AbuseIPDB » 162.142.125.221

162.142.125.221 was found in our database!

This IP was reported 17,428 times. Confidence of Abuse is 0%: ?

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	scanner-25.ch1.censys-scanner.com
Domain Name	censys.com
Country	United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Important Note: 162.142.125.221 is an IP address from within our whitelist belonging to the subnet 162.142.125.0/24, which we identify as: "Censys (https://about.censys.io/)".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 162.142.125.221

Whois 162.142.125.221

IP Abuse Reports for 162.142.125.221:

This IP address has been reported a total of 17,428 times from 935 distinct sources. 162.142.125.221 was first reported on October 24th 2022, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
rafamiga	2025-07-14 10:23:53 (1 hour ago)	fail2ban/ufw - Port scan detected. ...	Port Scan
Unwasted	2025-07-14 07:15:32 (4 hours ago)	Blocked IP still knocking	Hacking
Sawasdee	2025-07-14 05:16:27 (6 hours ago)	Port Scan ...	Port Scan
sefinek.net	2025-07-14 02:57:38 (9 hours ago)	Honeypot hit: Empty payload (likely service probe); 12000 [1] TCP	Port Scan
webbfabriken	2025-07-14 02:24:40 (9 hours ago)	spam or other hacking activities reported by webbfabriken security servers Attack reported by ... show morespam or other hacking activities reported by webbfabriken security servers Attack reported by Webbfabriken Security API - WFSecAPI show less	Web Spam
nikito7	2025-07-14 01:33:07 (10 hours ago)	SSH-Multi login Attempt	Brute-Force SSH
routerjockey	2025-07-13 23:19:09 (12 hours ago)	[sensor1] Observed 14 TCP SYN probes in the past 6 hours [Top ports 541/tcp(9x) 32400/tcp(5x)]	Port Scan
keechi	2025-07-13 22:03:10 (14 hours ago)	2025-06-29T00:39:51.086462+02:00 nextcloudpi postfix/smtpd[485960]: improper command pipelining afte ... show more2025-06-29T00:39:51.086462+02:00 nextcloudpi postfix/smtpd[485960]: improper command pipelining after CONNECT from unknown[162.142.125.221]: \026\003\003\001\246\001\000\001\242\003\003\273\t\004\000\027\030\266t\262\347\374\237\314N\020DS\a\307\275\025\345M\31172\356\374\030\233\v\210 9?\342\023\223\227\2532\321vz4\270<)7\224q\006\211!3H\277\207\254\255O\026D\024\306\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237 ... show less	Brute-Force
ifiguero	2025-07-13 20:06:11 (15 hours ago)	Recursive Query Request. 12h ban	Port Scan
major_tom	2025-07-13 18:41:08 (17 hours ago)	Nginx - URL probing, bad requests 400-401-403-404-444	Bad Web Bot Web App Attack
PvH	2025-07-13 18:05:26 (17 hours ago)	Unsolicited connection attempts to port 22	Hacking SSH
W8C Dev	2025-07-13 17:31:29 (18 hours ago)	Jul 13 14:31:28 vmori-manager-1 sshd[135011]: Connection closed by 162.142.125.221 port 40988 [preau ... show moreJul 13 14:31:28 vmori-manager-1 sshd[135011]: Connection closed by 162.142.125.221 port 40988 [preauth] ... show less	Brute-Force SSH
GabrielJST	2025-07-13 16:56:25 (19 hours ago)	Port Scan detected from 162.142.125.221 (US/United States/scanner-25.ch1.censys-scanner.com).	Port Scan
Study Bitcoin 🤗	2025-07-13 16:42:49 (19 hours ago)	5 port probes: 5x tcp/500 (isakmp) [ros]	Port Scan
cloudmax	2025-07-13 16:40:40 (19 hours ago)	Jul 13 18:40:35 cloud kernel: [UFW BLOCK] IN=ens18 OUT= MAC=bc:24:11:f8:1e:a2:8e:90:b4:4f:e1:98:08:0 ... show moreJul 13 18:40:35 cloud kernel: [UFW BLOCK] IN=ens18 OUT= MAC=bc:24:11:f8:1e:a2:8e:90:b4:4f:e1:98:08:00 SRC=162.142.125.221 DST=144.76.145.229 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=3968 DF PROTO=TCP SPT=56436 DPT=19999 WINDOW=21900 RES=0x00 SYN URGP=0 Jul 13 18:40:36 cloud kernel: [UFW BLOCK] IN=ens18 OUT= MAC=bc:24:11:f8:1e:a2:8e:90:b4:4f:e1:98:08:00 SRC=162.142.125.221 DST=144.76.145.229 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=3969 DF PROTO=TCP SPT=56436 DPT=19999 WINDOW=21900 RES=0x00 SYN URGP=0 Jul 13 18:40:38 cloud kernel: [UFW BLOCK] IN=ens18 OUT= MAC=bc:24:11:f8:1e:a2:8e:90:b4:4f:e1:98:08:00 SRC=162.142.125.221 DST=144.76.145.229 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=3970 DF PROTO=TCP SPT=56436 DPT=19999 WINDOW=21900 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 17428 reports

1
2
3
4
5
6
7
8
9
10
...
1161
1162
›

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

104.168.35.231

92.118.39.71

139.19.117.129

167.172.161.100

66.8.6.153

103.207.148.148

31.173.2.182

113.11.34.221

91.231.89.214

93.35.144.118

118.194.231.208

64.23.245.138

146.190.21.215

20.65.194.87

123.209.67.66

2a00:1450:4013:c14::12c

167.94.138.102

2607:f130:0:103:ff:ff:f02c:3079

167.94.145.90

128.199.157.145