162.142.125.40

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Censys Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 9 23:44:33 baraca inetd[34221]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:35 baraca inetd[34222]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) Oct 9 23:44:36 baraca inetd[34225]: refused connection from scanner-04.ch1.censys-scanner.com, service sshd (tcp) ...	2020-10-10 20:02:33
attackspam	Automatic report - Banned IP Access	2020-08-31 15:06:27
attackbotsspam	Aug 23 17:45:23 askasleikir openvpn[513]: 162.142.125.40:40884 TLS ERROR: initial packet local/remote key_method mismatch, local key_method=2, op=P_CONTROL_HARD_RESET_CLIENT_V1	2020-08-24 07:49:04
attackbots	Aug 22 23:32:47 baraca inetd[9881]: refused connection from scanner-05.ch1.censys-scanner.com, service sshd (tcp) Aug 22 23:32:48 baraca inetd[9882]: refused connection from scanner-05.ch1.censys-scanner.com, service sshd (tcp) Aug 22 23:32:49 baraca inetd[9883]: refused connection from scanner-05.ch1.censys-scanner.com, service sshd (tcp) ...	2020-08-23 05:56:13

Comments on same subnet:

IP	Type	Details	Datetime
162.142.125.86	botsattack	Bad IP	2025-03-06 19:09:23
162.142.125.197	attackproxy	Fraud connect	2024-09-05 12:48:39
162.142.125.12	proxy	Scan	2023-06-05 16:37:12
162.142.125.11	proxy	VPN fraud	2023-06-05 12:59:49
162.142.125.223	proxy	VPN fraud	2023-05-31 21:46:50
162.142.125.225	proxy	VPN fraud	2023-05-29 12:47:59
162.142.125.84	proxy	VPN scan	2023-05-22 12:51:31
162.142.125.224	proxy	VPN fraud	2023-05-18 12:47:47
162.142.125.89	proxy	VPN f	2023-05-13 12:57:08
162.142.125.217	proxy	VPN fraud	2023-05-13 12:54:50
162.142.125.14	proxy	VPN fraud	2023-05-12 14:21:18
162.142.125.214	proxy	VPN fraud	2023-03-31 12:54:37
162.142.125.87	proxy	VPN fraud	2023-03-29 12:58:45
162.142.125.13	proxy	VPN fraud	2023-03-29 12:56:42
162.142.125.10	attack	DANGER DUDE ATTACK	2022-02-18 10:02:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.142.125.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23002
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.142.125.40.			IN	A

;; AUTHORITY SECTION:
.			362	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082201 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 23 05:56:09 CST 2020
;; MSG SIZE  rcvd: 118

Host info

40.125.142.162.in-addr.arpa domain name pointer scanner-05.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
40.125.142.162.in-addr.arpa	name = scanner-05.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.136.179.20	attack	2019-08-27 00:20:08 H=([177.136.179.20]) [177.136.179.20]:2651 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=177.136.179.20) 2019-08-27 00:20:08 unexpected disconnection while reading SMTP command from ([177.136.179.20]) [177.136.179.20]:2651 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-08-27 01:25:10 H=([177.136.179.20]) [177.136.179.20]:2096 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=177.136.179.20) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.136.179.20	2019-08-27 08:08:03
222.186.15.18	attackbots	Aug 26 20:06:28 plusreed sshd[31012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root Aug 26 20:06:30 plusreed sshd[31012]: Failed password for root from 222.186.15.18 port 30004 ssh2 ...	2019-08-27 08:10:04
5.199.130.188	attackspambots	Aug 27 01:56:36 rpi sshd[8656]: Failed password for sshd from 5.199.130.188 port 32775 ssh2 Aug 27 01:56:40 rpi sshd[8656]: Failed password for sshd from 5.199.130.188 port 32775 ssh2	2019-08-27 07:57:33
61.224.140.86	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-27 07:41:19
43.231.61.147	attackbotsspam	$f2bV_matches	2019-08-27 07:54:43
43.243.127.212	attackspambots	Aug 27 02:01:17 OPSO sshd\[3253\]: Invalid user raquel from 43.243.127.212 port 36836 Aug 27 02:01:17 OPSO sshd\[3253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.243.127.212 Aug 27 02:01:18 OPSO sshd\[3253\]: Failed password for invalid user raquel from 43.243.127.212 port 36836 ssh2 Aug 27 02:07:45 OPSO sshd\[4208\]: Invalid user csgo from 43.243.127.212 port 55138 Aug 27 02:07:45 OPSO sshd\[4208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.243.127.212	2019-08-27 08:16:33
43.240.103.179	attackspambots	SPF Fail sender not permitted to send mail for @longimanus.it / Sent mail to address hacked/leaked from Dailymotion	2019-08-27 08:20:00
51.83.45.151	attack	Invalid user labor from 51.83.45.151 port 44844	2019-08-27 08:05:36
188.226.167.212	attackbotsspam	Aug 26 13:54:14 web1 sshd\[10594\]: Invalid user dvr from 188.226.167.212 Aug 26 13:54:14 web1 sshd\[10594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.167.212 Aug 26 13:54:16 web1 sshd\[10594\]: Failed password for invalid user dvr from 188.226.167.212 port 56502 ssh2 Aug 26 13:58:08 web1 sshd\[10971\]: Invalid user lshields from 188.226.167.212 Aug 26 13:58:08 web1 sshd\[10971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.167.212	2019-08-27 08:13:48
23.129.64.195	attackbots	Aug 27 01:44:02 mail sshd[17702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.195 user=sshd Aug 27 01:44:03 mail sshd[17702]: Failed password for sshd from 23.129.64.195 port 64856 ssh2 Aug 27 01:44:04 mail sshd[17702]: Failed password for sshd from 23.129.64.195 port 64856 ssh2 Aug 27 01:44:02 mail sshd[17702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.195 user=sshd Aug 27 01:44:03 mail sshd[17702]: Failed password for sshd from 23.129.64.195 port 64856 ssh2 Aug 27 01:44:04 mail sshd[17702]: Failed password for sshd from 23.129.64.195 port 64856 ssh2 Aug 27 01:44:02 mail sshd[17702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.195 user=sshd Aug 27 01:44:03 mail sshd[17702]: Failed password for sshd from 23.129.64.195 port 64856 ssh2 Aug 27 01:44:04 mail sshd[17702]: Failed password for sshd from 23.129.64.195 port 64856 ssh2 Aug 27 01:44:15 mai	2019-08-27 07:55:50
67.225.139.208	attackbots	For your security, your account has been locked because of too many failed login attempts. To unlock your account please click the following link: [Redacted for security purposes] The following attempts resulted in the lock: 67.225.139.208 2019/08/26 5:54:27 AM 184.168.152.132 2019/08/26 6:01:09 AM 108.167.139.245 2019/08/26 6:04:13 AM 184.168.193.14 2019/08/26 6:04:13 AM 184.168.193.165 2019/08/26 6:05:08 AM	2019-08-27 07:38:04
47.254.131.234	attack	2019-08-26T23:43:12.699046abusebot-2.cloudsearch.cf sshd\[16642\]: Invalid user nagios from 47.254.131.234 port 42714	2019-08-27 07:46:05
79.187.192.249	attackspambots	Aug 26 13:54:39 aiointranet sshd\[4429\]: Invalid user toshi from 79.187.192.249 Aug 26 13:54:39 aiointranet sshd\[4429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hhk249.internetdsl.tpnet.pl Aug 26 13:54:41 aiointranet sshd\[4429\]: Failed password for invalid user toshi from 79.187.192.249 port 43829 ssh2 Aug 26 13:58:45 aiointranet sshd\[4840\]: Invalid user villa from 79.187.192.249 Aug 26 13:58:45 aiointranet sshd\[4840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hhk249.internetdsl.tpnet.pl	2019-08-27 08:17:27
212.200.61.240	attackbots	2019-08-27 00:02:19 H=([212.200.61.240]) [212.200.61.240]:11564 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=212.200.61.240) 2019-08-27 00:02:21 unexpected disconnection while reading SMTP command from ([212.200.61.240]) [212.200.61.240]:11564 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-08-27 01:26:48 H=([212.200.61.240]) [212.200.61.240]:27923 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=212.200.61.240) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=212.200.61.240	2019-08-27 08:20:19
106.39.87.236	attackspam	Aug 26 08:21:27 toyboy sshd[10909]: Invalid user regina from 106.39.87.236 Aug 26 08:21:27 toyboy sshd[10909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.87.236 Aug 26 08:21:29 toyboy sshd[10909]: Failed password for invalid user regina from 106.39.87.236 port 40609 ssh2 Aug 26 08:21:29 toyboy sshd[10909]: Received disconnect from 106.39.87.236: 11: Bye Bye [preauth] Aug 26 08:36:08 toyboy sshd[12690]: Invalid user chang from 106.39.87.236 Aug 26 08:36:08 toyboy sshd[12690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.87.236 Aug 26 08:36:11 toyboy sshd[12690]: Failed password for invalid user chang from 106.39.87.236 port 55204 ssh2 Aug 26 08:36:11 toyboy sshd[12690]: Received disconnect from 106.39.87.236: 11: Bye Bye [preauth] Aug 26 08:39:23 toyboy sshd[13120]: Invalid user server from 106.39.87.236 Aug 26 08:39:23 toyboy sshd[13120]: pam_unix(sshd:auth): authentica........ -------------------------------	2019-08-27 07:39:59

Recently Reported IPs

29.248.236.152	140.195.111.202	53.167.165.94	162.142.125.46
20.33.172.27	125.96.58.248	14.102.89.22	238.127.40.73
165.36.103.163	18.28.86.245	121.102.18.92	73.82.225.245
182.253.47.69	193.77.197.219	49.188.188.144	36.59.132.251
90.53.97.41	95.239.120.224	167.99.162.12	108.12.196.208