159.203.39.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	159.203.39.94 - - [09/Jun/2020:05:55:47 +0200] "POST /wp-login.php HTTP/1.1" 200 5545 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.39.94 - - [09/Jun/2020:05:55:49 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.39.94 - - [09/Jun/2020:05:55:51 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.39.94 - - [09/Jun/2020:05:55:52 +0200] "POST /wp-login.php HTTP/1.1" 200 5523 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.39.94 - - [09/Jun/2020:05:55:54 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-09 13:43:49
attackspambots	Brute-force general attack.	2020-05-23 04:07:59

Type

Details

Datetime

attackspam

159.203.39.94 - - [09/Jun/2020:05:55:47 +0200] "POST /wp-login.php HTTP/1.1" 200 5545 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
159.203.39.94 - - [09/Jun/2020:05:55:49 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
159.203.39.94 - - [09/Jun/2020:05:55:51 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
159.203.39.94 - - [09/Jun/2020:05:55:52 +0200] "POST /wp-login.php HTTP/1.1" 200 5523 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
159.203.39.94 - - [09/Jun/2020:05:55:54 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-06-09 13:43:49

attackspambots

Brute-force general attack.

2020-05-23 04:07:59

Comments on same subnet:

IP	Type	Details	Datetime
159.203.39.84	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-18 11:48:37
159.203.39.84	attack	DATE:2019-07-16 14:53:04, IP:159.203.39.84, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-07-16 23:35:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.203.39.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22506
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.203.39.94.			IN	A

;; AUTHORITY SECTION:
.			413	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052201 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 04:07:56 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 94.39.203.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.39.203.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.41.146.5	attackspambots	Unauthorised access (Oct 8) SRC=103.41.146.5 LEN=40 PREC=0x20 TTL=242 ID=43182 DF TCP DPT=8080 WINDOW=14600 SYN	2019-10-08 15:52:48
111.59.184.161	attack	Aug 18 14:08:50 dallas01 sshd[16818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.59.184.161 Aug 18 14:08:53 dallas01 sshd[16818]: Failed password for invalid user admin from 111.59.184.161 port 53457 ssh2 Aug 18 14:08:55 dallas01 sshd[16818]: Failed password for invalid user admin from 111.59.184.161 port 53457 ssh2 Aug 18 14:08:58 dallas01 sshd[16818]: Failed password for invalid user admin from 111.59.184.161 port 53457 ssh2	2019-10-08 15:41:25
1.9.213.115	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 04:55:16.	2019-10-08 15:43:11
14.228.145.5	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 04:55:20.	2019-10-08 15:34:32
190.211.141.217	attackbotsspam	Oct 8 09:17:25 legacy sshd[32242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217 Oct 8 09:17:27 legacy sshd[32242]: Failed password for invalid user !QAZXSW@ from 190.211.141.217 port 19332 ssh2 Oct 8 09:22:35 legacy sshd[32395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217 ...	2019-10-08 15:33:10
222.186.175.182	attack	Oct 8 09:33:08 MK-Soft-VM7 sshd[31786]: Failed password for root from 222.186.175.182 port 60936 ssh2 Oct 8 09:33:14 MK-Soft-VM7 sshd[31786]: Failed password for root from 222.186.175.182 port 60936 ssh2 ...	2019-10-08 15:46:05
122.154.32.18	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 04:55:19.	2019-10-08 15:36:51
222.186.52.89	attack	Oct 8 09:45:42 v22018076622670303 sshd\[13113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.89 user=root Oct 8 09:45:44 v22018076622670303 sshd\[13113\]: Failed password for root from 222.186.52.89 port 54238 ssh2 Oct 8 09:45:47 v22018076622670303 sshd\[13113\]: Failed password for root from 222.186.52.89 port 54238 ssh2 ...	2019-10-08 15:46:29
49.232.60.2	attackspam	Oct 8 04:11:08 www_kotimaassa_fi sshd[1239]: Failed password for root from 49.232.60.2 port 54822 ssh2 ...	2019-10-08 15:21:03
193.56.29.10	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-10-08 15:51:53
116.111.119.81	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 04:55:19.	2019-10-08 15:37:29
148.70.84.130	attack	2019-10-08T07:15:07.402884abusebot-5.cloudsearch.cf sshd\[32643\]: Invalid user butthead from 148.70.84.130 port 41256	2019-10-08 15:43:34
37.187.54.67	attackspam	Oct 8 09:43:32 v22019058497090703 sshd[15592]: Failed password for root from 37.187.54.67 port 37665 ssh2 Oct 8 09:48:56 v22019058497090703 sshd[16065]: Failed password for root from 37.187.54.67 port 34904 ssh2 ...	2019-10-08 15:55:17
112.85.42.87	attackspam	Oct 7 20:25:50 sachi sshd\[12376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root Oct 7 20:25:52 sachi sshd\[12376\]: Failed password for root from 112.85.42.87 port 18298 ssh2 Oct 7 20:26:27 sachi sshd\[12416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root Oct 7 20:26:29 sachi sshd\[12416\]: Failed password for root from 112.85.42.87 port 50799 ssh2 Oct 7 20:27:05 sachi sshd\[12463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.87 user=root	2019-10-08 15:53:44
2001:4b98:dc0:41:216:3eff:fe67:3e86	attack	WordPress wp-login brute force :: 2001:4b98:dc0:41:216:3eff:fe67:3e86 0.040 BYPASS [08/Oct/2019:14:55:17 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-08 15:42:44

Recently Reported IPs

191.177.182.70	78.140.159.255	178.67.198.45	113.160.121.116
2.89.224.108	46.59.85.28	107.172.80.142	89.244.190.103
60.211.217.154	42.118.46.135	42.74.52.21	37.224.40.29
3.15.244.62	14.98.157.126	78.140.159.251	190.235.37.14
187.111.154.245	40.78.154.162	39.110.249.227	180.76.142.19