IP Address

142.202.188.221

IPv4 Public
US US
AS398019
DYNU
6,712 Reports
This IP is under Observation Suspicious activity detected - monitor closely
10/10 Threat
59% Confidence
6,712 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
US
US Location
DYNU ASN 398019
6,712 Reports
Honeypot Data Source

Critical Threat

IP 142.202.188.221 is classified as a maximum-threat address (10/10) with 6,712 total abuse reports, the overwhelming majority documenting hacking activity detected by automated honeypot sensors over a three-month window from December 2025 through February 2026. This volume of reported incidents places the IP among the most aggressively tracked addresses in contemporary threat-feeds, and its United States origin within AS398019 (DYNU) infrastructure makes it a persistent concern for operators maintaining internet-facing services. Despite the extreme report count, the activity frequency score of 0/10 indicates the address is not currently conducting active operations, though historical behavior remains the primary risk indicator.

The evidence base supporting this threat assessment derives entirely from 20 separate automated honeypot sensor reports, each categorizing the observed activity under the hacking classification. The 60% confidence score reflects uncertainty in attributing the activity definitively to a single threat actor or coordinated campaign, yet the sheer volume of incidents across multiple detection points establishes a clear pattern of malicious intent. The address was first documented in December 2025 and continued generating reports through February 2026, suggesting sustained probing rather than isolated opportunistic scanning. Network registration data ties the IP to DYNU, a dynamic DNS and related services provider, which threat-intelligence analysts frequently associate with threat infrastructure due to its ease of IP rotation and anonymity features.

Hacking activity, as documented in these reports, encompasses the full spectrum of intrusion tradecraft including vulnerability enumeration, exploitation attempts against unpatched services, and unauthorized access probing. For an organization with an exposed SSH, RDP, web application, or database port, a source generating thousands of hacking reports represents a concrete risk of credential compromise, data exfiltration, or malware delivery if defensive controls fail. The repeated nature of the reports across three months suggests the source is systematically scanning broad network ranges rather than targeting specific victims, meaning any vulnerable service in its path faces exposure. Even dormant threat indicators warrant attention, as addresses associated with prolific hacking infrastructure frequently return to active scanning after rotational periods.

More threatening than 89% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Reputable Network

This IP is hosted on a network (ASN 398019) with generally good reputation. The ISP DYNU maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Continue monitoring for emerging patterns.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 10/10 Critical
Critical
Activity Frequency 0/10 Inactive
Confidence Score 59% High Confidence

Confidence History

24. Jan 2026 - 11. Feb 2026
59% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
Hacking Honeypot x7 75%
Hacking Honeypot x169 75%
Hacking Honeypot x97 75%
Hacking Honeypot x119 75%
Hacking Honeypot x105 75%
Hacking Honeypot x110 75%
Hacking Honeypot x72 75%
Hacking Honeypot x124 75%
Hacking Honeypot x193 75%
Hacking Honeypot x129 75%
Hacking Honeypot x119 75%
Hacking Honeypot x115 75%
Hacking Honeypot x199 75%
Hacking Honeypot x187 75%
Hacking Honeypot x70 75%
Hacking Honeypot x114 75%
Hacking Honeypot x171 75%
Hacking Honeypot x139 75%
Hacking Honeypot x125 75%
Hacking Honeypot x54 75%
Hacking Honeypot 75%
Hacking Honeypot x21 75%
Hacking Honeypot x78 75%
Hacking Honeypot x112 75%
Hacking Honeypot x56 75%
Hacking Honeypot x144 75%
Hacking Honeypot x60 75%
Hacking Honeypot x83 75%
Hacking Honeypot x110 75%
Hacking Honeypot x184 75%
10 of 6712 shown

Technical Details

Basic Information

IP Address
142.202.188.221
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class B

Geolocation

Country
US US
ASN
AS398019
ISP
DYNU

DNS Information

Reverse DNS
unassigned.142-202-188-221.spryt.net
PTR Record
Yes
Connection Type
Dynamic

Statistics

Total Reports
6,712
First Reported
15 Dec 2025
Last Reported
11 Feb 2026, 10:01

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS398019
Dynu Systems Incorporated
US US

Network Threat Assessment

2/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

13
Total IPs Monitored
23,933
Total Reports
1841
Reports per IP

Network Context

This IP address belongs to Dynu Systems Incorporated (AS398019), which manages 13 IP addresses in our monitoring system. Out of these, 23,933 have been reported for suspicious activities, resulting in a network-wide threat level of 2/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

89 %

Global Threat Ranking

This IP is more threatening than 89% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,498 reported IPs worldwide

Threat Level 10/10 avg: 5.3 ++
Total Reports 6,712 avg: 23 ++

Network Comparison

Compared against 13 IPs in ASN 398019

Threat Level 10/10 network avg: 9.2 =
Total Reports 6,712 network avg: 1,841 ++
Network DYNU has overall threat level 2/10

Geographic Comparison

Compared against 38,456 IPs in US

Threat Level 10/10 country avg: 5.9 ++
Total Reports 6,712 country avg: 41 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,140 threat incidents tracked globally • Last 24h: 19,043 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US THIS IP
    38,446 20.5%
  2. 02
    IN
    India IN
    29,023 15.5%
  3. 03
    CN
    China CN
    26,021 13.9%
  4. 04
    BR
    Brazil BR
    10,256 5.5%
  5. 05
    DE
    Germany DE
    7,142 3.8%
  6. 06
    SG
    Singapore SG
    6,476 3.5%
  7. 07
    ID
    Indonesia ID
    5,539 3%
  8. 08
    RU
    Russia RU
    4,703 2.5%
  9. 09
    PK
    Pakistan PK
    4,654 2.5%
  10. 10
    NL
    Netherlands NL
    4,356 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same subnet range, likely same network segment.

1 Related IPs
10/10 Avg Threat
63% Avg Confidence
1 High Threat
High-risk network: Majority of related IPs are flagged
142.202.188.211 10/10
Confidence 63%
Reports 4,136
Location US US
8 Apr 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.3/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
208.109.188.137 8/10
Confidence 100%
Reports 514
ISP GO-DADDY-COM-LLC
9 Jun 2026
50.6.7.129 8/10
Confidence 100%
Reports 447
ISP ORACLE-BMC-31898
22 May 2026
72.167.150.128 8/10
Confidence 100%
Reports 429
ISP GO-DADDY-COM-LLC
27 May 2026
50.6.229.148 8/10
Confidence 100%
Reports 346
ISP ORACLE-BMC-31898
9 May 2026
87.121.84.30 8/10
Confidence 100%
Reports 295
ISP Vpsvault.host Ltd
20 Apr 2026
50.6.226.221 10/10
Confidence 100%
Reports 223
ISP ORACLE-BMC-31898
2 Mar 2026
31.57.184.107 8/10
Confidence 100%
Reports 202
ISP Netiface LLC
3 Jun 2026
64.31.25.250 8/10
Confidence 100%
Reports 176
ISP Limestone Netwo...
8 Jun 2026
74.206.180.196 8/10
Confidence 100%
Reports 143
ISP MOJOHOST
4 Jun 2026
35.226.7.126 8/10
Confidence 100%
Reports 131
ISP Google LLC
18 May 2026
147.135.37.185 8/10
Confidence 100%
Reports 131
ISP OVH SAS
14 May 2026
162.241.152.21 8/10
Confidence 100%
Reports 126
ISP Network Solutio...
8 Jun 2026
38.95.35.74 8/10
Confidence 100%
Reports 112
ISP Limestone Netwo...
2 Jun 2026
50.6.169.131 8/10
Confidence 100%
Reports 106
ISP Network Solutio...
6 Jun 2026
162.214.206.32 10/10
Confidence 100%
Reports 98
ISP Unified Layer
30 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
59% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
77.90.185.141 10/10
Confidence 59%
Reports 46,654
Location DE DE
11 Nov 2025
198.23.190.58 10/10
Confidence 59%
Reports 40,333
Location US US
17 Nov 2025
45.234.176.18 8/10
Confidence 59%
Reports 31,506
Location BR BR
5 Oct 2025
103.146.203.60 10/10
Confidence 59%
Reports 31,330
Location ID ID
1 Sep 2025
176.65.134.8 10/10
Confidence 59%
Reports 29,990
Location DE DE
29 Sep 2025
176.65.134.7 7/10
Confidence 59%
Reports 26,776
Location DE DE
21 Sep 2025
2.57.121.148 10/10
Confidence 59%
Reports 25,577
Location RO RO
1 Oct 2025
103.91.140.28 10/10
Confidence 59%
Reports 23,540
Location PH PH
16 Sep 2025
206.81.13.37 8/10
Confidence 59%
Reports 20,549
Location US US
5 Sep 2025
104.164.110.7 10/10
Confidence 59%
Reports 17,849
Location US US
27 Dec 2025
185.243.96.105 10/10
Confidence 59%
Reports 17,727
Location UA UA
5 Feb 2026
45.187.40.40 10/10
Confidence 59%
Reports 16,203
Location BR BR
9 Sep 2025
198.12.68.114 10/10
Confidence 59%
Reports 14,600
Location US US
17 Nov 2025
173.231.185.164 10/10
Confidence 59%
Reports 14,563
Location US US
15 Sep 2025
103.162.15.126 10/10
Confidence 59%
Reports 13,612
Location VN VN
8 Nov 2025

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "142.202.188.221",
    "threat_level": 10,
    "confidence_score": 59,
    "total_reports": 6712,
    "country_code": "US",
    "isp_name": "DYNU",
    "asn": "398019",
    "first_reported": "2025-12-15 12:52:46",
    "last_reported": "2026-02-11 10:01:26",
    "exported_at": "2026-06-09T09:09:37+02:00",
    "source": "https://reportedip.de/ip/142.202.188.221/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses