IP address
Tags:
Static IP
IP in hostname
Scanner
- IP blacklists
CI Army
107.189.20.125 is listed on the CI Army blacklist.
Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed:
primary (
feed detail page)
Last checked at:
2026-06-20 02:50:00.828000
Was present on blacklist at:
2026-06-13 02:50,
2026-06-17 02:50,
2026-06-18 02:50,
2026-06-19 02:50,
2026-06-20 02:50
Echelon SIP register scanner
107.189.20.125 is listed on the Echelon SIP register scanner blacklist.
Description: SIP VoIP registration scanning on port 5060
Type of feed:
primary (
feed detail page)
Last checked at:
2026-06-19 09:30:00.350000
Was present on blacklist at:
2026-06-13 09:30,
2026-06-14 09:30,
2026-06-15 09:30,
2026-06-16 09:30,
2026-06-17 09:30,
2026-06-18 09:30,
2026-06-19 09:30
AbuseIPDB
107.189.20.125 is listed on the AbuseIPDB blacklist.
Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-06-20 04:00:00.625000
Was present on blacklist at:
2026-06-14 04:00,
2026-06-15 04:00,
2026-06-18 04:00,
2026-06-19 04:00,
2026-06-20 04:00
blocklist.de SIP
107.189.20.125 is listed on the blocklist.de SIP blacklist.
Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IP addresses that tried to login in a SIP,<br>VOIP or Asterisk Server.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-06-15 22:05:05.130000
Was present on blacklist at:
2026-06-14 04:05,
2026-06-14 10:05,
2026-06-14 16:05,
2026-06-14 22:05,
2026-06-15 04:05,
2026-06-15 10:05,
2026-06-15 16:05,
2026-06-15 22:05
UCEPROTECT L1
107.189.20.125 is listed on the UCEPROTECT L1 blacklist.
Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed:
primary (
feed detail page)
Last checked at:
2026-06-19 23:45:00.506000
Was present on blacklist at:
2026-06-14 15:45,
2026-06-14 23:45,
2026-06-15 07:45,
2026-06-15 15:45,
2026-06-15 23:45,
2026-06-16 07:45,
2026-06-16 15:45,
2026-06-16 23:45,
2026-06-17 07:45,
2026-06-17 15:45,
2026-06-17 23:45,
2026-06-18 15:45,
2026-06-18 23:45,
2026-06-19 07:45,
2026-06-19 15:45,
2026-06-19 23:45
Threat categories
| TL | Role | Category | Details |
|---|
| 77 |
src |
scan |
port: 5060, 5760
|
| 57 |
src |
— |
|
- Warden events (12)
- 2026-06-18
-
-
AnomalyTraffic (node.ce2b59): 1
-
ReconScanning (node.ce2b59): 1
- 2026-06-17
-
-
AnomalyTraffic (node.ce2b59): 1
-
ReconScanning (node.ce2b59): 1
- 2026-06-15
-
-
ReconScanning (node.ce2b59): 2
-
AnomalyTraffic (node.ce2b59): 2
- 2026-06-13
-
-
ReconScanning (node.ce2b59): 2
-
AnomalyTraffic (node.ce2b59): 2
- DShield reports (IP summary, reports)
- 2026-06-14
- Number of reports: 196
- Distinct targets: 136
- 2026-06-16
- Number of reports: 65
- Distinct targets: 52
- 2026-06-17
- Number of reports: 159
- Distinct targets: 119
- 2026-06-18
- Number of reports: 121
- Distinct targets: 93
- 2026-06-19
- Number of reports: 104
- Distinct targets: 75
- Origin AS
- AS14956 - ROUTERHOSTING
- BGP Prefix
- 107.189.16.0/21
- geo
-
Netherlands, Zaandam
- 🕑 Europe/Amsterdam
- hostname
- 125.20.189.107.static.cloudzy.com
- hostname_class
- ['ip_in_hostname', 'static']
- Address block ('inetnum' or 'NetRange' in whois database)
- 107.189.0.0 - 107.189.31.255
- last_activity
- 2026-06-18 18:36:48
- last_warden_event
- 2026-06-18 18:36:48
- rep
- 0.5122188056253367
- reserved_range
- 0
- ts_added
- 2026-06-13 02:51:48.079000
- ts_last_update
- 2026-06-20 05:00:29.751000
Warden event timeline
DShield event timeline
Presence on blacklists
