139.59.92.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Digital Ocean Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	WordPress brute force	2020-06-17 08:39:00
attackspam	fail2ban honeypot	2019-12-26 22:07:40
attackbotsspam	LGS,WP GET /wp-login.php	2019-12-19 01:01:39
attackspambots	139.59.92.2 - - \[19/Nov/2019:15:44:59 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[19/Nov/2019:15:45:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[19/Nov/2019:15:45:01 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-20 01:37:00
attackbots	Automatic report - XMLRPC Attack	2019-11-18 16:52:21
attackspambots	139.59.92.2 - - \[17/Nov/2019:10:25:11 +0100\] "POST /wp-login.php HTTP/1.0" 200 4474 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[17/Nov/2019:10:25:13 +0100\] "POST /wp-login.php HTTP/1.0" 200 4287 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[17/Nov/2019:10:25:19 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-17 20:54:04
attackbots	139.59.92.2 - - \[14/Nov/2019:09:20:38 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.92.2 - - \[14/Nov/2019:09:20:44 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-14 22:04:33
attackbotsspam	xmlrpc attack	2019-11-14 08:39:16
attack	fail2ban honeypot	2019-10-19 07:41:06
attackbots	WordPress wp-login brute force :: 139.59.92.2 0.056 BYPASS [03/Sep/2019:08:59:47 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-03 15:22:55

Comments on same subnet:

IP	Type	Details	Datetime
139.59.92.135	attack	Sep 19 00:11:36 theomazars sshd[24713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.135 user=root Sep 19 00:11:38 theomazars sshd[24713]: Failed password for root from 139.59.92.135 port 37564 ssh2	2020-09-20 00:43:30
139.59.92.135	attackbotsspam	Sep 19 00:11:36 theomazars sshd[24713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.135 user=root Sep 19 00:11:38 theomazars sshd[24713]: Failed password for root from 139.59.92.135 port 37564 ssh2	2020-09-19 16:32:13
139.59.92.19	attackspam	Sep 9 19:07:16 rocket sshd[25879]: Failed password for root from 139.59.92.19 port 34424 ssh2 Sep 9 19:11:22 rocket sshd[26662]: Failed password for root from 139.59.92.19 port 40638 ssh2 ...	2020-09-10 02:11:28
139.59.92.19	attackspambots	TCP (SYN) 139.59.92.19:54389 -> port 17475, len 44	2020-09-08 02:43:17
139.59.92.19	attack	Port scan denied	2020-09-07 18:10:53
139.59.92.19	attackbots	Invalid user riana from 139.59.92.19 port 60256	2020-09-04 21:39:40
139.59.92.19	attack	$f2bV_matches	2020-09-04 13:17:18
139.59.92.19	attackbots	" "	2020-09-04 05:46:08
139.59.92.19	attack	Sep 1 02:28:19 mout sshd[8720]: Invalid user theo from 139.59.92.19 port 45262	2020-09-01 08:56:06
139.59.92.19	attackbots	Aug 19 22:28:51 santamaria sshd\[8879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.19 user=root Aug 19 22:28:53 santamaria sshd\[8879\]: Failed password for root from 139.59.92.19 port 36556 ssh2 Aug 19 22:33:02 santamaria sshd\[8939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.19 user=mysql ...	2020-08-20 04:48:36
139.59.92.19	attackspam	Failed password for postgres from 139.59.92.19 port 52552 ssh2 Invalid user ganyi from 139.59.92.19 port 34042 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.19 Invalid user ganyi from 139.59.92.19 port 34042 Failed password for invalid user ganyi from 139.59.92.19 port 34042 ssh2	2020-08-18 20:05:12
139.59.92.190	attackbotsspam	SSH Brute-Force Attack	2020-05-04 07:29:05
139.59.92.117	attackbotsspam	Unauthorized connection attempt detected from IP address 139.59.92.117 to port 2220 [J]	2020-02-02 01:15:16
139.59.92.117	attackspam	Jan 11 15:34:37 zulu412 sshd\[2811\]: Invalid user ubuntu from 139.59.92.117 port 45208 Jan 11 15:34:37 zulu412 sshd\[2811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.92.117 Jan 11 15:34:39 zulu412 sshd\[2811\]: Failed password for invalid user ubuntu from 139.59.92.117 port 45208 ssh2 ...	2020-01-11 23:48:14
139.59.92.117	attackbotsspam	3x Failed Password	2020-01-11 19:30:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.92.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45586
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.59.92.2.			IN	A

;; AUTHORITY SECTION:
.			2561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090300 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 03 15:22:49 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.92.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.92.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.191.160.42	attackspam	Feb 13 20:10:25 MK-Soft-VM5 sshd[7931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.191.160.42 Feb 13 20:10:26 MK-Soft-VM5 sshd[7931]: Failed password for invalid user vivian from 220.191.160.42 port 50520 ssh2 ...	2020-02-14 07:23:02
91.121.109.45	attackspambots	Invalid user vadim from 91.121.109.45 port 46263	2020-02-14 07:20:03
200.0.50.139	attack	firewall-block, port(s): 2323/tcp	2020-02-14 07:29:56
51.38.186.180	attack	Feb 13 23:16:39 MK-Soft-VM3 sshd[16504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.180 Feb 13 23:16:41 MK-Soft-VM3 sshd[16504]: Failed password for invalid user vagrant from 51.38.186.180 port 48681 ssh2 ...	2020-02-14 07:11:21
176.255.159.77	attackbotsspam	Feb 13 20:10:14 debian-2gb-nbg1-2 kernel: \[3880241.846254\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=176.255.159.77 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=62856 PROTO=TCP SPT=60695 DPT=5555 WINDOW=53807 RES=0x00 SYN URGP=0	2020-02-14 07:35:11
51.83.78.109	attackbots	Invalid user user from 51.83.78.109 port 56462	2020-02-14 07:31:13
180.106.83.17	attackbots	Feb 13 21:08:42 lukav-desktop sshd\[27058\]: Invalid user rojas from 180.106.83.17 Feb 13 21:08:42 lukav-desktop sshd\[27058\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.106.83.17 Feb 13 21:08:44 lukav-desktop sshd\[27058\]: Failed password for invalid user rojas from 180.106.83.17 port 48366 ssh2 Feb 13 21:10:47 lukav-desktop sshd\[15445\]: Invalid user central from 180.106.83.17 Feb 13 21:10:47 lukav-desktop sshd\[15445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.106.83.17	2020-02-14 07:04:17
217.21.193.74	attackspam	13.02.2020 20:40:37 HTTPs access blocked by firewall	2020-02-14 07:12:39
151.42.144.202	attackbotsspam	2020-02-14T00:05:59.484603 sshd[28664]: Invalid user Lino from 151.42.144.202 port 60338 2020-02-14T00:05:59.500277 sshd[28664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.42.144.202 2020-02-14T00:05:59.484603 sshd[28664]: Invalid user Lino from 151.42.144.202 port 60338 2020-02-14T00:06:01.013027 sshd[28664]: Failed password for invalid user Lino from 151.42.144.202 port 60338 ssh2 ...	2020-02-14 07:27:47
217.144.254.139	attackbots	Email rejected due to spam filtering	2020-02-14 07:03:11
222.186.173.226	attackspambots	Feb 13 16:24:41 debian sshd[29906]: Unable to negotiate with 222.186.173.226 port 2129: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Feb 13 18:15:11 debian sshd[2644]: Unable to negotiate with 222.186.173.226 port 35150: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2020-02-14 07:15:46
200.171.167.192	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 07:17:17
193.104.83.97	attack	Feb 14 00:03:22 legacy sshd[23312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.104.83.97 Feb 14 00:03:24 legacy sshd[23312]: Failed password for invalid user aryn from 193.104.83.97 port 58812 ssh2 Feb 14 00:06:53 legacy sshd[23464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.104.83.97 ...	2020-02-14 07:21:47
92.63.194.148	attackbots	02/13/2020-17:11:38.292363 92.63.194.148 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-14 07:10:05
82.130.196.87	attackbotsspam	Email rejected due to spam filtering	2020-02-14 07:19:02

Recently Reported IPs

109.102.111.64	88.245.211.51	61.174.252.201	2.201.84.254
84.201.138.240	177.19.166.199	124.160.102.196	218.98.40.148
49.85.249.71	2.53.9.188	143.231.229.135	188.197.209.173
90.189.151.12	64.192.91.3	149.56.173.82	174.140.249.49
103.78.214.7	195.24.2.247	1.55.56.74	52.252.200.17