必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Censys Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbotsspam
Multiport scan 48 ports : 2 21 23 53 81(x2) 83(x2) 88(x3) 110(x2) 123 143(x2) 161 222(x3) 445 465(x2) 591(x2) 623(x2) 631 990(x3) 993(x2) 995 1194(x2) 1311 1883 2082 2222 2323 3306(x2) 5432 5632(x2) 5672(x2) 5683(x3) 5684 5900(x2) 5901 5902(x2) 5903(x2) 6443 8080 8081 8088(x2) 8089(x2) 8443 8888 9090(x2) 9200 16992 16993 20000(x3)
2020-10-05 05:44:48
attackspambots
 TCP (SYN) 162.142.125.18:20616 -> port 5900, len 44
2020-10-04 21:40:54
attackspam
firewall-block, port(s): 20000/tcp
2020-10-04 13:27:20
attackspam
 TCP (SYN) 162.142.125.18:16923 -> port 80, len 44
2020-09-30 03:54:40
attackspam
MultiHost/MultiPort Probe, Scan, Hack -
2020-09-29 20:01:49
attackbots
Unauthorized connection attempt from IP address 162.142.125.18 on Port 445(SMB)
2020-09-29 12:09:57
attackspambots
 TCP (SYN) 162.142.125.18:57317 -> port 3306, len 44
2020-08-28 00:40:28
相同子网IP讨论:
IP 类型 评论内容 时间
162.142.125.86 botsattack
Bad IP
2025-03-06 19:09:23
162.142.125.197 attackproxy
Fraud connect
2024-09-05 12:48:39
162.142.125.12 proxy
Scan
2023-06-05 16:37:12
162.142.125.11 proxy
VPN fraud
2023-06-05 12:59:49
162.142.125.223 proxy
VPN fraud
2023-05-31 21:46:50
162.142.125.225 proxy
VPN fraud
2023-05-29 12:47:59
162.142.125.84 proxy
VPN scan
2023-05-22 12:51:31
162.142.125.224 proxy
VPN fraud
2023-05-18 12:47:47
162.142.125.89 proxy
VPN f
2023-05-13 12:57:08
162.142.125.217 proxy
VPN fraud
2023-05-13 12:54:50
162.142.125.14 proxy
VPN fraud
2023-05-12 14:21:18
162.142.125.214 proxy
VPN fraud
2023-03-31 12:54:37
162.142.125.87 proxy
VPN fraud
2023-03-29 12:58:45
162.142.125.13 proxy
VPN fraud
2023-03-29 12:56:42
162.142.125.10 attack
DANGER DUDE ATTACK
2022-02-18 10:02:36
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.142.125.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6210
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.142.125.18.			IN	A

;; AUTHORITY SECTION:
.			549	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082701 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 28 00:40:18 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
18.125.142.162.in-addr.arpa domain name pointer scanner-01.ch1.censys-scanner.com.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.125.142.162.in-addr.arpa	name = scanner-01.ch1.censys-scanner.com.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
129.204.245.6 attack
Time:     Thu Sep 10 12:48:18 2020 +0000
IP:       129.204.245.6 (CN/China/-)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep 10 12:27:50 ca-1-ams1 sshd[22591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.245.6  user=root
Sep 10 12:27:52 ca-1-ams1 sshd[22591]: Failed password for root from 129.204.245.6 port 42902 ssh2
Sep 10 12:43:24 ca-1-ams1 sshd[23197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.245.6  user=root
Sep 10 12:43:27 ca-1-ams1 sshd[23197]: Failed password for root from 129.204.245.6 port 44096 ssh2
Sep 10 12:48:15 ca-1-ams1 sshd[23334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.245.6  user=root
2020-09-10 22:33:24
190.141.172.90 attackspam
20/9/9@12:55:39: FAIL: Alarm-Network address from=190.141.172.90
20/9/9@12:55:39: FAIL: Alarm-Network address from=190.141.172.90
...
2020-09-10 22:41:53
108.30.160.14 attackspambots
108.30.160.14 (US/United States/pool-108-30-160-14.nycmny.fios.verizon.net), 12 distributed sshd attacks on account [root] in the last 3600 secs
2020-09-10 22:30:34
222.186.61.115 attackspambots
Found on   CINS badguys     / proto=6  .  srcport=43504  .  dstport=8000  .     (291)
2020-09-10 22:24:47
203.210.134.7 attackspambots
1599670549 - 09/09/2020 18:55:49 Host: 203.210.134.7/203.210.134.7 Port: 445 TCP Blocked
2020-09-10 22:38:08
91.134.138.46 attack
Sep  9 14:53:51 s158375 sshd[6377]: Failed password for invalid user xerox from 91.134.138.46 port 37868 ssh2
2020-09-10 23:01:36
190.113.115.90 attackbotsspam
Port Scan: TCP/443
2020-09-10 22:22:50
159.203.102.122 attackspambots
scans once in preceeding hours on the ports (in chronological order) 27839 resulting in total of 9 scans from 159.203.0.0/16 block.
2020-09-10 22:45:11
199.193.204.188 attack
Sent VOIP email and attachment which contained a trojan
2020-09-10 22:34:54
51.83.57.157 attack
$f2bV_matches
2020-09-10 22:33:08
210.18.159.82 attackspambots
Sep 10 04:25:48 dignus sshd[5562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.159.82  user=root
Sep 10 04:25:50 dignus sshd[5562]: Failed password for root from 210.18.159.82 port 55074 ssh2
Sep 10 04:30:21 dignus sshd[6004]: Invalid user mineria from 210.18.159.82 port 33776
Sep 10 04:30:21 dignus sshd[6004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.18.159.82
Sep 10 04:30:23 dignus sshd[6004]: Failed password for invalid user mineria from 210.18.159.82 port 33776 ssh2
...
2020-09-10 22:57:47
106.12.5.48 attackbots
srv02 Mass scanning activity detected Target: 4845  ..
2020-09-10 22:51:54
111.230.210.229 attack
Sep 10 09:03:25 root sshd[26612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.210.229 
Sep 10 09:15:47 root sshd[7027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.210.229 
...
2020-09-10 22:49:14
185.247.224.61 attackbots
Sep 10 12:57:46 marvibiene sshd[63313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.247.224.61  user=root
Sep 10 12:57:48 marvibiene sshd[63313]: Failed password for root from 185.247.224.61 port 40056 ssh2
Sep 10 12:57:51 marvibiene sshd[63313]: Failed password for root from 185.247.224.61 port 40056 ssh2
Sep 10 12:57:46 marvibiene sshd[63313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.247.224.61  user=root
Sep 10 12:57:48 marvibiene sshd[63313]: Failed password for root from 185.247.224.61 port 40056 ssh2
Sep 10 12:57:51 marvibiene sshd[63313]: Failed password for root from 185.247.224.61 port 40056 ssh2
2020-09-10 22:20:23
185.191.171.22 attackbots
Malicious Traffic/Form Submission
2020-09-10 22:25:15

最近上报的IP列表

180.254.60.82 125.25.44.57 106.53.229.196 203.192.230.222
59.95.145.54 45.142.120.209 212.102.57.138 179.176.13.85
120.9.84.63 83.96.11.210 23.106.123.32 83.8.234.209
202.153.33.50 188.92.209.170 49.235.114.186 39.38.99.217
5.173.16.12 113.134.215.20 110.54.246.140 219.100.37.1