42.62.12.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Forest Eternal Communication Tech. Co.Ltd

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	51.158.173.243 42.62.12.54 - - [03/Jan/2020:23:21:29 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 51.158.173.243 42.62.12.54 - - [03/Jan/2020:23:21:29 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" ...	2020-01-04 09:09:08

Type

Details

Datetime

attackbotsspam

51.158.173.243 42.62.12.54 - - [03/Jan/2020:23:21:29 +0000] "GET /TP/public/index.php HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
51.158.173.243 42.62.12.54 - - [03/Jan/2020:23:21:29 +0000] "GET /TP/index.php HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)"
...

2020-01-04 09:09:08

Comments on same subnet:

IP	Type	Details	Datetime
42.62.12.60	attackspam	Unauthorized connection attempt detected from IP address 42.62.12.60 to port 6380	2020-01-02 20:11:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.62.12.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4567
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.62.12.54.			IN	A

;; AUTHORITY SECTION:
.			409	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010301 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 09:09:02 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 54.12.62.42.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 54.12.62.42.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.235.171.114	attackbotsspam	2019-11-14T23:42:57.570105abusebot.cloudsearch.cf sshd\[21951\]: Invalid user baines from 124.235.171.114 port 50300	2019-11-15 07:44:13
77.247.111.4	attackspambots	(From fortunebiz@163.com) Giantlion Sensor supplies high quality current transducer, voltage transducer, power transducer,and frequency transducer that can measure current,voltage, power or frequency of your equipment and then generates standard signals 0-5V DC, 0-10V DC, 0-20mA DC,4-20mA DC,5KHz,10KHz,and RS-485.The signals can be used by PLC for industrial automation control. High precision,low prices. for details, please visit syncmeter.com or contact us by email sales@syncmeter.com, mobile (whatsapp)+8618675591479. Skype:brianew789 Please forward our information to your technicians or engineers for future use. Thank you for your time!	2019-11-15 08:00:17
129.204.50.75	attackbots	Nov 14 13:39:50 auw2 sshd\[31780\]: Invalid user zickfeldt from 129.204.50.75 Nov 14 13:39:50 auw2 sshd\[31780\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.50.75 Nov 14 13:39:53 auw2 sshd\[31780\]: Failed password for invalid user zickfeldt from 129.204.50.75 port 33880 ssh2 Nov 14 13:44:39 auw2 sshd\[32157\]: Invalid user dolorita from 129.204.50.75 Nov 14 13:44:39 auw2 sshd\[32157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.50.75	2019-11-15 07:52:32
213.194.139.95	attack	Automatic report - Port Scan Attack	2019-11-15 07:50:36
36.155.115.95	attackspambots	Nov 15 00:51:00 vps691689 sshd[4950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.115.95 Nov 15 00:51:02 vps691689 sshd[4950]: Failed password for invalid user ftpuser from 36.155.115.95 port 59252 ssh2 ...	2019-11-15 07:59:26
117.50.38.246	attack	Nov 15 00:02:28 hcbbdb sshd\[31164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.246 user=root Nov 15 00:02:30 hcbbdb sshd\[31164\]: Failed password for root from 117.50.38.246 port 60680 ssh2 Nov 15 00:06:55 hcbbdb sshd\[31607\]: Invalid user admin from 117.50.38.246 Nov 15 00:06:55 hcbbdb sshd\[31607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.38.246 Nov 15 00:06:57 hcbbdb sshd\[31607\]: Failed password for invalid user admin from 117.50.38.246 port 40016 ssh2	2019-11-15 08:17:00
54.38.241.171	attack	50 failed attempt(s) in the last 24h	2019-11-15 08:03:09
92.118.161.9	attackbots	" "	2019-11-15 08:08:05
194.182.86.126	attackspambots	Invalid user beas from 194.182.86.126 port 58490	2019-11-15 07:45:15
189.112.109.189	attack	Nov 14 18:44:23 ny01 sshd[14836]: Failed password for lp from 189.112.109.189 port 40675 ssh2 Nov 14 18:48:58 ny01 sshd[15272]: Failed password for root from 189.112.109.189 port 60419 ssh2 Nov 14 18:53:35 ny01 sshd[15803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.109.189	2019-11-15 08:03:26
51.75.24.200	attackbotsspam	7 failed attempt(s) in the last 24h	2019-11-15 07:44:45
35.188.77.30	attack	blogonese.net 35.188.77.30 \[14/Nov/2019:23:36:23 +0100\] "POST /wp-login.php HTTP/1.1" 200 6376 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" blogonese.net 35.188.77.30 \[14/Nov/2019:23:36:24 +0100\] "POST /wp-login.php HTTP/1.1" 200 6340 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" blogonese.net 35.188.77.30 \[14/Nov/2019:23:36:25 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4085 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-15 08:06:32
142.93.111.5	attack	6 failed attempt(s) in the last 24h	2019-11-15 07:41:55
45.55.88.94	attack	Nov 14 13:28:17 auw2 sshd\[30737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=retailnes.com user=root Nov 14 13:28:19 auw2 sshd\[30737\]: Failed password for root from 45.55.88.94 port 44451 ssh2 Nov 14 13:33:32 auw2 sshd\[31148\]: Invalid user psyl from 45.55.88.94 Nov 14 13:33:32 auw2 sshd\[31148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=retailnes.com Nov 14 13:33:34 auw2 sshd\[31148\]: Failed password for invalid user psyl from 45.55.88.94 port 34655 ssh2	2019-11-15 07:46:46
51.91.110.249	attack	Nov 15 00:53:17 SilenceServices sshd[3792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.110.249 Nov 15 00:53:19 SilenceServices sshd[3792]: Failed password for invalid user host from 51.91.110.249 port 32772 ssh2 Nov 15 00:56:30 SilenceServices sshd[7985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.110.249	2019-11-15 07:57:56

Recently Reported IPs

27.16.220.136	1.54.222.220	1.29.26.103	222.185.28.227
222.174.117.36	222.82.59.80	222.82.48.109	220.200.156.40
220.172.156.100	210.12.190.46	182.138.137.10	180.177.242.73
81.226.194.146	155.146.110.61	76.159.144.71	96.140.174.91
43.20.83.130	101.174.141.245	175.184.167.59	144.29.188.194