95.58.28.25 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kazakhstan

Internet Service Provider: Ahmed Yasawi Kazakh - Turkish International University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 23 11:20:40 mailman postfix/smtpd[22846]: NOQUEUE: reject: RCPT from unknown[95.58.28.25]: 554 5.7.1 Service unavailable; Client host [95.58.28.25] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[95.58.28.25]> Aug 23 11:20:54 mailman postfix/smtpd[22846]: NOQUEUE: reject: RCPT from unknown[95.58.28.25]: 554 5.7.1 Service unavailable; Client host [95.58.28.25] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[95.58.28.25]>	2019-08-24 02:48:07

Type

Details

Datetime

attackbots

Aug 23 11:20:40 mailman postfix/smtpd[22846]: NOQUEUE: reject: RCPT from unknown[95.58.28.25]: 554 5.7.1 Service unavailable; Client host [95.58.28.25] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[95.58.28.25]>
Aug 23 11:20:54 mailman postfix/smtpd[22846]: NOQUEUE: reject: RCPT from unknown[95.58.28.25]: 554 5.7.1 Service unavailable; Client host [95.58.28.25] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[95.58.28.25]>

2019-08-24 02:48:07

Comments on same subnet:

IP	Type	Details	Datetime
95.58.28.28	attackspambots	$f2bV_matches	2019-11-19 21:33:13
95.58.28.28	attackbotsspam	Nov 7 23:33:57 xb0 sshd[32252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.28.28 user=r.r Nov 7 23:33:59 xb0 sshd[32252]: Failed password for r.r from 95.58.28.28 port 59101 ssh2 Nov 7 23:33:59 xb0 sshd[32252]: Received disconnect from 95.58.28.28: 11: Client disconnecting normally [preauth] Nov 7 23:34:02 xb0 sshd[32277]: Failed password for invalid user admin from 95.58.28.28 port 59455 ssh2 Nov 7 23:34:03 xb0 sshd[32277]: Received disconnect from 95.58.28.28: 11: Client disconnecting normally [preauth] Nov 7 23:34:05 xb0 sshd[643]: Failed password for invalid user adminixxxr from 95.58.28.28 port 59807 ssh2 Nov 7 23:34:05 xb0 sshd[643]: Received disconnect from 95.58.28.28: 11: Client disconnecting normally [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=95.58.28.28	2019-11-08 07:16:54

Type

Details

Datetime

95.58.28.28

attackspambots

$f2bV_matches

2019-11-19 21:33:13

95.58.28.28

attackbotsspam

Nov  7 23:33:57 xb0 sshd[32252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.28.28  user=r.r
Nov  7 23:33:59 xb0 sshd[32252]: Failed password for r.r from 95.58.28.28 port 59101 ssh2
Nov  7 23:33:59 xb0 sshd[32252]: Received disconnect from 95.58.28.28: 11: Client disconnecting normally [preauth]
Nov  7 23:34:02 xb0 sshd[32277]: Failed password for invalid user admin from 95.58.28.28 port 59455 ssh2
Nov  7 23:34:03 xb0 sshd[32277]: Received disconnect from 95.58.28.28: 11: Client disconnecting normally [preauth]
Nov  7 23:34:05 xb0 sshd[643]: Failed password for invalid user adminixxxr from 95.58.28.28 port 59807 ssh2
Nov  7 23:34:05 xb0 sshd[643]: Received disconnect from 95.58.28.28: 11: Client disconnecting normally [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=95.58.28.28

2019-11-08 07:16:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.58.28.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42161
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;95.58.28.25.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082301 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 02:48:01 CST 2019
;; MSG SIZE  rcvd: 115

Host info

25.28.58.95.in-addr.arpa domain name pointer mktu.turkestan.kz.
25.28.58.95.in-addr.arpa domain name pointer yesevi.edu.kz.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
25.28.58.95.in-addr.arpa	name = mktu.turkestan.kz.
25.28.58.95.in-addr.arpa	name = yesevi.edu.kz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.99.203.76	attack	email spam	2019-12-19 18:39:19
195.191.32.134	attackbotsspam	email spam	2019-12-19 18:48:59
45.248.57.19	attackbotsspam	email spam	2019-12-19 18:12:24
54.240.7.22	attackbotsspam	email spam	2019-12-19 18:40:25
80.211.9.57	attack	Dec 19 10:24:04 localhost sshd\[10441\]: Invalid user ubuntu from 80.211.9.57 port 41792 Dec 19 10:24:04 localhost sshd\[10441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.9.57 Dec 19 10:24:06 localhost sshd\[10441\]: Failed password for invalid user ubuntu from 80.211.9.57 port 41792 ssh2 ...	2019-12-19 18:39:33
45.143.98.186	attackspam	email spam	2019-12-19 18:41:01
188.75.138.234	attackspam	email spam	2019-12-19 18:23:22
202.138.251.3	attackbots	email spam	2019-12-19 18:18:32
63.81.87.211	attack	email spam	2019-12-19 18:40:07
201.219.217.70	attackbots	email spam	2019-12-19 18:19:24
200.195.188.2	attackbotsspam	email spam	2019-12-19 18:19:37
5.189.155.65	attackbotsspam	email spam	2019-12-19 18:43:52
148.235.57.183	attackbots	Dec 18 20:57:24 hpm sshd\[10404\]: Invalid user quevrin from 148.235.57.183 Dec 18 20:57:24 hpm sshd\[10404\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.57.183 Dec 18 20:57:26 hpm sshd\[10404\]: Failed password for invalid user quevrin from 148.235.57.183 port 52795 ssh2 Dec 18 21:03:51 hpm sshd\[11010\]: Invalid user guset from 148.235.57.183 Dec 18 21:03:51 hpm sshd\[11010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.235.57.183	2019-12-19 18:30:12
217.112.142.103	attackspam	email spam	2019-12-19 18:16:48
190.82.113.69	attack	email spam	2019-12-19 18:21:23

Recently Reported IPs

152.235.190.175	187.217.207.27	111.67.207.51	34.193.44.185
192.228.100.29	54.36.203.88	106.52.164.184	118.221.41.82
172.200.33.206	156.54.173.85	15.106.100.12	222.95.134.180
231.96.183.25	110.163.133.43	100.65.140.4	36.97.200.119
191.103.116.144	193.169.252.74	202.175.126.186	155.213.141.55