mk.	2020-02-10 07:44:55
92.53.59.25	attack	2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 05:11:05
92.53.59.19	attack	Autoban 92.53.59.19 AUTH/CONNECT	2019-08-05 07:46:56

Type

Details

Datetime

92.53.59.214

attackspam

Honeypot attack, port: 445, PTR: ctel-92-53-59-214.cabletel.com.mk.

2020-02-10 07:44:55

92.53.59.25

attack

2019-07-06 12:17:27 1hjhl0-0003pK-H9 SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31186 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:40 1hjhlE-0003pf-7L SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31367 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-07-06 12:17:46 1hjhlJ-0003pi-4Y SMTP connection from \(ctel-92-53-59-25.cabletel.com.mk\) \[92.53.59.25\]:31432 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-01-28 05:11:05

92.53.59.19

attack

Autoban   92.53.59.19 AUTH/CONNECT

2019-08-05 07:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.53.59.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.53.59.56.			IN	A

;; AUTHORITY SECTION:
.			415	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050403 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 09:10:28 CST 2020
;; MSG SIZE  rcvd: 115

Host info

56.59.53.92.in-addr.arpa domain name pointer ctel-92-53-59-56.cabletel.com.mk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
56.59.53.92.in-addr.arpa	name = ctel-92-53-59-56.cabletel.com.mk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
64.31.33.70	attack	\[2019-07-12 19:08:08\] NOTICE\[22786\] chan_sip.c: Registration from '"2010" \' failed for '64.31.33.70:5753' - Wrong password \[2019-07-12 19:08:08\] SECURITY\[22794\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-12T19:08:08.193-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2010",SessionID="0x7f7544230ac8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.31.33.70/5753",Challenge="7b19e12b",ReceivedChallenge="7b19e12b",ReceivedHash="abb0baaa9f8c0e9835ca3ccf232dff1e" \[2019-07-12 19:08:08\] NOTICE\[22786\] chan_sip.c: Registration from '"2010" \' failed for '64.31.33.70:5753' - Wrong password \[2019-07-12 19:08:08\] SECURITY\[22794\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-07-12T19:08:08.269-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2010",SessionID="0x7f75441b6d18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/	2019-07-13 07:12:33
122.114.79.98	attackbots	Jul 12 23:05:41 icinga sshd[7191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.79.98 Jul 12 23:05:43 icinga sshd[7191]: Failed password for invalid user cyrus from 122.114.79.98 port 44312 ssh2 ...	2019-07-13 07:15:00
185.209.0.40	attackbots	RDP Bruteforce	2019-07-13 07:34:46
165.22.78.120	attackspambots	2019-07-13T06:08:11.625814enmeeting.mahidol.ac.th sshd\[11473\]: Invalid user simple from 165.22.78.120 port 41776 2019-07-13T06:08:11.644484enmeeting.mahidol.ac.th sshd\[11473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.120 2019-07-13T06:08:13.462405enmeeting.mahidol.ac.th sshd\[11473\]: Failed password for invalid user simple from 165.22.78.120 port 41776 ssh2 ...	2019-07-13 07:44:20
129.213.63.120	attack	Jul 12 22:00:15 eventyay sshd[32033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.63.120 Jul 12 22:00:17 eventyay sshd[32033]: Failed password for invalid user fa from 129.213.63.120 port 48260 ssh2 Jul 12 22:05:11 eventyay sshd[858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.63.120 ...	2019-07-13 07:23:34
198.108.67.46	attack	" "	2019-07-13 07:15:43
27.23.28.99	attackspambots	Jul 12 21:58:43 Serveur sshd[9028]: Failed password for r.r from 27.23.28.99 port 53380 ssh2 Jul 12 21:58:43 Serveur sshd[9028]: Failed password for r.r from 27.23.28.99 port 53380 ssh2 Jul 12 21:58:43 Serveur sshd[9028]: Failed password for r.r from 27.23.28.99 port 53380 ssh2 Jul 12 21:58:43 Serveur sshd[9028]: Failed password for r.r from 27.23.28.99 port 53380 ssh2 Jul 12 21:58:44 Serveur sshd[9028]: Failed password for r.r from 27.23.28.99 port 53380 ssh2 Jul 12 21:58:44 Serveur sshd[9028]: Failed password for r.r from 27.23.28.99 port 53380 ssh2 Jul 12 21:58:44 Serveur sshd[9028]: error: maximum authentication attempts exceeded for r.r from 27.23.28.99 port 53380 ssh2 [preauth] Jul 12 21:58:44 Serveur sshd[9028]: Disconnecting authenticating user r.r 27.23.28.99 port 53380: Too many authentication failures [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.23.28.99	2019-07-13 07:18:04
103.42.57.65	attack	Jul 13 00:45:26 * sshd[28400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.42.57.65 Jul 13 00:45:29 * sshd[28400]: Failed password for invalid user userftp from 103.42.57.65 port 43734 ssh2	2019-07-13 07:28:35
128.199.221.18	attackspam	Invalid user gere from 128.199.221.18 port 46201	2019-07-13 07:22:38
49.247.211.10	attackbotsspam	WordPress brute force	2019-07-13 07:25:05
185.209.0.28	attackbotsspam	RDP Bruteforce	2019-07-13 07:45:52
190.210.180.168	attackbotsspam	Honeypot hit.	2019-07-13 07:19:30
186.118.138.10	attackbotsspam	Jul 13 00:32:32 bouncer sshd\[7506\]: Invalid user hmsftp from 186.118.138.10 port 37764 Jul 13 00:32:32 bouncer sshd\[7506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.118.138.10 Jul 13 00:32:34 bouncer sshd\[7506\]: Failed password for invalid user hmsftp from 186.118.138.10 port 37764 ssh2 ...	2019-07-13 07:31:47
138.68.250.247	attackbotsspam	Jul 10 22:18:31 mailrelay sshd[20876]: Invalid user sysop from 138.68.250.247 port 34054 Jul 10 22:18:31 mailrelay sshd[20876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.250.247 Jul 10 22:18:32 mailrelay sshd[20876]: Failed password for invalid user sysop from 138.68.250.247 port 34054 ssh2 Jul 10 22:18:33 mailrelay sshd[20876]: Received disconnect from 138.68.250.247 port 34054:11: Bye Bye [preauth] Jul 10 22:18:33 mailrelay sshd[20876]: Disconnected from 138.68.250.247 port 34054 [preauth] Jul 10 22:20:31 mailrelay sshd[20944]: Invalid user gong from 138.68.250.247 port 56616 Jul 10 22:20:31 mailrelay sshd[20944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.250.247 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.68.250.247	2019-07-13 07:24:47
111.231.75.83	attackbots	Mar 8 21:18:03 vtv3 sshd\[11997\]: Invalid user ha from 111.231.75.83 port 60840 Mar 8 21:18:03 vtv3 sshd\[11997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Mar 8 21:18:06 vtv3 sshd\[11997\]: Failed password for invalid user ha from 111.231.75.83 port 60840 ssh2 Mar 8 21:26:38 vtv3 sshd\[15418\]: Invalid user jj from 111.231.75.83 port 33636 Mar 8 21:26:38 vtv3 sshd\[15418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Mar 22 23:32:45 vtv3 sshd\[20153\]: Invalid user jz from 111.231.75.83 port 47686 Mar 22 23:32:45 vtv3 sshd\[20153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Mar 22 23:32:46 vtv3 sshd\[20153\]: Failed password for invalid user jz from 111.231.75.83 port 47686 ssh2 Mar 22 23:40:57 vtv3 sshd\[23662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83	2019-07-13 07:39:33

Recently Reported IPs

190.88.172.144	189.11.81.142	64.227.76.63	242.84.156.86
25.151.70.110	189.26.49.39	218.226.3.185	170.238.147.252
210.150.187.183	42.113.3.118	197.40.115.95	36.85.3.73
209.58.158.246	182.61.177.11	39.64.110.124	62.198.57.17
45.227.87.164	12.229.124.189	95.72.242.184	103.145.12.73