142.4.7.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.4.7.212	attack	WordPress wp-login brute force :: 142.4.7.212 0.100 - [22/Jul/2020:03:57:15 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-07-22 14:08:30
142.4.7.212	attack	142.4.7.212 - - [11/Jul/2020:21:06:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [11/Jul/2020:21:07:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [11/Jul/2020:21:07:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-12 05:31:37
142.4.7.212	attackbotsspam	$f2bV_matches	2020-07-10 17:26:23
142.4.7.212	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-07 09:18:52
142.4.7.212	attackbots	Automatic report - Banned IP Access	2020-07-06 17:09:39
142.4.7.212	attackbots	[munged]::443 142.4.7.212 - - [05/Jun/2020:22:39:14 +0200] "POST /[munged]: HTTP/1.1" 200 6957 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-06 07:03:25
142.4.7.212	attackspam	Automatic report - XMLRPC Attack	2020-06-02 00:34:01
142.4.7.212	attackbots	142.4.7.212 - - \[25/May/2020:07:44:04 +0200\] "POST /wp-login.php HTTP/1.0" 200 2889 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.7.212 - - \[25/May/2020:07:44:07 +0200\] "POST /wp-login.php HTTP/1.0" 200 2849 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.7.212 - - \[25/May/2020:07:44:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 2847 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-25 19:28:00
142.4.7.212	attackspambots	Automatic report - XMLRPC Attack	2020-05-21 05:33:16
142.4.7.212	attackspam	WordPress brute force	2020-05-20 05:01:14
142.4.7.212	attackspambots	US - - [24/Apr/2020:23:37:39 +0300] POST /wp-login.php HTTP/1.1 200 4865 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 15:23:51
142.4.7.212	attack	CMS (WordPress or Joomla) login attempt.	2020-04-22 20:44:57
142.4.7.212	attackbotsspam	142.4.7.212 - - [18/Mar/2020:17:15:53 +0000] "POST /wp-login.php HTTP/1.1" 200 6627 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [18/Mar/2020:17:15:55 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-19 03:00:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.4.7.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.4.7.99.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:04:38 CST 2022
;; MSG SIZE  rcvd: 103

Host info

99.7.4.142.in-addr.arpa domain name pointer 142-4-7-99.unifiedlayer.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.7.4.142.in-addr.arpa	name = 142-4-7-99.unifiedlayer.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.26.137.18	attack	failed_logins	2020-05-22 13:11:29
42.243.42.109	attack	Telnet Server BruteForce Attack	2020-05-22 12:57:55
212.5.152.196	attack	May 21 18:40:43 web1 sshd\[32760\]: Invalid user ole from 212.5.152.196 May 21 18:40:43 web1 sshd\[32760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.5.152.196 May 21 18:40:45 web1 sshd\[32760\]: Failed password for invalid user ole from 212.5.152.196 port 46991 ssh2 May 21 18:44:41 web1 sshd\[629\]: Invalid user tqt from 212.5.152.196 May 21 18:44:41 web1 sshd\[629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.5.152.196	2020-05-22 13:00:09
122.155.223.59	attackbots	May 22 07:00:12 buvik sshd[21921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.223.59 May 22 07:00:14 buvik sshd[21921]: Failed password for invalid user ozq from 122.155.223.59 port 55232 ssh2 May 22 07:02:38 buvik sshd[22688]: Invalid user ime from 122.155.223.59 ...	2020-05-22 13:14:47
52.130.74.149	attack	May 22 00:29:12 NPSTNNYC01T sshd[25393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.130.74.149 May 22 00:29:14 NPSTNNYC01T sshd[25393]: Failed password for invalid user big from 52.130.74.149 port 57364 ssh2 May 22 00:33:21 NPSTNNYC01T sshd[25806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.130.74.149 ...	2020-05-22 12:35:55
106.12.189.2	attack	May 22 05:53:48 vps687878 sshd\[11070\]: Invalid user gvv from 106.12.189.2 port 40236 May 22 05:53:48 vps687878 sshd\[11070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.2 May 22 05:53:50 vps687878 sshd\[11070\]: Failed password for invalid user gvv from 106.12.189.2 port 40236 ssh2 May 22 05:57:41 vps687878 sshd\[11571\]: Invalid user nxroot from 106.12.189.2 port 36488 May 22 05:57:41 vps687878 sshd\[11571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.2 ...	2020-05-22 13:01:34
35.200.161.135	attackspambots	$f2bV_matches	2020-05-22 12:42:51
104.236.124.45	attack	2020-05-21T21:57:46.080313linuxbox-skyline sshd[59306]: Invalid user vqc from 104.236.124.45 port 38006 ...	2020-05-22 13:13:38
87.251.74.190	attackspam	May 22 07:05:14 debian-2gb-nbg1-2 kernel: \[12382733.396266\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.190 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=48165 PROTO=TCP SPT=43657 DPT=2175 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-22 13:13:58
79.124.62.250	attackbotsspam	May 22 06:25:36 debian-2gb-nbg1-2 kernel: \[12380355.247202\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.124.62.250 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54608 PROTO=TCP SPT=45302 DPT=3391 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-22 12:41:00
109.64.66.118	attackspambots	failed loggin	2020-05-22 13:15:43
61.219.171.213	attack	May 22 05:57:38 santamaria sshd\[26771\]: Invalid user gqs from 61.219.171.213 May 22 05:57:38 santamaria sshd\[26771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.219.171.213 May 22 05:57:40 santamaria sshd\[26771\]: Failed password for invalid user gqs from 61.219.171.213 port 51460 ssh2 ...	2020-05-22 13:16:07
106.12.182.38	attackspam	May 22 06:14:03 plex sshd[30354]: Invalid user lbk from 106.12.182.38 port 36644	2020-05-22 12:44:36
213.136.64.15	attack	May 22 05:58:48 web01 sshd[12596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.136.64.15 May 22 05:58:50 web01 sshd[12596]: Failed password for invalid user plex from 213.136.64.15 port 58152 ssh2 ...	2020-05-22 12:40:29
218.92.0.184	attack	$f2bV_matches	2020-05-22 13:16:46

Recently Reported IPs

142.4.7.189	142.4.9.56	142.4.5.70	142.4.7.76
142.4.6.207	213.255.18.241	142.4.6.237	142.4.97.33
142.4.9.131	142.44.128.236	142.44.131.5	142.44.129.236
142.44.136.29	142.44.135.249	142.44.136.192	142.44.138.144
142.44.138.103	142.44.138.162	142.44.139.57	142.44.138.84