JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.147.89.232

142.147.89.232 was found in our database!

This IP was reported 203 times. Confidence of Abuse is 51%: ?

51%

ISP	Mullvad VPN AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS6233
Hostname(s)	142.147.89.232.static.xtom.com
Domain Name	mullvad.net
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.147.89.232

Whois 142.147.89.232

IP Abuse Reports for 142.147.89.232:

This IP address has been reported a total of 203 times from 58 distinct sources. 142.147.89.232 was first reported on August 31st 2022, and the most recent report was 29 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-05 07:51:31 (29 minutes ago)	RDWeb scan	Web App Attack
🇮🇹 LTM	2026-06-02 06:20:02 (3 days ago)	SSH - Attempt to login using invalid or illegal credential	Port Scan Brute-Force SSH
🇬🇧 adnscom.net	2026-05-25 03:16:55 (1 week ago)	IPS trigger: Brute force SSH scanning/attack	Brute-Force SSH
🇪🇸 librebit	2026-05-19 03:26:15 (2 weeks ago)	RDWeb scan	Web App Attack
🇩🇪 Admins@FBN	2026-05-19 01:08:30 (2 weeks ago)	VPN Logon Failed: AAA user authentication Rejected user = <replaced>	Brute-Force Exploited Host
🇺🇸 agabeckov	2026-05-19 00:29:31 (2 weeks ago)	Fail2Ban detected brute-force attempt on Cisco Anyconnect	VPN IP Brute-Force
🇫🇮 notelseit	2026-05-19 00:08:12 (2 weeks ago)	2026-05-19T02:08:01.496296+02:00 mail postfix/smtps/smtpd[1460138]: warning: unknown[142.147.89.232] ... show more 2026-05-19T02:08:01.496296+02:00 mail postfix/smtps/smtpd[1460138]: warning: unknown[142.147.89.232]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2026-05-19T02:08:01.874950+02:00 mail postfix/smtps/smtpd[1460138]: disconnect from unknown[142.147.89.232] ehlo=1 auth=0/1 quit=1 commands=2/3 2026-05-19T02:08:12.057678+02:00 mail postfix/submission/smtpd[1460126]: warning: unknown[142.147.89.232]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	Brute-Force Email Spam
Anonymous	2026-05-16 06:20:03 (2 weeks ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇩🇪 NxtGenIT	2026-05-13 14:01:40 (3 weeks ago)	CiscoASA Honeypot hit, Payload: "POST /+webvpn+/index.html?fcadbadd=1 HTTP/1.1" 200 -,	Brute-Force
🇩🇪 CELOS-SOC	2026-05-07 04:30:52 (4 weeks ago)	Multiple Unauthorized SSLVPN Login Attempts	Hacking Brute-Force
🇪🇸 el-brujo	2026-05-06 10:20:36 (4 weeks ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=%27nvOpzp;%20AND%201=1%20OR ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), Host: elhacker.net userAgent: Action: block Source: firewallManaged ASN Description: xTom Country: US Method: GET Timestamp: 2026-05-06T10:20:36Z ruleId: 8152816062ed47f69be0f907f4bdb492. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 NxtGenIT	2026-05-04 14:19:01 (1 month ago)	CiscoASA Honeypot hit, Payload: "GET /+CSCOE+/logon.html HTTP/1.1" 302 -,	Brute-Force
🇪🇸 Mugen	2026-04-24 22:44:27 (1 month ago)	Unauthorized VPN login attempts	Brute-Force
🇩🇪 raph	2026-04-24 20:51:27 (1 month ago)	[SQL INJECTION] f2b match %{+Q}r for ^.haproxy\[[0-9]+\]: <HOST>:. (GET \|POST ).\?.(%20AND%20\|%2 ... show more [SQL INJECTION] f2b match %{+Q}r for ^.haproxy\[[0-9]+\]: <HOST>:. (GET \|POST ).\?.(%20AND%20\|%20and%20\|%20OR%20\|%20or%20).* HTTP/1.1$ show less	SQL Injection
🇩🇪 NxtGenIT	2026-04-22 10:48:02 (1 month ago)	CiscoASA Honeypot hit, Payload: "GET /+CSCOE+/logon.html?fcadbadd=1 HTTP/1.1" 200 -,	Brute-Force

Showing 1 to 15 of 203 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 117.29.104.68

🇩🇪 178.104.240.0

🇺🇸 172.71.153.22

🇩🇪 69.5.169.242

🇩🇪 69.5.169.213

🇺🇸 47.133.208.160

🇯🇵 23.217.205.165

🇻🇳 14.173.19.204

🇨🇳 221.229.218.50

🇺🇸 208.67.219.130

🇲🇽 187.192.178.25

🇮🇶 185.95.204.12

🇹🇭 152.32.247.23

🇨🇳 116.232.161.15

🇹🇭 106.0.166.123

🇬🇧 89.37.172.131

🇺🇸 73.142.173.46

🇩🇪 69.5.169.172

🇳🇬 62.173.38.229

🇰🇪 41.60.141.120