142.4.7.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.4.7.212	attack	WordPress wp-login brute force :: 142.4.7.212 0.100 - [22/Jul/2020:03:57:15 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-07-22 14:08:30
142.4.7.212	attack	142.4.7.212 - - [11/Jul/2020:21:06:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [11/Jul/2020:21:07:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [11/Jul/2020:21:07:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-12 05:31:37
142.4.7.212	attackbotsspam	$f2bV_matches	2020-07-10 17:26:23
142.4.7.212	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-07 09:18:52
142.4.7.212	attackbots	Automatic report - Banned IP Access	2020-07-06 17:09:39
142.4.7.212	attackbots	[munged]::443 142.4.7.212 - - [05/Jun/2020:22:39:14 +0200] "POST /[munged]: HTTP/1.1" 200 6957 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-06 07:03:25
142.4.7.212	attackspam	Automatic report - XMLRPC Attack	2020-06-02 00:34:01
142.4.7.212	attackbots	142.4.7.212 - - \[25/May/2020:07:44:04 +0200\] "POST /wp-login.php HTTP/1.0" 200 2889 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.7.212 - - \[25/May/2020:07:44:07 +0200\] "POST /wp-login.php HTTP/1.0" 200 2849 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.7.212 - - \[25/May/2020:07:44:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 2847 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-25 19:28:00
142.4.7.212	attackspambots	Automatic report - XMLRPC Attack	2020-05-21 05:33:16
142.4.7.212	attackspam	WordPress brute force	2020-05-20 05:01:14
142.4.7.212	attackspambots	US - - [24/Apr/2020:23:37:39 +0300] POST /wp-login.php HTTP/1.1 200 4865 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 15:23:51
142.4.7.212	attack	CMS (WordPress or Joomla) login attempt.	2020-04-22 20:44:57
142.4.7.212	attackbotsspam	142.4.7.212 - - [18/Mar/2020:17:15:53 +0000] "POST /wp-login.php HTTP/1.1" 200 6627 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [18/Mar/2020:17:15:55 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-19 03:00:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.4.7.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47318
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.4.7.80.			IN	A

;; AUTHORITY SECTION:
.			52	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:22:37 CST 2022
;; MSG SIZE  rcvd: 103

Host info

80.7.4.142.in-addr.arpa domain name pointer 142-4-7-80.unifiedlayer.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
80.7.4.142.in-addr.arpa	name = 142-4-7-80.unifiedlayer.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.46.26	attackspambots	Port Scan ...	2020-08-02 22:10:12
60.51.17.33	attackbots	Aug 2 15:03:41 kh-dev-server sshd[25695]: Failed password for root from 60.51.17.33 port 52926 ssh2 ...	2020-08-02 22:23:32
188.131.180.15	attackbotsspam	Failed password for root from 188.131.180.15 port 39456 ssh2	2020-08-02 22:30:25
124.29.236.163	attack	2020-08-02T07:47:40.0232981495-001 sshd[21339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.29.236.163 user=root 2020-08-02T07:47:41.9335581495-001 sshd[21339]: Failed password for root from 124.29.236.163 port 51272 ssh2 2020-08-02T07:52:06.4229061495-001 sshd[21520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.29.236.163 user=root 2020-08-02T07:52:08.6541771495-001 sshd[21520]: Failed password for root from 124.29.236.163 port 34906 ssh2 2020-08-02T07:56:36.3912181495-001 sshd[21713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.29.236.163 user=root 2020-08-02T07:56:38.3560051495-001 sshd[21713]: Failed password for root from 124.29.236.163 port 46774 ssh2 ...	2020-08-02 22:08:11
49.207.185.52	attack	Aug 2 15:42:59 hosting sshd[23483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.207.185.52 user=root Aug 2 15:43:01 hosting sshd[23483]: Failed password for root from 49.207.185.52 port 48235 ssh2 ...	2020-08-02 22:17:46
69.94.156.10	attackbots	TCP src-port=59952 dst-port=25 Listed on barracuda spamcop spam-sorbs (Project Honey Pot rated Suspicious) (33)	2020-08-02 22:23:03
34.229.232.86	attack	Scanner : /ResidentEvil/proxy	2020-08-02 22:43:53
213.32.23.58	attack	Aug 2 09:07:28 firewall sshd[31653]: Failed password for root from 213.32.23.58 port 39452 ssh2 Aug 2 09:11:23 firewall sshd[31809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.23.58 user=root Aug 2 09:11:25 firewall sshd[31809]: Failed password for root from 213.32.23.58 port 49900 ssh2 ...	2020-08-02 22:41:34
52.152.172.146	attackspambots	Aug 2 18:18:58 gw1 sshd[11696]: Failed password for root from 52.152.172.146 port 32860 ssh2 ...	2020-08-02 22:35:20
183.66.41.26	attack	20 attempts against mh-ssh on ice	2020-08-02 22:19:21
122.227.159.84	attackbots	Aug 2 12:19:26 django-0 sshd[22990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.227.159.84 user=root Aug 2 12:19:28 django-0 sshd[22990]: Failed password for root from 122.227.159.84 port 56038 ssh2 ...	2020-08-02 22:04:51
157.230.2.208	attackspambots	Aug 2 15:16:51 lukav-desktop sshd\[24002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.2.208 user=root Aug 2 15:16:53 lukav-desktop sshd\[24002\]: Failed password for root from 157.230.2.208 port 45452 ssh2 Aug 2 15:20:52 lukav-desktop sshd\[24026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.2.208 user=root Aug 2 15:20:53 lukav-desktop sshd\[24026\]: Failed password for root from 157.230.2.208 port 56060 ssh2 Aug 2 15:24:55 lukav-desktop sshd\[24063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.2.208 user=root	2020-08-02 22:47:00
49.235.74.226	attackbotsspam	Aug 2 14:25:44 fhem-rasp sshd[28979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.74.226 user=root Aug 2 14:25:46 fhem-rasp sshd[28979]: Failed password for root from 49.235.74.226 port 51206 ssh2 ...	2020-08-02 22:13:43
185.173.35.13	attackbots	ICMP MH Probe, Scan /Distributed -	2020-08-02 22:06:38
218.18.161.186	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-08-02 22:08:36

Recently Reported IPs

142.4.7.100	142.4.7.18	142.4.8.13	142.4.8.174
142.44.129.23	142.44.132.218	142.44.132.195	142.4.9.124
142.44.135.89	142.44.136.164	142.44.136.41	142.44.136.90
142.44.137.39	142.44.137.46	142.44.138.195	142.44.138.120
142.44.140.100	142.44.140.140	142.44.140.111	142.44.139.190