162.142.125.67

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Censys Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	TCP (SYN) 162.142.125.67:56373 -> port 12580, len 44	2020-10-13 21:46:43
attackspambots	[Tue Oct 13 06:54:37 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=162.142.125.67 DST=MYSERVERIP LEN=44 TOS=0x00 PREC=0x00 TTL=42 ID=44979 PROTO=TCP SPT=11729 DPT=8425 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 8425	2020-10-13 13:12:15
attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-13 05:58:30

Type

Details

Datetime

attackbots

 TCP (SYN) 162.142.125.67:56373 -> port 12580, len 44

2020-10-13 21:46:43

attackspambots

[Tue Oct 13 06:54:37 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=162.142.125.67 DST=MYSERVERIP LEN=44 TOS=0x00 PREC=0x00 TTL=42 ID=44979 PROTO=TCP SPT=11729 DPT=8425 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 8425

2020-10-13 13:12:15

attackspam

[N10.H2.VM2] Port Scanner Detected Blocked by UFW

2020-10-13 05:58:30

Comments on same subnet:

IP	Type	Details	Datetime
162.142.125.86	botsattack	Bad IP	2025-03-06 19:09:23
162.142.125.197	attackproxy	Fraud connect	2024-09-05 12:48:39
162.142.125.12	proxy	Scan	2023-06-05 16:37:12
162.142.125.11	proxy	VPN fraud	2023-06-05 12:59:49
162.142.125.223	proxy	VPN fraud	2023-05-31 21:46:50
162.142.125.225	proxy	VPN fraud	2023-05-29 12:47:59
162.142.125.84	proxy	VPN scan	2023-05-22 12:51:31
162.142.125.224	proxy	VPN fraud	2023-05-18 12:47:47
162.142.125.89	proxy	VPN f	2023-05-13 12:57:08
162.142.125.217	proxy	VPN fraud	2023-05-13 12:54:50
162.142.125.14	proxy	VPN fraud	2023-05-12 14:21:18
162.142.125.214	proxy	VPN fraud	2023-03-31 12:54:37
162.142.125.87	proxy	VPN fraud	2023-03-29 12:58:45
162.142.125.13	proxy	VPN fraud	2023-03-29 12:56:42
162.142.125.10	attack	DANGER DUDE ATTACK	2022-02-18 10:02:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.142.125.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41996
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.142.125.67.			IN	A

;; AUTHORITY SECTION:
.			258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020101202 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 13 05:58:26 CST 2020
;; MSG SIZE  rcvd: 118

Host info

67.125.142.162.in-addr.arpa domain name pointer scanner-10.ch1.censys-scanner.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.125.142.162.in-addr.arpa	name = scanner-10.ch1.censys-scanner.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
76.87.91.212	attackspambots	attempted connection to port 88	2020-03-05 21:34:58
46.55.140.252	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-05 21:53:02
79.1.91.15	attackbotsspam	attempted connection to port 23	2020-03-05 21:31:45
5.239.193.47	attackbotsspam	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-05 21:32:52
168.197.31.13	attack	Feb 21 02:21:12 odroid64 sshd\[28008\]: Invalid user cpaneleximfilter from 168.197.31.13 Feb 21 02:21:12 odroid64 sshd\[28008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.197.31.13 ...	2020-03-05 21:45:26
104.223.205.138	attackbots	From: Walgreens Rewards Repetitive Walgreens reward spam - likely fraud – primarily Ukraine ISP; targeted Google phishing redirect; repetitive blacklisted phishing redirect spam links. No entity name; BBB results for "8 The Green, Dover, DE 19901": … The websites collect personal information and then transfer it to lenders and other service providers and marketing companies. BBB suggests caution in dealing with these websites. … Unsolicited bulk spam - (EHLO betrothment.clausloan.eu) (138.97.159.217) – repetitive UBE from IP range 138.97.156.* Spam link clausloan.eu = 138.97.159.10 My Tech BZ – blacklisted – phishing redirect: - www.google.com – effective URL; phishing redirect - lukkins.com = 139.99.70.208 Ovh Sas - link.agnesta.com = 62.113.207.188 23Media GmbH (previous domain link.orcelsor.com) - kq6.securessl.company = 104.223.205.137, 104.223.205.138 Global Frag Networks	2020-03-05 21:51:51
103.10.228.251	attackspambots	Unauthorized connection attempt from IP address 103.10.228.251 on Port 445(SMB)	2020-03-05 21:29:13
170.238.248.141	attackbotsspam	Automatic report - Port Scan Attack	2020-03-05 21:33:41
106.13.227.143	attackspambots	Mar 3 12:20:26 fwservlet sshd[26015]: Invalid user vnc from 106.13.227.143 Mar 3 12:20:26 fwservlet sshd[26015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.227.143 Mar 3 12:20:28 fwservlet sshd[26015]: Failed password for invalid user vnc from 106.13.227.143 port 50956 ssh2 Mar 3 12:20:28 fwservlet sshd[26015]: Received disconnect from 106.13.227.143 port 50956:11: Bye Bye [preauth] Mar 3 12:20:28 fwservlet sshd[26015]: Disconnected from 106.13.227.143 port 50956 [preauth] Mar 3 12:43:41 fwservlet sshd[26458]: Connection closed by 106.13.227.143 port 42794 [preauth] Mar 3 12:48:08 fwservlet sshd[26571]: Invalid user webm5 from 106.13.227.143 Mar 3 12:48:08 fwservlet sshd[26571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.227.143 Mar 3 12:48:10 fwservlet sshd[26571]: Failed password for invalid user webm5 from 106.13.227.143 port 43610 ssh2 Mar 3 12:48:10 fws........ -------------------------------	2020-03-05 21:27:48
119.123.155.3	attack	Unauthorized connection attempt from IP address 119.123.155.3 on Port 445(SMB)	2020-03-05 21:16:07
90.15.207.7	attackspam	DATE:2020-03-05 14:32:54, IP:90.15.207.7, PORT:ssh SSH brute force auth on honeypot server (epe-honey1-hq)	2020-03-05 21:52:12
99.148.96.52	attackbots	attempted connection to port 23	2020-03-05 21:29:44
203.160.164.234	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-05 21:22:20
41.59.209.80	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-05 21:17:59
47.88.230.242	attackspambots	Mar 5 14:43:18 * sshd[21957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.88.230.242 Mar 5 14:43:20 * sshd[21957]: Failed password for invalid user lucas from 47.88.230.242 port 44942 ssh2	2020-03-05 21:44:09

Recently Reported IPs

51.77.63.162	49.229.69.4	150.147.190.82	103.223.8.95
177.92.21.2	102.114.15.254	62.221.113.81	189.190.40.87
141.101.25.191	176.123.8.128	106.75.77.230	103.83.247.126
64.225.126.22	112.35.92.119	34.64.79.191	158.69.88.77
61.2.14.242	79.137.50.77	112.85.23.87	36.66.40.13