107.189.11.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Frantech Solutions

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-11-06 16:36:00
attack	107.189.11.50 was recorded 5 times by 3 hosts attempting to connect to the following ports: 53413,5501. Incident counter (4h, 24h, all-time): 5, 9, 9	2019-11-02 21:56:25

Type

Details

Datetime

attack

CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found

2019-11-06 16:36:00

attack

107.189.11.50 was recorded 5 times by 3 hosts attempting to connect to the following ports: 53413,5501. Incident counter (4h, 24h, all-time): 5, 9, 9

2019-11-02 21:56:25

Comments on same subnet:

IP	Type	Details	Datetime
107.189.11.43	attack	DDoS	2023-02-10 21:13:59
107.189.11.160	attackbotsspam	Sep 29 23:33:11 XXX sshd[50485]: Invalid user admin from 107.189.11.160 port 50086	2020-09-30 08:11:34
107.189.11.160	attackbots	Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=36199 . dstport=22 SSH . (2674)	2020-09-30 00:56:42
107.189.11.160	attackbots	2020-09-29T10:51:29.549688ks3355764 sshd[27198]: Invalid user postgres from 107.189.11.160 port 42942 2020-09-29T10:51:29.576321ks3355764 sshd[27194]: Invalid user centos from 107.189.11.160 port 42938 ...	2020-09-29 16:59:51
107.189.11.160	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 07:15:11
107.189.11.160	attackbotsspam	Invalid user centos from 107.189.11.160 port 39608 Invalid user test from 107.189.11.160 port 39614 Invalid user vagrant from 107.189.11.160 port 39610 Invalid user oracle from 107.189.11.160 port 39616 Invalid user admin from 107.189.11.160 port 39604	2020-09-28 23:46:22
107.189.11.160	attack	Sep 28 14:34:38 DL-Box sshd[5039]: Invalid user ubuntu from 107.189.11.160 port 36862 Sep 28 14:34:38 DL-Box sshd[5038]: Invalid user centos from 107.189.11.160 port 36864 Sep 28 14:34:38 DL-Box sshd[5042]: Invalid user admin from 107.189.11.160 port 36860 Sep 28 14:34:38 DL-Box sshd[5040]: Invalid user oracle from 107.189.11.160 port 36872 Sep 28 14:34:38 DL-Box sshd[5041]: Invalid user postgres from 107.189.11.160 port 36868 ...	2020-09-28 15:48:50
107.189.11.160	attackspambots	2020-09-25T14:08:21.716226xentho-1 sshd[1000093]: Invalid user test from 107.189.11.160 port 40434 2020-09-25T14:08:27.413618xentho-1 sshd[1000093]: Failed password for invalid user test from 107.189.11.160 port 40434 ssh2 2020-09-25T14:08:25.849257xentho-1 sshd[1000088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.11.160 2020-09-25T14:08:21.719343xentho-1 sshd[1000088]: Invalid user centos from 107.189.11.160 port 40308 2020-09-25T14:08:27.414061xentho-1 sshd[1000088]: Failed password for invalid user centos from 107.189.11.160 port 40308 ssh2 2020-09-25T14:08:25.849610xentho-1 sshd[1000091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.11.160 2020-09-25T14:08:21.733837xentho-1 sshd[1000091]: Invalid user vagrant from 107.189.11.160 port 40430 2020-09-25T14:08:27.414405xentho-1 sshd[1000091]: Failed password for invalid user vagrant from 107.189.11.160 port 40430 ssh2 2020-09-25T14:0 ...	2020-09-26 02:12:06
107.189.11.160	attackbotsspam	2020-09-25T11:50:15.149281centos sshd[10979]: Invalid user test from 107.189.11.160 port 36328 2020-09-25T11:50:15.150389centos sshd[10978]: Invalid user ubuntu from 107.189.11.160 port 36320 2020-09-25T11:50:15.162605centos sshd[10982]: Invalid user admin from 107.189.11.160 port 36318 ...	2020-09-25 17:53:21
107.189.11.160	attack	Sep 25 02:52:54 OPSO sshd\[24389\]: Invalid user vagrant from 107.189.11.160 port 53772 Sep 25 02:53:01 OPSO sshd\[24389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.11.160 Sep 25 02:53:01 OPSO sshd\[24396\]: Invalid user centos from 107.189.11.160 port 53770 Sep 25 02:53:01 OPSO sshd\[24394\]: Invalid user ubuntu from 107.189.11.160 port 53768 Sep 25 02:53:01 OPSO sshd\[24390\]: Invalid user postgres from 107.189.11.160 port 53774 Sep 25 02:53:01 OPSO sshd\[24392\]: Invalid user test from 107.189.11.160 port 53776 Sep 25 02:53:01 OPSO sshd\[24395\]: Invalid user oracle from 107.189.11.160 port 53778	2020-09-25 10:20:18
107.189.11.163	attack	2020-09-19T16:53[Censored Hostname] sshd[19277]: Failed password for root from 107.189.11.163 port 49916 ssh2 2020-09-19T16:54[Censored Hostname] sshd[19277]: Failed password for root from 107.189.11.163 port 49916 ssh2 2020-09-19T16:54[Censored Hostname] sshd[19277]: Failed password for root from 107.189.11.163 port 49916 ssh2[...]	2020-09-19 23:00:14
107.189.11.163	attackspambots	Sep 19 06:06:57 vpn01 sshd[12141]: Failed password for root from 107.189.11.163 port 59754 ssh2 Sep 19 06:07:08 vpn01 sshd[12141]: Failed password for root from 107.189.11.163 port 59754 ssh2 Sep 19 06:07:08 vpn01 sshd[12141]: error: maximum authentication attempts exceeded for root from 107.189.11.163 port 59754 ssh2 [preauth] ...	2020-09-19 14:50:07
107.189.11.163	attackspambots	Sep 18 23:04:17 ns308116 sshd[28831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.11.163 user=root Sep 18 23:04:18 ns308116 sshd[28831]: Failed password for root from 107.189.11.163 port 35270 ssh2 Sep 18 23:04:20 ns308116 sshd[28831]: Failed password for root from 107.189.11.163 port 35270 ssh2 Sep 18 23:04:22 ns308116 sshd[28831]: Failed password for root from 107.189.11.163 port 35270 ssh2 Sep 18 23:04:25 ns308116 sshd[28831]: Failed password for root from 107.189.11.163 port 35270 ssh2 ...	2020-09-19 06:26:53
107.189.11.160	attackbots	2020-09-18T20:58:17.034845 sshd[685988]: Invalid user oracle from 107.189.11.160 port 53452 2020-09-18T20:58:17.034849 sshd[685987]: Invalid user vagrant from 107.189.11.160 port 53446 2020-09-18T20:58:17.703684 sshd[685994]: Invalid user centos from 107.189.11.160 port 53444 2020-09-18T20:58:17.707149 sshd[685989]: Invalid user ubuntu from 107.189.11.160 port 53442 2020-09-18T20:58:17.708850 sshd[685993]: Invalid user admin from 107.189.11.160 port 53440 2020-09-18T20:58:17.710091 sshd[685990]: Invalid user postgres from 107.189.11.160 port 53448 2020-09-18T20:58:17.710808 sshd[685992]: Invalid user test from 107.189.11.160 port 53450	2020-09-19 03:06:37
107.189.11.160	attackbotsspam	TCP port : 22	2020-09-18 19:08:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.189.11.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;107.189.11.50.			IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110200 1800 900 604800 86400

;; Query time: 336 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 02 21:56:21 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 50.11.189.107.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.11.189.107.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.225.126.55	attackbots	Sep 30 10:44:43 areeb-Workstation sshd[4409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.225.126.55 Sep 30 10:44:45 areeb-Workstation sshd[4409]: Failed password for invalid user arijit from 220.225.126.55 port 60318 ssh2 ...	2019-09-30 13:29:55
178.169.86.2	attack	84/tcp 84/tcp 84/tcp... [2019-09-30]5pkt,1pt.(tcp)	2019-09-30 13:56:45
58.48.19.6	attackspam	23/tcp [2019-09-30]1pkt	2019-09-30 13:52:01
107.170.113.190	attack	Sep 30 06:40:13 dev0-dcde-rnet sshd[949]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.113.190 Sep 30 06:40:15 dev0-dcde-rnet sshd[949]: Failed password for invalid user angie from 107.170.113.190 port 59680 ssh2 Sep 30 06:56:46 dev0-dcde-rnet sshd[1099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.113.190	2019-09-30 14:02:55
222.186.173.180	attack	Automated report - ssh fail2ban: Sep 30 07:45:50 wrong password, user=root, port=38822, ssh2 Sep 30 07:45:56 wrong password, user=root, port=38822, ssh2 Sep 30 07:46:01 wrong password, user=root, port=38822, ssh2 Sep 30 07:46:07 wrong password, user=root, port=38822, ssh2	2019-09-30 13:48:02
175.17.197.64	attackspam	8080/tcp [2019-09-30]1pkt	2019-09-30 14:09:34
167.71.209.255	attackbotsspam	Sep 29 19:45:49 aiointranet sshd\[9739\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.209.255 user=backup Sep 29 19:45:51 aiointranet sshd\[9739\]: Failed password for backup from 167.71.209.255 port 53174 ssh2 Sep 29 19:52:17 aiointranet sshd\[10321\]: Invalid user soporte from 167.71.209.255 Sep 29 19:52:17 aiointranet sshd\[10321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.209.255 Sep 29 19:52:19 aiointranet sshd\[10321\]: Failed password for invalid user soporte from 167.71.209.255 port 32784 ssh2	2019-09-30 14:01:21
222.186.175.148	attackspambots	Sep 30 08:01:16 rotator sshd\[17516\]: Failed password for root from 222.186.175.148 port 41094 ssh2Sep 30 08:01:20 rotator sshd\[17516\]: Failed password for root from 222.186.175.148 port 41094 ssh2Sep 30 08:01:24 rotator sshd\[17516\]: Failed password for root from 222.186.175.148 port 41094 ssh2Sep 30 08:01:27 rotator sshd\[17516\]: Failed password for root from 222.186.175.148 port 41094 ssh2Sep 30 08:01:32 rotator sshd\[17516\]: Failed password for root from 222.186.175.148 port 41094 ssh2Sep 30 08:01:42 rotator sshd\[17522\]: Failed password for root from 222.186.175.148 port 38470 ssh2 ...	2019-09-30 14:03:38
46.101.26.63	attack	Sep 30 10:07:19 gw1 sshd[24624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.26.63 Sep 30 10:07:22 gw1 sshd[24624]: Failed password for invalid user ftpuser from 46.101.26.63 port 57547 ssh2 ...	2019-09-30 13:21:57
91.236.116.89	attack	Automatic report - Banned IP Access	2019-09-30 14:06:21
113.160.214.6	attackbotsspam	445/tcp [2019-09-30]1pkt	2019-09-30 13:48:27
222.186.180.19	attack	v+ssh-bruteforce	2019-09-30 13:14:55
199.36.111.220	attackspambots	Honeypot attack, port: 445, PTR: 220-111-36-199.reverse.instavps.net.	2019-09-30 13:57:13
222.239.225.43	attackspam	SMB Server BruteForce Attack	2019-09-30 13:50:02
182.61.42.234	attackbotsspam	Sep 30 07:46:55 vps01 sshd[6206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.42.234 Sep 30 07:46:58 vps01 sshd[6206]: Failed password for invalid user zang123 from 182.61.42.234 port 36058 ssh2	2019-09-30 13:57:33

Recently Reported IPs

95.216.139.113	10.72.140.216	141.44.133.91	254.60.250.111
188.182.213.226	165.38.21.169	49.205.178.122	193.60.20.10
52.248.219.184	75.225.66.135	27.143.2.12	52.36.198.163
114.226.30.0	10.199.154.253	229.67.24.61	185.82.23.113
226.251.220.226	4.204.99.77	67.123.228.239	71.21.154.125