142.4.7.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.4.7.212	attack	WordPress wp-login brute force :: 142.4.7.212 0.100 - [22/Jul/2020:03:57:15 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-07-22 14:08:30
142.4.7.212	attack	142.4.7.212 - - [11/Jul/2020:21:06:55 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [11/Jul/2020:21:07:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [11/Jul/2020:21:07:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-12 05:31:37
142.4.7.212	attackbotsspam	$f2bV_matches	2020-07-10 17:26:23
142.4.7.212	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-07 09:18:52
142.4.7.212	attackbots	Automatic report - Banned IP Access	2020-07-06 17:09:39
142.4.7.212	attackbots	[munged]::443 142.4.7.212 - - [05/Jun/2020:22:39:14 +0200] "POST /[munged]: HTTP/1.1" 200 6957 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-06 07:03:25
142.4.7.212	attackspam	Automatic report - XMLRPC Attack	2020-06-02 00:34:01
142.4.7.212	attackbots	142.4.7.212 - - \[25/May/2020:07:44:04 +0200\] "POST /wp-login.php HTTP/1.0" 200 2889 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.7.212 - - \[25/May/2020:07:44:07 +0200\] "POST /wp-login.php HTTP/1.0" 200 2849 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 142.4.7.212 - - \[25/May/2020:07:44:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 2847 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-25 19:28:00
142.4.7.212	attackspambots	Automatic report - XMLRPC Attack	2020-05-21 05:33:16
142.4.7.212	attackspam	WordPress brute force	2020-05-20 05:01:14
142.4.7.212	attackspambots	US - - [24/Apr/2020:23:37:39 +0300] POST /wp-login.php HTTP/1.1 200 4865 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 15:23:51
142.4.7.212	attack	CMS (WordPress or Joomla) login attempt.	2020-04-22 20:44:57
142.4.7.212	attackbotsspam	142.4.7.212 - - [18/Mar/2020:17:15:53 +0000] "POST /wp-login.php HTTP/1.1" 200 6627 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.7.212 - - [18/Mar/2020:17:15:55 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-19 03:00:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.4.7.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57012
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.4.7.99.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 14:04:38 CST 2022
;; MSG SIZE  rcvd: 103

Host info

99.7.4.142.in-addr.arpa domain name pointer 142-4-7-99.unifiedlayer.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.7.4.142.in-addr.arpa	name = 142-4-7-99.unifiedlayer.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.47.214.155	attackbots	Automatic report - Banned IP Access	2019-09-02 04:33:02
41.202.0.153	attack	Sep 1 10:16:41 kapalua sshd\[14308\]: Invalid user cmtsang from 41.202.0.153 Sep 1 10:16:41 kapalua sshd\[14308\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.202.0.153 Sep 1 10:16:43 kapalua sshd\[14308\]: Failed password for invalid user cmtsang from 41.202.0.153 port 57283 ssh2 Sep 1 10:24:03 kapalua sshd\[14859\]: Invalid user 123456 from 41.202.0.153 Sep 1 10:24:03 kapalua sshd\[14859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.202.0.153	2019-09-02 04:28:58
165.227.115.93	attack	2019-09-01T19:40:11.321137abusebot-3.cloudsearch.cf sshd\[24593\]: Invalid user support from 165.227.115.93 port 33600	2019-09-02 04:40:03
37.211.25.98	attackspam	Sep 1 22:07:44 meumeu sshd[20999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.211.25.98 Sep 1 22:07:45 meumeu sshd[20999]: Failed password for invalid user franklin from 37.211.25.98 port 39096 ssh2 Sep 1 22:12:31 meumeu sshd[21745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.211.25.98 ...	2019-09-02 04:22:36
122.114.117.57	attackbots	$f2bV_matches	2019-09-02 04:30:30
178.128.14.26	attackspam	Sep 1 22:10:57 lnxmysql61 sshd[27251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.14.26 Sep 1 22:10:57 lnxmysql61 sshd[27251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.14.26	2019-09-02 04:18:27
78.158.133.37	attackbotsspam	NAME : PRIMEHOME-3 + e-mail abuse : ripe-admin@thunderworx.net CIDR : 78.158.133.0/24 SYN Flood DDoS Attack CY - block certain countries :) IP: 78.158.133.37 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-02 04:24:47
189.148.216.68	attackspambots	NAME : MX-GDUN-LACNIC CIDR : 189.148.216.0/24 189.148.216.0/24 SYN Flood DDoS Attack MX - block certain countries :) IP: 189.148.216.68 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-02 04:26:05
74.208.252.136	attackspam	Sep 1 20:02:26 thevastnessof sshd[15698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.208.252.136 ...	2019-09-02 04:06:34
134.209.21.83	attackspam	Sep 1 20:57:54 dev0-dcde-rnet sshd[25851]: Failed password for root from 134.209.21.83 port 48468 ssh2 Sep 1 21:01:34 dev0-dcde-rnet sshd[25864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.21.83 Sep 1 21:01:36 dev0-dcde-rnet sshd[25864]: Failed password for invalid user caixa from 134.209.21.83 port 36776 ssh2	2019-09-02 03:50:42
152.32.191.57	attackbotsspam	$f2bV_matches_ltvn	2019-09-02 04:23:55
91.179.213.112	attackbotsspam	DATE:2019-09-01 19:27:33, IP:91.179.213.112, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis)	2019-09-02 03:49:43
51.79.52.150	attackspam	SSH bruteforce (Triggered fail2ban)	2019-09-02 03:56:31
128.199.69.86	attackspam	Reported by AbuseIPDB proxy server.	2019-09-02 04:18:11
103.65.237.93	attackspam	Sep 1 10:02:45 php1 sshd\[32610\]: Invalid user 123root321 from 103.65.237.93 Sep 1 10:02:45 php1 sshd\[32610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.237.93 Sep 1 10:02:47 php1 sshd\[32610\]: Failed password for invalid user 123root321 from 103.65.237.93 port 33474 ssh2 Sep 1 10:07:42 php1 sshd\[761\]: Invalid user 123456 from 103.65.237.93 Sep 1 10:07:42 php1 sshd\[761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.237.93	2019-09-02 04:21:00

Recently Reported IPs

142.4.7.189	142.4.9.56	142.4.5.70	142.4.7.76
142.4.6.207	213.255.18.241	142.4.6.237	142.4.97.33
142.4.9.131	142.44.128.236	142.44.131.5	142.44.129.236
142.44.136.29	142.44.135.249	142.44.136.192	142.44.138.144
142.44.138.103	142.44.138.162	142.44.139.57	142.44.138.84