139.59.146.205

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.59.146.28	attack	Attempting to access Wordpress login on a honeypot or private system.	2020-08-29 07:04:48
139.59.146.28	attack	139.59.146.28 - - [27/Aug/2020:14:58:12 +0200] "GET /wp-login.php HTTP/1.1" 200 9040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [27/Aug/2020:14:58:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [27/Aug/2020:14:58:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-28 02:53:32
139.59.146.28	attackspam	139.59.146.28 - - [19/Aug/2020:06:19:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [19/Aug/2020:06:19:00 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [19/Aug/2020:06:19:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [19/Aug/2020:06:19:00 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [19/Aug/2020:06:19:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [19/Aug/2020:06:19:00 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-08-19 20:29:37
139.59.146.28	attackspambots	eintrachtkultkellerfulda.de 139.59.146.28 [15/Aug/2020:22:46:10 +0200] "POST /wp-login.php HTTP/1.1" 200 3084 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" eintrachtkultkellerfulda.de 139.59.146.28 [15/Aug/2020:22:46:10 +0200] "POST /wp-login.php HTTP/1.1" 200 3049 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-16 05:32:17
139.59.146.28	attackspambots	139.59.146.28 - - [10/Aug/2020:15:10:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [10/Aug/2020:15:10:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2037 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [10/Aug/2020:15:10:56 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-11 03:50:32
139.59.146.28	attackspam	Automatic report - XMLRPC Attack	2020-08-05 14:24:49
139.59.146.28	attackbotsspam	139.59.146.28 - - [02/Aug/2020:08:20:01 +0200] "POST /xmlrpc.php HTTP/1.1" 403 207343 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [02/Aug/2020:08:43:08 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-02 16:00:57
139.59.146.28	attackbots	WordPress wp-login brute force :: 139.59.146.28 0.100 - [31/Jul/2020:08:13:44 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-07-31 18:11:51
139.59.146.28	attack	139.59.146.28 - - [16/Jul/2020:05:51:47 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:47 +0200] "POST /wp-login.php HTTP/1.1" 200 1811 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:48 +0200] "POST /wp-login.php HTTP/1.1" 200 1799 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:48 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [16/Jul/2020:05:51:49 +0200] "POST /wp-login.php HTTP/1.1" 200 1798 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-07-16 15:28:11
139.59.146.28	attackspam	139.59.146.28 - - [30/Jun/2020:13:20:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [30/Jun/2020:13:20:23 +0100] "POST /wp-login.php HTTP/1.1" 200 1924 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [30/Jun/2020:13:20:24 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 19:38:26
139.59.146.28	attackbots	139.59.146.28 - - [30/Jun/2020:13:20:21 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [30/Jun/2020:13:20:23 +0100] "POST /wp-login.php HTTP/1.1" 200 1924 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.146.28 - - [30/Jun/2020:13:20:24 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 02:05:57
139.59.146.28	attackspam	WordPress wp-login brute force :: 139.59.146.28 0.080 BYPASS [27/Jun/2020:05:40:43 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2003 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-27 14:22:59
139.59.146.28	attack	139.59.146.28 - - \[25/Jun/2020:01:06:19 +0200\] "POST /wp-login.php HTTP/1.0" 200 2507 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.146.28 - - \[25/Jun/2020:01:06:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 2473 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.146.28 - - \[25/Jun/2020:01:06:21 +0200\] "POST /wp-login.php HTTP/1.0" 200 2470 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-06-25 08:42:15
139.59.146.28	attackbots	139.59.146.28 - - \[29/May/2020:22:49:25 +0200\] "POST /wp-login.php HTTP/1.0" 200 5674 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.146.28 - - \[29/May/2020:22:49:26 +0200\] "POST /wp-login.php HTTP/1.0" 200 5644 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 139.59.146.28 - - \[29/May/2020:22:49:27 +0200\] "POST /wp-login.php HTTP/1.0" 200 5676 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-30 06:29:11
139.59.146.28	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-03 19:43:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.59.146.205
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59372
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;139.59.146.205.			IN	A

;; AUTHORITY SECTION:
.			58	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:35:03 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 205.146.59.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 205.146.59.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.55.125.136	normal	190.55.125.136	2020-07-10 06:11:06
24.92.187.245	attackspambots	SSH Invalid Login	2020-07-10 05:56:10
45.122.246.145	attackbots	Jul 9 22:13:07 xeon sshd[40676]: Failed password for invalid user csongor from 45.122.246.145 port 39110 ssh2	2020-07-10 06:06:51
45.95.168.250	attackspam	Jul 9 23:46:16 backup sshd[22756]: Failed password for root from 45.95.168.250 port 55172 ssh2 ...	2020-07-10 05:58:30
122.51.70.17	attackspam	Jul 9 21:29:26 ip-172-31-62-245 sshd\[29240\]: Invalid user april from 122.51.70.17\ Jul 9 21:29:28 ip-172-31-62-245 sshd\[29240\]: Failed password for invalid user april from 122.51.70.17 port 57774 ssh2\ Jul 9 21:33:33 ip-172-31-62-245 sshd\[29247\]: Invalid user zhangxianrui from 122.51.70.17\ Jul 9 21:33:35 ip-172-31-62-245 sshd\[29247\]: Failed password for invalid user zhangxianrui from 122.51.70.17 port 46784 ssh2\ Jul 9 21:37:34 ip-172-31-62-245 sshd\[29282\]: Invalid user tomcat from 122.51.70.17\	2020-07-10 05:55:35
67.205.142.246	attackspam	825. On Jul 9 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 67.205.142.246.	2020-07-10 06:15:28
175.24.61.126	attackspam	SSH Invalid Login	2020-07-10 06:11:00
106.13.86.54	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-10 06:11:42
114.98.126.14	attackspam	Jul 9 17:34:18 ny01 sshd[6485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.98.126.14 Jul 9 17:34:20 ny01 sshd[6485]: Failed password for invalid user carmelie from 114.98.126.14 port 59042 ssh2 Jul 9 17:37:33 ny01 sshd[6931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.98.126.14	2020-07-10 05:48:01
180.183.116.76	attackspambots	firewall-block, port(s): 445/tcp	2020-07-10 05:49:02
1.61.40.26	attackspambots	firewall-block, port(s): 37215/tcp	2020-07-10 06:09:52
80.82.77.33	attackspambots	07/09/2020-17:07:23.434244 80.82.77.33 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-07-10 05:49:54
121.46.26.126	attackspam	2020-07-10T03:17:10.107158billing sshd[25175]: Invalid user laureano from 121.46.26.126 port 55994 2020-07-10T03:17:12.722802billing sshd[25175]: Failed password for invalid user laureano from 121.46.26.126 port 55994 ssh2 2020-07-10T03:20:20.731954billing sshd[30241]: Invalid user yoshimichi from 121.46.26.126 port 46805 ...	2020-07-10 05:43:32
120.79.241.142	attack	Jul 9 22:08:08 xeon sshd[40185]: Failed password for invalid user test from 120.79.241.142 port 36664 ssh2	2020-07-10 06:09:04
144.22.108.33	attack	$f2bV_matches	2020-07-10 06:13:04

Recently Reported IPs

139.59.146.146	118.254.157.232	139.59.147.63	139.59.148.150
139.59.146.208	139.59.147.92	139.59.148.168	139.59.147.164
139.59.149.119	139.59.147.198	139.59.149.109	139.59.149.120
139.59.149.189	139.59.149.176	118.254.157.236	139.59.149.63
139.59.149.27	139.59.149.213	139.59.15.20	139.59.15.186