JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 107.189.20.125

107.189.20.125 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 100%: ?

100%

ISP	RouterHosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14956
Hostname(s)	125.20.189.107.static.cloudzy.com
Domain Name	cloudzy.com
Country	🇳🇱 Netherlands
City	Zaandam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 107.189.20.125

Whois 107.189.20.125

IP Abuse Reports for 107.189.20.125:

This IP address has been reported a total of 134 times from 61 distinct sources. 107.189.20.125 was first reported on June 13th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-06-22 06:36:22 (3 days ago)	SecLedge detected suspicious activity. Score: 296.28. Sensor: T-Pot.	Brute-Force
🇳🇴 tmiland	2026-06-20 18:35:10 (4 days ago)	Suricata Detected 7 attacks from 107.189.20.125.; ET CINS Active Threat Intelligence Poor Reputation ... show more Suricata Detected 7 attacks from 107.189.20.125.; ET CINS Active Threat Intelligence Poor Reputation IP group 141; IP: 107.189.20.125; Ports: 10020; Direction: to_server; Trigger: CINS; Category: Misc Attack; Severity: 2 show less	Brute-Force
🇩🇪 EnthecSolutions	2026-06-20 06:00:57 (5 days ago)	Detected by Enthec Solutions. \| Attempts: 74 in 24h \| Target port: 5060	Fraud VoIP Brute-Force
🇳🇱 knock	2026-06-20 01:26:07 (5 days ago)	Knock-Knock honeypot brute-force: SIP (150 total hits)	Hacking Brute-Force
🇦🇺 dyln	2026-06-20 00:29:22 (5 days ago)	Dyls honeypot brute-force: SIP (709 total hits)	Hacking Brute-Force
🇺🇸 Neosmith20	2026-06-20 00:28:05 (5 days ago)	Knock-Knock honeypot brute-force: SIP (197 total hits)	Hacking Brute-Force
🇬🇧 knock	2026-06-20 00:27:28 (5 days ago)	Knock-Knock honeypot brute-force: SIP (194 total hits)	Hacking Brute-Force
🇩🇪 NxtGenIT	2026-06-19 23:45:01 (5 days ago)	Sentrypeer Honeypot hit, SIP Method: INVITE, User Agent: AVM FRITZ!Box 7330 107.05.50 (Feb 22 2013)	FTP Brute-Force
🇺🇸 NetGuard	2026-06-19 22:56:53 (5 days ago)	#honeypot #netguard247 #sentrypeer Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Time ... show more #honeypot #netguard247 #sentrypeer Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-06-19T22:56:53.899+00:00 Attacker IP: 107.189.20.125 \| Port: 5060 \| Country: United States Honeypot: sentrypeer \| Attack: unknown Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Web App Attack
Anonymous	2026-06-19 18:40:02 (5 days ago)	Blocked by os-abuseipdb; 6 hits, proto=udp, ports=5001,5002,5003,5004,5005,5006	Port Scan Hacking
🇧🇷 diego	2026-06-19 11:05:22 (6 days ago)	[rede-168-134] 06/19/2026-08:05:21.742678, 107.189.20.125, Protocol: 17, ET CINS Active Threat Intel ... show more [rede-168-134] 06/19/2026-08:05:21.742678, 107.189.20.125, Protocol: 17, ET CINS Active Threat Intelligence Poor Reputation IP group 149 show less	Hacking
🇺🇸 kot	2026-06-19 08:02:10 (6 days ago)	scan port 22, 107.189.20.125 block	Port Scan
🇩🇪 ValtonTahiri	2026-06-19 04:41:29 (6 days ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=107.189.20.125; proto=UDP; source_port=6428; target_port=5060 show less	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-06-19 04:07:34 (6 days ago)	[RoutePulse \| 2026-06-19T04:07:34Z] ATTACK: Port Scan Horizontal (port 5060) TARGET: 4 subnets: 185. ... show more [RoutePulse \| 2026-06-19T04:07:34Z] ATTACK: Port Scan Horizontal (port 5060) TARGET: 4 subnets: 185.54.80.0/24, 185.54.81.0/24, 185.54.82.0/24 SOURCE: 107.189.20.125 (125.20.189.107.static.cloudzy.com) · AS14956 RouterHosting LLC · The Netherlands EVIDENCE: severity=warning · 506 flows · 250 KB · 506 distinct targets · port 5060 INTEL: feeds: IPsum Level 4 (very low FP) (1) \| RoutePulse score 8/100 MITRE: T1018 Remote System Discovery, T1046 Network Service Scanning DETECTION: sFlow/IPFIX flow analysis + 14-detector ML stack (6-model weighted ensemble) + threat-intel correlation ACTION: Pre-blackhole intelligence report (live monitoring continues) show less	Port Scan
🇩🇪 EnthecSolutions	2026-06-18 22:01:17 (6 days ago)	Detected by Enthec Solutions. \| Attempts: 3946 in 24h \| Target port: 5060	Fraud VoIP Brute-Force

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 91.92.40.237

🇳🇱 185.93.89.167

🇺🇸 162.216.149.49

🇨🇦 146.190.254.106

🇨🇳 120.224.172.222

🇧🇩 103.112.131.126

🇺🇸 66.132.186.212

🇮🇳 34.47.247.182

🇯🇵 13.71.128.118

🇩🇪 5.9.28.115

🇳🇱 158.94.210.233

🇸🇬 104.248.158.38

🇺🇸 100.8.5.92

🇳🇴 93.89.113.60

🇨🇦 85.217.149.24

🇳🇱 45.148.10.141

🇺🇸 20.118.24.61

🇮🇳 165.232.182.53

🇻🇳 103.172.236.241

🇺🇬 41.220.3.101