107.189.2.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
107.189.2.136	attackspam	107.189.2.136 - - [17/Sep/2020:06:32:20 +0200] "POST /wp-login.php HTTP/1.0" 200 4793 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-17 13:47:21
107.189.2.136	attack	SSH 2020-09-17 00:28:12 107.189.2.136 139.99.64.133 > POST tokorohani.com /wp-login.php HTTP/1.1 - - 2020-09-17 02:43:27 107.189.2.136 139.99.64.133 > GET meganisfa.com /wp-login.php HTTP/1.1 - - 2020-09-17 02:43:28 107.189.2.136 139.99.64.133 > POST meganisfa.com /wp-login.php HTTP/1.1 - -	2020-09-17 04:53:31
107.189.2.3	attackbotsspam	WordPress brute force	2020-06-07 05:56:02
107.189.2.3	attackspambots	107.189.2.3 - - [05/Jun/2020:05:54:44 +0200] "GET /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.189.2.3 - - [05/Jun/2020:05:54:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 107.189.2.3 - - [05/Jun/2020:05:54:47 +0200] "GET /wp-login.php HTTP/1.1" 200 6702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-05 15:27:58
107.189.2.5	attackbotsspam	REQUESTED PAGE: /wp-login.php	2020-01-13 16:16:01
107.189.2.5	attack	Automatic report - XMLRPC Attack	2019-11-10 00:42:24
107.189.2.90	attackbots	Automatic report - Banned IP Access	2019-10-26 23:24:02
107.189.2.90	attack	www.handydirektreparatur.de 107.189.2.90 \[10/Oct/2019:13:58:40 +0200\] "POST /wp-login.php HTTP/1.1" 200 5665 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 107.189.2.90 \[10/Oct/2019:13:58:40 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4114 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-10 21:17:21
107.189.2.139	attack	WordPress wp-login brute force :: 107.189.2.139 0.116 BYPASS [07/Oct/2019:22:40:19 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-08 01:28:10
107.189.2.3	attackbots	Automatic report generated by Wazuh	2019-10-05 23:15:48
107.189.2.90	attackspam	masters-of-media.de 107.189.2.90 \[30/Sep/2019:22:56:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5856 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 107.189.2.90 \[30/Sep/2019:22:56:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5811 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-01 07:32:36
107.189.2.90	attackspam	B: zzZZzz blocked content access	2019-09-29 14:29:43
107.189.2.3	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2019-09-28 18:54:57
107.189.2.90	attack	marleenrecords.breidenba.ch 107.189.2.90 \[07/Sep/2019:02:41:02 +0200\] "POST /wp-login.php HTTP/1.1" 200 5808 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" marleenrecords.breidenba.ch 107.189.2.90 \[07/Sep/2019:02:41:02 +0200\] "POST /wp-login.php HTTP/1.1" 200 5807 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-07 12:32:04
107.189.2.5	attackbotsspam	Automatic report - Banned IP Access	2019-08-14 20:38:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.189.2.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;107.189.2.2.			IN	A

;; AUTHORITY SECTION:
.			231	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022051801 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 19 07:34:26 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 2.2.189.107.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.2.189.107.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.120.29.27	attackspambots	Jul 27 20:28:39 [munged] sshd[13718]: Failed password for root from 178.120.29.27 port 16345 ssh2	2019-07-28 03:15:56
138.197.153.228	attackspambots	SSH bruteforce (Triggered fail2ban)	2019-07-28 03:47:20
194.61.26.4	attack	Invalid user local from 194.61.26.4 port 34567	2019-07-28 03:12:59
116.68.127.9	attackbotsspam	Invalid user iamthewalrus from 116.68.127.9 port 35151	2019-07-28 03:22:45
121.160.198.198	attackspambots	SSH Bruteforce Attack	2019-07-28 03:21:49
162.247.74.27	attack	Jul 27 20:00:35 vtv3 sshd\[1119\]: Invalid user admin from 162.247.74.27 port 52912 Jul 27 20:00:35 vtv3 sshd\[1119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.247.74.27 Jul 27 20:00:37 vtv3 sshd\[1119\]: Failed password for invalid user admin from 162.247.74.27 port 52912 ssh2 Jul 27 20:00:40 vtv3 sshd\[1119\]: Failed password for invalid user admin from 162.247.74.27 port 52912 ssh2 Jul 27 20:00:43 vtv3 sshd\[1119\]: Failed password for invalid user admin from 162.247.74.27 port 52912 ssh2	2019-07-28 03:18:44
84.3.2.59	attack	Invalid user entropy from 84.3.2.59 port 34378	2019-07-28 03:57:10
122.54.159.83	attackspambots	Invalid user admin2 from 122.54.159.83 port 50234	2019-07-28 03:21:25
222.252.36.69	attackbotsspam	Invalid user admin from 222.252.36.69 port 54849	2019-07-28 03:32:24
182.61.177.66	attackbotsspam	Automatic report - Banned IP Access	2019-07-28 03:40:13
54.38.192.96	attackspam	detected by Fail2Ban	2019-07-28 03:28:08
159.65.236.58	attack	Jul 27 19:11:27 srv-4 sshd\[7580\]: Invalid user oracle from 159.65.236.58 Jul 27 19:11:27 srv-4 sshd\[7580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.236.58 Jul 27 19:11:29 srv-4 sshd\[7580\]: Failed password for invalid user oracle from 159.65.236.58 port 60850 ssh2 ...	2019-07-28 03:18:59
181.120.125.220	attackbotsspam	Invalid user test from 181.120.125.220 port 62690	2019-07-28 03:15:40
162.247.74.74	attack	Jul 27 20:30:39 vtv3 sshd\[16078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.247.74.74 user=root Jul 27 20:30:41 vtv3 sshd\[16078\]: Failed password for root from 162.247.74.74 port 48860 ssh2 Jul 27 20:30:43 vtv3 sshd\[16078\]: Failed password for root from 162.247.74.74 port 48860 ssh2 Jul 27 20:30:46 vtv3 sshd\[16078\]: Failed password for root from 162.247.74.74 port 48860 ssh2 Jul 27 20:30:48 vtv3 sshd\[16078\]: Failed password for root from 162.247.74.74 port 48860 ssh2	2019-07-28 03:18:09
206.189.24.75	attack	[Aegis] @ 2019-07-27 19:53:56 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-07-28 03:34:03

Recently Reported IPs

107.189.168.147	107.189.2.84	107.189.28.186	107.189.30.163
107.189.5.155	107.189.6.14	107.190.129.3	107.190.129.5
107.190.132.130	107.190.135.53	107.190.141.50	107.190.142.123
107.191.33.132	107.191.35.26	107.191.38.7	107.191.44.115
107.191.45.31	107.191.49.238	107.191.53.45	107.191.55.156