139.59.92.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	WordPress brute force	2020-06-17 08:39:00
attackspam	fail2ban honeypot	2019-12-26 22:07:40
attackbotsspam	LGS,WP GET /wp-login.php	2019-12-19 01:01:39
attackspambots	139.59.92.2 - - \[19/Nov/2019:15:44:59 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[19/Nov/2019:15:45:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[19/Nov/2019:15:45:01 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-20 01:37:00
attackbots	Automatic report - XMLRPC Attack	2019-11-18 16:52:21
attackspambots	139.59.92.2 - - \[17/Nov/2019:10:25:11 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[17/Nov/2019:10:25:13 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[17/Nov/2019:10:25:19 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-17 20:54:04
attackbots	139.59.92.2 - - \[14/Nov/2019:09:20:38 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[14/Nov/2019:09:20:44 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-14 22:04:33
attackbotsspam	xmlrpc attack	2019-11-14 08:39:16
attack	fail2ban honeypot	2019-10-19 07:41:06
attackbots	WordPress wp-login brute force :: 139.59.92.2 0.056 BYPASS [03/Sep/2019:08:59:47 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-03 15:22:55

Comments on same subnet:

IP	Type	Details	Datetime
139.59.92.135	attack	Sep 19 00:11:36 theomazars sshd[24713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.135 user=root Sep 19 00:11:38 theomazars sshd[24713]: Failed password for root from 139.59.92.135 port 37564 ssh2	2020-09-20 00:43:30
139.59.92.135	attackbotsspam	Sep 19 00:11:36 theomazars sshd[24713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.135 user=root Sep 19 00:11:38 theomazars sshd[24713]: Failed password for root from 139.59.92.135 port 37564 ssh2	2020-09-19 16:32:13
139.59.92.19	attackspam	Sep 9 19:07:16 rocket sshd[25879]: Failed password for root from 139.59.92.19 port 34424 ssh2 Sep 9 19:11:22 rocket sshd[26662]: Failed password for root from 139.59.92.19 port 40638 ssh2 ...	2020-09-10 02:11:28
139.59.92.19	attackspambots	TCP (SYN) 139.59.92.19:54389 -> port 17475, len 44	2020-09-08 02:43:17
139.59.92.19	attack	Port scan denied	2020-09-07 18:10:53
139.59.92.19	attackbots	Invalid user riana from 139.59.92.19 port 60256	2020-09-04 21:39:40
139.59.92.19	attack	$f2bV_matches	2020-09-04 13:17:18
139.59.92.19	attackbots	" "	2020-09-04 05:46:08
139.59.92.19	attack	Sep 1 02:28:19 mout sshd[8720]: Invalid user theo from 139.59.92.19 port 45262	2020-09-01 08:56:06
139.59.92.19	attackbots	Aug 19 22:28:51 santamaria sshd\[8879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.19 user=root Aug 19 22:28:53 santamaria sshd\[8879\]: Failed password for root from 139.59.92.19 port 36556 ssh2 Aug 19 22:33:02 santamaria sshd\[8939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.19 user=mysql ...	2020-08-20 04:48:36
139.59.92.19	attackspam	Failed password for postgres from 139.59.92.19 port 52552 ssh2 Invalid user ganyi from 139.59.92.19 port 34042 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.19 Invalid user ganyi from 139.59.92.19 port 34042 Failed password for invalid user ganyi from 139.59.92.19 port 34042 ssh2	2020-08-18 20:05:12
139.59.92.190	attackbotsspam	SSH Brute-Force Attack	2020-05-04 07:29:05
139.59.92.117	attackbotsspam	Unauthorized connection attempt detected from IP address 139.59.92.117 to port 2220 [J]	2020-02-02 01:15:16
139.59.92.117	attackspam	Jan 11 15:34:37 zulu412 sshd\[2811\]: Invalid user ubuntu from 139.59.92.117 port 45208 Jan 11 15:34:37 zulu412 sshd\[2811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.117 Jan 11 15:34:39 zulu412 sshd\[2811\]: Failed password for invalid user ubuntu from 139.59.92.117 port 45208 ssh2 ...	2020-01-11 23:48:14
139.59.92.117	attackbotsspam	3x Failed Password	2020-01-11 19:30:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.92.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45586
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.92.2.			IN	A

;; AUTHORITY SECTION:
.			2561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 03 15:22:49 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.92.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.92.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.26.68.41	attack	Aug 24 17:25:42 sxvn sshd[18139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.68.41	2020-08-25 00:05:41
2600:3c01::f03c:92ff:fe67:651a	attackspam	2020-08-24 19:49:40(GMT+8) - /wp/wp-admin/	2020-08-24 23:52:38
165.232.43.210	attack	1598269756 - 08/24/2020 13:49:16 Host: 165.232.43.210/165.232.43.210 Port: 8080 TCP Blocked	2020-08-25 00:01:45
58.211.247.62	attackbots	[portscan] Port scan	2020-08-24 23:56:42
159.203.190.189	attack	Aug 24 13:46:53 ns382633 sshd\[418\]: Invalid user jake from 159.203.190.189 port 41573 Aug 24 13:46:53 ns382633 sshd\[418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.190.189 Aug 24 13:46:55 ns382633 sshd\[418\]: Failed password for invalid user jake from 159.203.190.189 port 41573 ssh2 Aug 24 13:49:38 ns382633 sshd\[613\]: Invalid user dell from 159.203.190.189 port 55824 Aug 24 13:49:38 ns382633 sshd\[613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.190.189	2020-08-24 23:53:22
104.236.244.98	attack	2020-08-24T18:26:04.198568paragon sshd[120697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.244.98 2020-08-24T18:26:04.195780paragon sshd[120697]: Invalid user orca from 104.236.244.98 port 39884 2020-08-24T18:26:05.714508paragon sshd[120697]: Failed password for invalid user orca from 104.236.244.98 port 39884 ssh2 2020-08-24T18:29:47.997810paragon sshd[121008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.244.98 user=root 2020-08-24T18:29:49.793943paragon sshd[121008]: Failed password for root from 104.236.244.98 port 46448 ssh2 ...	2020-08-24 23:51:11
187.167.64.230	attackbots	Automatic report - Port Scan Attack	2020-08-24 23:37:08
222.186.190.2	attack	Aug 24 16:00:17 rush sshd[18239]: Failed password for root from 222.186.190.2 port 47500 ssh2 Aug 24 16:00:21 rush sshd[18239]: Failed password for root from 222.186.190.2 port 47500 ssh2 Aug 24 16:00:25 rush sshd[18239]: Failed password for root from 222.186.190.2 port 47500 ssh2 Aug 24 16:00:28 rush sshd[18239]: Failed password for root from 222.186.190.2 port 47500 ssh2 ...	2020-08-25 00:04:46
188.165.24.200	attackspambots	Aug 24 17:55:35 server sshd[16552]: Failed password for invalid user rosana from 188.165.24.200 port 50264 ssh2 Aug 24 17:59:28 server sshd[21440]: Failed password for invalid user francis from 188.165.24.200 port 59354 ssh2 Aug 24 18:03:20 server sshd[26860]: Failed password for invalid user nikhil from 188.165.24.200 port 40248 ssh2	2020-08-25 00:09:41
192.95.30.59	attackspambots	192.95.30.59 - - [24/Aug/2020:16:43:25 +0100] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.59 - - [24/Aug/2020:16:44:54 +0100] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.59 - - [24/Aug/2020:16:48:06 +0100] "POST /wp-login.php HTTP/1.1" 200 6029 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-24 23:58:09
14.161.27.203	attack	Dovecot Invalid User Login Attempt.	2020-08-24 23:33:50
120.92.2.217	attackbots	Aug 24 14:34:58 h2779839 sshd[31002]: Invalid user user from 120.92.2.217 port 25178 Aug 24 14:34:58 h2779839 sshd[31002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 Aug 24 14:34:58 h2779839 sshd[31002]: Invalid user user from 120.92.2.217 port 25178 Aug 24 14:35:00 h2779839 sshd[31002]: Failed password for invalid user user from 120.92.2.217 port 25178 ssh2 Aug 24 14:38:36 h2779839 sshd[31063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 user=root Aug 24 14:38:37 h2779839 sshd[31063]: Failed password for root from 120.92.2.217 port 60752 ssh2 Aug 24 14:42:09 h2779839 sshd[31155]: Invalid user kyang from 120.92.2.217 port 31896 Aug 24 14:42:09 h2779839 sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 Aug 24 14:42:09 h2779839 sshd[31155]: Invalid user kyang from 120.92.2.217 port 31896 Aug 24 14:42:11 h277983 ...	2020-08-24 23:54:13
27.223.154.127	attack	Port Scan detected! ...	2020-08-25 00:15:08
74.113.118.14	attackspam	image scraping attack 74.113.118.14 - - [24/Aug/2020:00:43:04 -0400] "GET /GTR-Rear.jpg HTTP/2.0" 403 282 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" 0 0 "on:TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384" 223 3291 - 74.113.118.14 - - [24/Aug/2020:00:43:05 -0400] "GET /GTR-Rear.jpg HTTP/2.0" 403 250 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" 0 0 "on:TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384" 35 1661 - 74.113.118.14 - - [24/Aug/2020:00:43:06 -0400] "GET /GTR-Rear.jpg HTTP/2.0" 403 250 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15" 0 0 "on:TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384" 35 1521 -	2020-08-24 23:43:23
49.234.95.189	attackspam	2020-08-24T12:21:42.086445abusebot-8.cloudsearch.cf sshd[4502]: Invalid user mna from 49.234.95.189 port 52098 2020-08-24T12:21:42.093044abusebot-8.cloudsearch.cf sshd[4502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.95.189 2020-08-24T12:21:42.086445abusebot-8.cloudsearch.cf sshd[4502]: Invalid user mna from 49.234.95.189 port 52098 2020-08-24T12:21:44.206241abusebot-8.cloudsearch.cf sshd[4502]: Failed password for invalid user mna from 49.234.95.189 port 52098 ssh2 2020-08-24T12:27:34.405019abusebot-8.cloudsearch.cf sshd[4557]: Invalid user testuser from 49.234.95.189 port 59014 2020-08-24T12:27:34.412285abusebot-8.cloudsearch.cf sshd[4557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.95.189 2020-08-24T12:27:34.405019abusebot-8.cloudsearch.cf sshd[4557]: Invalid user testuser from 49.234.95.189 port 59014 2020-08-24T12:27:35.848013abusebot-8.cloudsearch.cf sshd[4557]: Failed passwor ...	2020-08-25 00:14:15

Recently Reported IPs

109.102.111.64	88.245.211.51	61.174.252.201	2.201.84.254
84.201.138.240	177.19.166.199	124.160.102.196	218.98.40.148
49.85.249.71	2.53.9.188	143.231.229.135	188.197.209.173
90.189.151.12	64.192.91.3	149.56.173.82	174.140.249.49
103.78.214.7	195.24.2.247	1.55.56.74	52.252.200.17