JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.189.2.140

107.189.2.140 was found in our database!

This IP was reported 279 times. Confidence of Abuse is 100%: ?

100%

ISP	BuyVM
Usage Type	Data Center/Web Hosting/Transit
ASN	AS53667
Hostname(s)	namespace.aldeasdelsur.com
Domain Name	frantech.ca
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.189.2.140

Whois 107.189.2.140

IP Abuse Reports for 107.189.2.140:

This IP address has been reported a total of 279 times from 102 distinct sources. 107.189.2.140 was first reported on February 12th 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 masterguru	2026-05-12 02:58:12 (3 weeks ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (5001900-122)	Web App Attack
🇬🇧 Apache	2026-05-12 01:20:15 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 107.189.2.140 (LU/Luxembourg/namespace.aldeasde ... show more (mod_security) mod_security (id:225170) triggered by 107.189.2.140 (LU/Luxembourg/namespace.aldeasdelsur.com): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇺🇸 nyt	2026-05-11 23:25:53 (3 weeks ago)	WP login POST blocked by WAF, 503 status indicates server error, unusual bot behavior, Unusual plugi ... show more WP login POST blocked by WAF, 503 status indicates server error, unusual bot behavior, Unusual plugin upload request with 503 response show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇫🇷 tecnicorioja	2026-05-11 22:00:10 (3 weeks ago)	wp-login attack [11/May/2026:12:57:03	Brute-Force Web App Attack
🇺🇸 factor1	2026-05-11 21:20:32 (3 weeks ago)	Fail2ban at churndash Reports Abuse.	Brute-Force Web App Attack
🇺🇸 mind5t0rm	2026-05-11 20:03:41 (3 weeks ago)	(WPLOGIN) WP Login Attack 107.189.2.140 (LU/Luxembourg/namespace.aldeasdelsur.com): 3 in the last 36 ... show more (WPLOGIN) WP Login Attack 107.189.2.140 (LU/Luxembourg/namespace.aldeasdelsur.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 107.189.2.140 - - [12/May/2026:02:15:45 +0700] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; ARM64; rv:115.0) Gecko/20100101 Firefox/115.0" 107.189.2.140 - - [12/May/2026:02:20:19 +0700] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; ARM64; rv:115.0) Gecko/20100101 Firefox/115.0" 107.189.2.140 - - [12/May/2026:03:03:37 +0700] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)" show less	Port Scan
🇺🇸 Jason Howell	2026-05-11 19:43:57 (3 weeks ago)	107.189.2.140 - - [11/May/2026:14:16:13 -0500] "GET /wp-login.php HTTP/1.1" 200 8081 "-" "Mozilla/5. ... show more 107.189.2.140 - - [11/May/2026:14:16:13 -0500] "GET /wp-login.php HTTP/1.1" 200 8081 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36" 107.189.2.140 - - [11/May/2026:14:16:15 -0500] "POST /wp-login.php HTTP/1.1" 200 5923 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36" 107.189.2.140 - - [11/May/2026:14:42:27 -0500] "GET /wp-login.php HTTP/1.1" 200 4754 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 107.189.2.140 - - [11/May/2026:14:43:56 -0500] "GET /wp-login.php HTTP/1.1" 200 4754 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 107.189.2.140 - - [11/May/2026:14:43:56 -0500] "POST /wp-login.php HTTP/1.1" 200 2293 "https://delsmetalco.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 Jason Howell	2026-05-11 17:00:28 (3 weeks ago)	107.189.2.140 - - [11/May/2026:12:00:24 -0500] "GET /wp-login.php HTTP/1.1" 200 4570 "-" "Mozilla/5. ... show more 107.189.2.140 - - [11/May/2026:12:00:24 -0500] "GET /wp-login.php HTTP/1.1" 200 4570 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 107.189.2.140 - - [11/May/2026:12:00:25 -0500] "GET /wp-login.php HTTP/1.1" 200 4569 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 107.189.2.140 - - [11/May/2026:12:00:26 -0500] "POST /wp-login.php HTTP/1.1" 200 2355 "https://barbsgardenandpantry.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 107.189.2.140 - - [11/May/2026:12:00:26 -0500] "GET /wp-login.php HTTP/1.1" 200 4569 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 107.189.2.140 - - [11/May/2026:12:00:27 -0500] "POST /wp-login.php HTTP/1.1" 200 2357 "https://barbsgardenandpantry.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.3 ... show less	Web App Attack
🇺🇸 agenciahypelab.com.br	2026-05-11 13:48:03 (3 weeks ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇨🇦 KIsmay	2026-05-11 12:27:57 (3 weeks ago)	May 11 02:45:51 www4 WPAudit[218052]: 107.189.2.140 amandasrestaurant.ca "Mozilla/5.0 (X11; Linux x8 ... show more May 11 02:45:51 www4 WPAudit[218052]: 107.189.2.140 amandasrestaurant.ca "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" gina:Gina@2025! FAIL May 11 05:56:14 www4 WPAudit[230675]: 107.189.2.140 bcadjuster.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:password1 FAIL May 11 07:39:22 www4 WPAudit[238341]: 107.189.2.140 katharinedickerson.com "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" sbd-admin:20252025 FAIL May 11 07:59:32 www4 WPAudit[239617]: 107.189.2.140 vhsport.ca "Mozilla/5.0 (Linux; Android 16; SM-A346E) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Mobile Safari/537.36" vhsport:20252025 FAIL May 11 08:27:56 www4 WPAudit[241499]: 107.189.2.140 bcadjuster.com "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35. ... show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-05-11 06:30:04 (3 weeks ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 nationaleventpros.com	2026-05-11 05:09:07 (3 weeks ago)	WordPress login attempt	Brute-Force
Anonymous	2026-05-11 04:42:33 (3 weeks ago)	107.189.2.140 - - [11/May/2026:06:31:20 +0200] "POST /wp-login.php HTTP/1.0" 200 8603 "-" "Mozilla/5 ... show more 107.189.2.140 - - [11/May/2026:06:31:20 +0200] "POST /wp-login.php HTTP/1.0" 200 8603 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53" 107.189.2.140 - - [11/May/2026:06:31:21 +0200] "POST /wp-login.php HTTP/1.1" 200 8131 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53" 107.189.2.140 - - [11/May/2026:06:36:52 +0200] "POST /wp-login.php HTTP/1.0" 200 8969 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 107.189.2.140 - - [11/May/2026:06:36:53 +0200] "POST /wp-login.php HTTP/1.1" 200 8497 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 107.189.2.140 - - [11/May/2026:06:42:32 +0200] "POST /wp-login.php HTTP/1.0" 200 12049 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0. ... show less	Brute-Force Web App Attack
🇬🇧 andypiper	2026-05-11 01:01:51 (3 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇨🇦 KIsmay	2026-05-11 00:13:53 (3 weeks ago)	May 10 18:00:02 www4 WPAudit[180795]: 107.189.2.140 bcadjuster.com "Mozilla/5.0 (Linux; Android 14; ... show more May 10 18:00:02 www4 WPAudit[180795]: 107.189.2.140 bcadjuster.com "Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Mobile Safari/537.36" tony:Tony@2025 FAIL May 10 19:19:59 www4 WPAudit[186635]: 107.189.2.140 katharinedickerson.com "Mozilla/5.0 (Linux; Android 13; Pixel 7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36" sbd-admin:@2025@2025 FAIL May 10 19:30:10 www4 WPAudit[187407]: 107.189.2.140 imaginesalmon.com "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" se7enoaks:Imaginesalmon2025! FAIL May 10 20:10:18 www4 WPAudit[190500]: 107.189.2.140 imaginesalmon.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" se7enoaks:Se7enoaks2025! FAIL May 10 20:13:52 www4 WPAudit[190768]: 107.189.2.140 goldislandforestproducts.ca "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0" gifp:Gifp2025! FAIL ... show less	Brute-Force Web App Attack

Showing 31 to 45 of 279 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.249.177.79

🇬🇧 213.166.84.51

🇰🇷 211.216.58.204

🇦🇷 186.57.14.137

🇬🇪 185.228.135.197

🇩🇪 154.195.132.229

🇰🇷 140.245.69.89

🇸🇬 101.47.29.104

🇸🇾 89.43.133.183

🇺🇸 65.181.127.40

🇺🇸 64.62.197.193

🇨🇳 58.240.17.66

🇬🇧 31.14.254.18

🇨🇳 27.223.98.117

🇳🇱 192.178.118.151

🇬🇧 185.195.13.179

🇨🇳 171.8.42.112

🇵🇭 150.228.189.132

🇩🇪 144.31.80.14

🇨🇳 124.236.76.72