162.142.125.67

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Censys Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	TCP (SYN) 162.142.125.67:56373 -> port 12580, len 44	2020-10-13 21:46:43
attackspambots	[Tue Oct 13 06:54:37 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=162.142.125.67 DST=MYSERVERIP LEN=44 TOS=0x00 PREC=0x00 TTL=42 ID=44979 PROTO=TCP SPT=11729 DPT=8425 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 8425	2020-10-13 13:12:15
attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-13 05:58:30

类型

评论内容

时间

attackbots

 TCP (SYN) 162.142.125.67:56373 -> port 12580, len 44

2020-10-13 21:46:43

attackspambots

[Tue Oct 13 06:54:37 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=162.142.125.67 DST=MYSERVERIP LEN=44 TOS=0x00 PREC=0x00 TTL=42 ID=44979 PROTO=TCP SPT=11729 DPT=8425 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 8425

2020-10-13 13:12:15

attackspam

[N10.H2.VM2] Port Scanner Detected Blocked by UFW

2020-10-13 05:58:30

相同子网IP讨论:

IP	类型	评论内容	时间
162.142.125.86	botsattack	Bad IP	2025-03-06 19:09:23
162.142.125.197	attackproxy	Fraud connect	2024-09-05 12:48:39
162.142.125.12	proxy	Scan	2023-06-05 16:37:12
162.142.125.11	proxy	VPN fraud	2023-06-05 12:59:49
162.142.125.223	proxy	VPN fraud	2023-05-31 21:46:50
162.142.125.225	proxy	VPN fraud	2023-05-29 12:47:59
162.142.125.84	proxy	VPN scan	2023-05-22 12:51:31
162.142.125.224	proxy	VPN fraud	2023-05-18 12:47:47
162.142.125.89	proxy	VPN f	2023-05-13 12:57:08
162.142.125.217	proxy	VPN fraud	2023-05-13 12:54:50
162.142.125.14	proxy	VPN fraud	2023-05-12 14:21:18
162.142.125.214	proxy	VPN fraud	2023-03-31 12:54:37
162.142.125.87	proxy	VPN fraud	2023-03-29 12:58:45
162.142.125.13	proxy	VPN fraud	2023-03-29 12:56:42
162.142.125.10	attack	DANGER DUDE ATTACK	2022-02-18 10:02:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.142.125.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41996
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.142.125.67.			IN	A

;; AUTHORITY SECTION:
.			258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101202 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 13 05:58:26 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

67.125.142.162.in-addr.arpa domain name pointer scanner-10.ch1.censys-scanner.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.125.142.162.in-addr.arpa	name = scanner-10.ch1.censys-scanner.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
45.143.220.46	attackbotsspam	\[2019-11-06 16:10:51\] NOTICE\[2601\] chan_sip.c: Registration from '"300" \' failed for '45.143.220.46:5122' - Wrong password \[2019-11-06 16:10:51\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-06T16:10:51.577-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="300",SessionID="0x7fdf2c2fde48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.46/5122",Challenge="589e2855",ReceivedChallenge="589e2855",ReceivedHash="91506c651077ed3c7a71f16722838119" \[2019-11-06 16:10:51\] NOTICE\[2601\] chan_sip.c: Registration from '"300" \' failed for '45.143.220.46:5122' - Wrong password \[2019-11-06 16:10:51\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-06T16:10:51.674-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="300",SessionID="0x7fdf2c17e0f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.1	2019-11-07 05:19:49
183.6.155.108	attackspam	2019-11-06T18:35:03.923879abusebot-5.cloudsearch.cf sshd\[10385\]: Invalid user administrador from 183.6.155.108 port 9802	2019-11-07 05:12:46
165.22.61.82	attackspam	Automatic report - Banned IP Access	2019-11-07 05:17:33
95.154.81.65	attackspambots	proto=tcp . spt=59111 . dpt=25 . (Listed on truncate-gbudb also unsubscore and rbldns-ru) (585)	2019-11-07 05:07:05
180.253.111.21	attack	Unauthorized connection attempt from IP address 180.253.111.21 on Port 445(SMB)	2019-11-07 05:09:22
152.136.191.138	attackbotsspam	2019-11-06 03:09:39 server sshd[85928]: Failed password for invalid user root from 152.136.191.138 port 40965 ssh2	2019-11-07 05:19:15
80.82.77.0	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-07 05:05:12
222.186.175.140	attack	2019-11-06T22:09:32.214544stark.klein-stark.info sshd\[6654\]: Failed none for root from 222.186.175.140 port 42898 ssh2 2019-11-06T22:09:33.502637stark.klein-stark.info sshd\[6654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.140 user=root 2019-11-06T22:09:34.985689stark.klein-stark.info sshd\[6654\]: Failed password for root from 222.186.175.140 port 42898 ssh2 ...	2019-11-07 05:20:41
185.112.250.126	attack	DATE:2019-11-06 15:32:26, IP:185.112.250.126, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-11-07 05:17:10
77.88.192.77	attackspambots	Unauthorized connection attempt from IP address 77.88.192.77 on Port 445(SMB)	2019-11-07 05:31:32
111.59.93.76	attackbots	scan r	2019-11-07 05:26:38
188.165.242.200	attackbotsspam	Aug 22 05:32:55 microserver sshd[13163]: Invalid user vt from 188.165.242.200 port 57326 Aug 22 05:32:55 microserver sshd[13163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.242.200 Aug 22 05:32:57 microserver sshd[13163]: Failed password for invalid user vt from 188.165.242.200 port 57326 ssh2 Aug 22 05:40:48 microserver sshd[14384]: Invalid user owen from 188.165.242.200 port 41028 Aug 22 05:40:48 microserver sshd[14384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.242.200 Aug 23 22:13:07 microserver sshd[61599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.242.200 user=root Aug 23 22:13:09 microserver sshd[61599]: Failed password for root from 188.165.242.200 port 57804 ssh2 Aug 23 22:21:11 microserver sshd[62777]: Invalid user ankesh from 188.165.242.200 port 42404 Aug 23 22:21:11 microserver sshd[62777]: pam_unix(sshd:auth): authentication failure; lo	2019-11-07 05:39:42
178.159.100.190	attackspam	B: zzZZzz blocked content access	2019-11-07 05:22:25
113.179.33.71	attack	Unauthorized connection attempt from IP address 113.179.33.71 on Port 445(SMB)	2019-11-07 05:22:51
106.12.89.118	attackbotsspam	Nov 6 17:42:44 MK-Soft-VM4 sshd[29655]: Failed password for root from 106.12.89.118 port 48798 ssh2 ...	2019-11-07 05:21:08

最近上报的IP列表

51.77.63.162	49.229.69.4	150.147.190.82	103.223.8.95
177.92.21.2	102.114.15.254	62.221.113.81	189.190.40.87
141.101.25.191	176.123.8.128	106.75.77.230	103.83.247.126
64.225.126.22	112.35.92.119	34.64.79.191	158.69.88.77
61.2.14.242	79.137.50.77	112.85.23.87	36.66.40.13