JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.189.10.124

107.189.10.124 was found in our database!

This IP was reported 73 times. Confidence of Abuse is 100%: ?

100%

ISP	BuyVM
Usage Type	Data Center/Web Hosting/Transit
ASN	AS53667
Hostname(s)	gwlu.technofaq.org
Domain Name	frantech.ca
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.189.10.124

Whois 107.189.10.124

IP Abuse Reports for 107.189.10.124:

This IP address has been reported a total of 73 times from 65 distinct sources. 107.189.10.124 was first reported on June 4th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-04 02:53:22 (4 hours ago)	tcp/22 (6 or more attempts)	Port Scan
Anonymous	2026-06-04 02:49:03 (4 hours ago)	2026-06-04T04:42:47.426049+02:00 dns2.mi-pietsch.de sshd-session[193788]: Invalid user admin from 10 ... show more 2026-06-04T04:42:47.426049+02:00 dns2.mi-pietsch.de sshd-session[193788]: Invalid user admin from 107.189.10.124 port 53934 2026-06-04T04:43:32.607009+02:00 dns2.mi-pietsch.de sshd-session[193793]: Invalid user orangepi from 107.189.10.124 port 54720 2026-06-04T04:49:02.549904+02:00 dns2.mi-pietsch.de sshd-session[193841]: Invalid user test from 107.189.10.124 port 33218 ... show less	Brute-Force SSH
🇩🇪 sbajic	2026-06-04 02:46:52 (4 hours ago)	Jun 4 04:45:15 hyperion sshd-session[1995314]: Invalid user admin from 107.189.10.124 port 47364 Ju ... show more Jun 4 04:45:15 hyperion sshd-session[1995314]: Invalid user admin from 107.189.10.124 port 47364 Jun 4 04:46:02 hyperion sshd-session[1995757]: Invalid user orangepi from 107.189.10.124 port 48374 Jun 4 04:46:50 hyperion sshd-session[1995766]: User root from 107.189.10.124 not allowed because none of user's groups are listed in AllowGroups ... show less	Brute-Force SSH
🇺🇸 MPL	2026-06-04 02:41:05 (4 hours ago)	tcp ports: 2375,22 (6 or more attempts)	Port Scan
🇷🇺 Kotiacat_one	2026-06-04 02:40:56 (4 hours ago)	2026-06-04T05:38:40.274305+03:00 kotia sshd-session[305270]: Invalid user test from 107.189.10.124 p ... show more 2026-06-04T05:38:40.274305+03:00 kotia sshd-session[305270]: Invalid user test from 107.189.10.124 port 59424 2026-06-04T05:39:26.433742+03:00 kotia sshd-session[305273]: Invalid user user from 107.189.10.124 port 60262 2026-06-04T05:40:55.857897+03:00 kotia sshd-session[305342]: Invalid user admin from 107.189.10.124 port 34224 ... show less	Brute-Force SSH
🇵🇱 dzpk	2026-06-04 02:40:31 (4 hours ago)	107.189.10.124 - - [04/Jun/2026:04:40:30 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.% ... show more 107.189.10.124 - - [04/Jun/2026:04:40:30 +0200] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 150 "-" "-" show less	Web App Attack
🇳🇱 ipoac.nl	2026-06-04 02:39:25 (4 hours ago)	[Thu Jun 04 04:39:24.348529 2026] [core:error] [pid 3282345:tid 3282789] [client 107.189.10.124:5926 ... show more [Thu Jun 04 04:39:24.348529 2026] [core:error] [pid 3282345:tid 3282789] [client 107.189.10.124:59266] AH10244: invalid URI path (/cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh) show less	Hacking
🇦🇱 router.al	2026-06-04 02:38:12 (4 hours ago)	06/04/2026-02:38:12.629155 107.189.10.124 Protocol: 6 ET WEB_SERVER /bin/sh In URI Possible Shell Co ... show more 06/04/2026-02:38:12.629155 107.189.10.124 Protocol: 6 ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt show less	Hacking
🇫🇷 LoneRider	2026-06-04 02:37:38 (4 hours ago)	Jun 4 04:36:50 plsk sshd[912431]: Invalid user admin from 107.189.10.124 port 43146 Jun 4 04:36:50 ... show more Jun 4 04:36:50 plsk sshd[912431]: Invalid user admin from 107.189.10.124 port 43146 Jun 4 04:36:50 plsk sshd[912431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.124 Jun 4 04:36:52 plsk sshd[912431]: Failed password for invalid user admin from 107.189.10.124 port 43146 ssh2 Jun 4 04:37:32 plsk sshd[912491]: Invalid user orangepi from 107.189.10.124 port 43872 ... show less	SSH
🇳🇱 Savvii	2026-06-04 02:36:14 (4 hours ago)	20 attempts against mh-ssh on yam	Brute-Force SSH
🇺🇸 3rdKey	2026-06-04 02:35:02 (5 hours ago)	OpenCanary honeypot hit on port 22 (no legitimate service runs there); logtype 4000. Automated repor ... show more OpenCanary honeypot hit on port 22 (no legitimate service runs there); logtype 4000. Automated report. show less	Port Scan Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-04 02:34:07 (5 hours ago)	(mod_security) mod_security (id:218420) triggered by 107.189.10.124 (gwlu.technofaq.org): 1 in the l ... show more (mod_security) mod_security (id:218420) triggered by 107.189.10.124 (gwlu.technofaq.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:34:01.457640 2026] [security2:error] [pid 10169:tid 10169] [client 107.189.10.124:35336] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|192.64.150.244:80\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "192.64.150.244"] [uri "/hello.world"] [unique_id "aiDkGde9e20vb1Z4b5njEwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 02:32:40 (5 hours ago)	2026-06-03T21:31:54.156333 DDMZLXSFV01 sshd[1446586]: pam_unix(sshd:auth): authentication failure; l ... show more 2026-06-03T21:31:54.156333 DDMZLXSFV01 sshd[1446586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.124 2026-06-03T21:31:56.183133 DDMZLXSFV01 sshd[1446586]: Failed password for invalid user admin from 107.189.10.124 port 43140 ssh2 2026-06-03T21:32:38.697668 DDMZLXSFV01 sshd[1446671]: Invalid user orangepi from 107.189.10.124 port 44408 ... show less	Brute-Force SSH
🇺🇸 Bankbook8585	2026-06-04 02:31:03 (5 hours ago)	T-Pot honeypot \| Cowrie SSH/Telnet honeypot: cowrie.login.failed user=admin	Brute-Force SSH
🇺🇸 bing	2026-06-04 02:30:00 (5 hours ago)	2026-06-03T19:29:36.740050 serv sshd[4164412]: pam_unix(sshd:auth): authentication failure; logname= ... show more 2026-06-03T19:29:36.740050 serv sshd[4164412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.10.124 2026-06-03T19:29:38.820807 serv sshd[4164412]: Failed password for invalid user admin from 107.189.10.124 port 58860 ssh2 ... show less	Brute-Force SSH

Showing 46 to 60 of 73 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.126.107.84

🇳🇱 185.242.226.93

🇧🇷 181.214.221.78

🇱🇾 156.38.43.85

🇬🇧 138.68.133.221

🇨🇳 112.248.106.233

🇷🇺 81.9.102.85

🇮🇳 68.233.116.124

🇳🇱 45.148.10.141

🇬🇧 217.146.80.125

🇬🇧 217.146.80.115

🇬🇧 194.50.235.154

🇺🇸 192.3.185.194

🇨🇳 180.153.236.37

🇬🇧 81.19.219.248

🇮🇳 74.225.162.180

🇸🇬 47.237.10.2

🇺🇦 5.252.154.55

🇨🇦 217.181.82.15

🇺🇸 162.216.149.232