162.142.125.37

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Censys Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Oct 9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) ...	2020-10-11 04:07:26
attackspambots	Oct 9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) ...	2020-10-10 20:02:55

Type

Details

Datetime

attackbotsspam

Oct  9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp)
Oct  9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp)
Oct  9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp)
...

2020-10-11 04:07:26

attackspambots

Oct  9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp)
Oct  9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp)
Oct  9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp)
...

2020-10-10 20:02:55

Comments on same subnet:

IP	Type	Details	Datetime
162.142.125.86	botsattack	Bad IP	2025-03-06 19:09:23
162.142.125.197	attackproxy	Fraud connect	2024-09-05 12:48:39
162.142.125.12	proxy	Scan	2023-06-05 16:37:12
162.142.125.11	proxy	VPN fraud	2023-06-05 12:59:49
162.142.125.223	proxy	VPN fraud	2023-05-31 21:46:50
162.142.125.225	proxy	VPN fraud	2023-05-29 12:47:59
162.142.125.84	proxy	VPN scan	2023-05-22 12:51:31
162.142.125.224	proxy	VPN fraud	2023-05-18 12:47:47
162.142.125.89	proxy	VPN f	2023-05-13 12:57:08
162.142.125.217	proxy	VPN fraud	2023-05-13 12:54:50
162.142.125.14	proxy	VPN fraud	2023-05-12 14:21:18
162.142.125.214	proxy	VPN fraud	2023-03-31 12:54:37
162.142.125.87	proxy	VPN fraud	2023-03-29 12:58:45
162.142.125.13	proxy	VPN fraud	2023-03-29 12:56:42
162.142.125.10	attack	DANGER DUDE ATTACK	2022-02-18 10:02:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.142.125.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18670
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.142.125.37.			IN	A

;; AUTHORITY SECTION:
.			140	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101000 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 10 20:02:51 CST 2020
;; MSG SIZE  rcvd: 118

Host info

37.125.142.162.in-addr.arpa domain name pointer scanner-04.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
37.125.142.162.in-addr.arpa	name = scanner-04.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
144.202.60.122	attackspam	17.04.2020 14:01:12 Recursive DNS scan	2020-04-17 23:32:40
141.98.81.83	attackspambots	Apr 17 14:41:46 work-partkepr sshd\[13731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.83 user=root Apr 17 14:41:48 work-partkepr sshd\[13731\]: Failed password for root from 141.98.81.83 port 44987 ssh2 ...	2020-04-17 22:51:53
213.251.184.102	attack	$f2bV_matches	2020-04-17 22:58:53
64.202.187.152	attack	SSH Brute-Forcing (server2)	2020-04-17 22:53:52
213.177.106.126	attackbotsspam	(sshd) Failed SSH login from 213.177.106.126 (RU/Russia/mail.npsk-msk.ru): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 17 17:30:23 ubnt-55d23 sshd[14366]: Invalid user jz from 213.177.106.126 port 55832 Apr 17 17:30:28 ubnt-55d23 sshd[14366]: Failed password for invalid user jz from 213.177.106.126 port 55832 ssh2	2020-04-17 23:32:57
119.200.254.138	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 22:45:22
181.188.135.64	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-17 23:01:26
82.64.129.178	attack	Apr 17 16:41:58 localhost sshd\[13088\]: Invalid user ac from 82.64.129.178 Apr 17 16:41:58 localhost sshd\[13088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.129.178 Apr 17 16:42:00 localhost sshd\[13088\]: Failed password for invalid user ac from 82.64.129.178 port 44094 ssh2 Apr 17 16:44:00 localhost sshd\[13205\]: Invalid user admin from 82.64.129.178 Apr 17 16:44:00 localhost sshd\[13205\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.64.129.178 ...	2020-04-17 23:03:23
78.85.28.149	attackbots	Honeypot attack, port: 445, PTR: a149.sub28.net78.udm.net.	2020-04-17 23:27:32
103.81.85.21	attackbots	wp-login scan	2020-04-17 22:49:46
159.138.65.35	attack	Apr 17 10:51:13 web8 sshd\[8246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.65.35 user=root Apr 17 10:51:16 web8 sshd\[8246\]: Failed password for root from 159.138.65.35 port 42922 ssh2 Apr 17 10:55:05 web8 sshd\[10354\]: Invalid user admin from 159.138.65.35 Apr 17 10:55:05 web8 sshd\[10354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.138.65.35 Apr 17 10:55:07 web8 sshd\[10354\]: Failed password for invalid user admin from 159.138.65.35 port 56502 ssh2	2020-04-17 23:02:47
77.247.109.5	attack	2020-04-17T16:29:46.399168+02:00 lumpi kernel: [12423541.278554] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=77.247.109.5 DST=78.46.199.189 LEN=40 TOS=0x08 PREC=0x00 TTL=241 ID=26608 PROTO=TCP SPT=51422 DPT=8888 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-04-17 22:53:30
113.161.53.147	attack	2020-04-17T16:07:20.544065amanda2.illicoweb.com sshd\[22085\]: Invalid user zj from 113.161.53.147 port 41827 2020-04-17T16:07:20.547000amanda2.illicoweb.com sshd\[22085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.53.147 2020-04-17T16:07:22.996458amanda2.illicoweb.com sshd\[22085\]: Failed password for invalid user zj from 113.161.53.147 port 41827 ssh2 2020-04-17T16:16:32.790432amanda2.illicoweb.com sshd\[22640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.53.147 user=root 2020-04-17T16:16:35.019081amanda2.illicoweb.com sshd\[22640\]: Failed password for root from 113.161.53.147 port 40981 ssh2 ...	2020-04-17 23:16:50
185.132.53.13	attackspambots	Portscan	2020-04-17 23:29:28
132.145.200.223	attackbots	Apr 17 16:32:07 163-172-32-151 sshd[4746]: Invalid user testing from 132.145.200.223 port 35632 ...	2020-04-17 22:52:37

Recently Reported IPs

182.155.206.29	42.111.253.46	36.68.40.23	72.183.12.161
182.53.55.226	162.142.125.32	93.125.1.208	222.185.38.221
106.12.167.216	179.96.176.216	120.52.93.223	159.89.24.95
121.149.93.185	111.229.108.132	162.158.92.24	162.158.90.98
5.160.84.178	121.178.197.109	176.36.131.100	202.69.171.51