119.42.1.110 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
119.42.125.225	attack	20/8/23@08:25:24: FAIL: Alarm-Network address from=119.42.125.225 20/8/23@08:25:24: FAIL: Alarm-Network address from=119.42.125.225 ...	2020-08-23 20:39:47
119.42.122.239	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 119.42.122.239 (TH/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:03:52 [error] 482759#0: 840352 [client 119.42.122.239] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801143266.523321"] [ref ""], client: 119.42.122.239, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27+AND+++9747+%3D+0 HTTP/1.1" [redacted]	2020-08-22 00:21:11
119.42.109.120	attack	20/8/19@23:50:45: FAIL: Alarm-Network address from=119.42.109.120 20/8/19@23:50:45: FAIL: Alarm-Network address from=119.42.109.120 ...	2020-08-20 16:33:22
119.42.114.96	attackspambots	Unauthorized connection attempt from IP address 119.42.114.96 on Port 445(SMB)	2020-08-11 03:06:39
119.42.115.142	attackspambots	Unauthorized IMAP connection attempt	2020-08-08 19:28:55
119.42.121.25	attackbots	belitungshipwreck.org 119.42.121.25 [29/Jul/2020:14:09:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4304 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" belitungshipwreck.org 119.42.121.25 [29/Jul/2020:14:09:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4304 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-07-30 01:25:31
119.42.103.237	attackbots	Unauthorized connection attempt from IP address 119.42.103.237 on Port 445(SMB)	2020-07-27 03:20:41
119.42.113.61	attackspambots	1594526209 - 07/12/2020 05:56:49 Host: 119.42.113.61/119.42.113.61 Port: 445 TCP Blocked	2020-07-12 12:02:46
119.42.115.206	attackbotsspam	1593229982 - 06/27/2020 05:53:02 Host: 119.42.115.206/119.42.115.206 Port: 445 TCP Blocked	2020-06-27 15:49:27
119.42.123.186	attack	20/6/25@08:24:45: FAIL: Alarm-Network address from=119.42.123.186 20/6/25@08:24:45: FAIL: Alarm-Network address from=119.42.123.186 ...	2020-06-26 00:38:32
119.42.121.38	attackspambots	GET /?q=user	2020-06-19 03:04:29
119.42.122.85	attackspambots	Unauthorized IMAP connection attempt	2020-06-10 19:09:26
119.42.123.14	attack	1591501924 - 06/07/2020 05:52:04 Host: 119.42.123.14/119.42.123.14 Port: 445 TCP Blocked	2020-06-07 16:32:16
119.42.121.197	attackspambots	Unauthorized IMAP connection attempt	2020-06-02 19:04:54
119.42.123.108	attack	2020-06-01T12:07:12.550475odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure 2020-06-01T12:07:15.617829odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure 2020-06-01T12:07:16.299207odie.crmd.co.za postfix/smtpd[11149]: warning: unknown[119.42.123.108]: SASL PLAIN authentication failed: authentication failure ...	2020-06-01 22:52:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.42.1.110
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60317
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;119.42.1.110.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025020901 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 08:04:27 CST 2025
;; MSG SIZE  rcvd: 105

Host info

Host 110.1.42.119.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 110.1.42.119.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.233.204.48	attackspambots	1601066253 - 09/25/2020 22:37:33 Host: 181.233.204.48/181.233.204.48 Port: 445 TCP Blocked	2020-09-26 15:40:43
165.22.251.76	attack	Sep 26 08:51:06 icinga sshd[20475]: Failed password for root from 165.22.251.76 port 34702 ssh2 Sep 26 08:55:49 icinga sshd[28181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.251.76 Sep 26 08:55:51 icinga sshd[28181]: Failed password for invalid user etherpad from 165.22.251.76 port 41010 ssh2 ...	2020-09-26 15:27:38
218.92.0.251	attackspam	Sep 26 07:31:05 localhost sshd[44127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.251 user=root Sep 26 07:31:06 localhost sshd[44127]: Failed password for root from 218.92.0.251 port 59708 ssh2 Sep 26 07:31:10 localhost sshd[44127]: Failed password for root from 218.92.0.251 port 59708 ssh2 Sep 26 07:31:05 localhost sshd[44127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.251 user=root Sep 26 07:31:06 localhost sshd[44127]: Failed password for root from 218.92.0.251 port 59708 ssh2 Sep 26 07:31:10 localhost sshd[44127]: Failed password for root from 218.92.0.251 port 59708 ssh2 Sep 26 07:31:05 localhost sshd[44127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.251 user=root Sep 26 07:31:06 localhost sshd[44127]: Failed password for root from 218.92.0.251 port 59708 ssh2 Sep 26 07:31:10 localhost sshd[44127]: Failed password fo ...	2020-09-26 15:47:15
171.245.157.89	attack	1601066256 - 09/25/2020 22:37:36 Host: 171.245.157.89/171.245.157.89 Port: 445 TCP Blocked	2020-09-26 15:36:55
35.184.98.137	attackbots	WordPress (CMS) attack attempts. Date: 2020 Sep 25. 19:44:42 Source IP: 35.184.98.137 Portion of the log(s): 35.184.98.137 - [25/Sep/2020:19:44:38 +0200] "GET /wp-login.php HTTP/1.1" 200 2035 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.184.98.137 - [25/Sep/2020:19:44:39 +0200] "POST /wp-login.php HTTP/1.1" 200 2236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.184.98.137 - [25/Sep/2020:19:44:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 421 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-26 15:52:12
51.75.23.214	attack	51.75.23.214 - - [26/Sep/2020:08:24:19 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.75.23.214 - - [26/Sep/2020:08:24:20 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.75.23.214 - - [26/Sep/2020:08:24:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-26 15:40:21
106.38.33.70	attackbots	$f2bV_matches	2020-09-26 15:34:16
60.176.234.217	attackbotsspam	$f2bV_matches	2020-09-26 15:18:38
154.8.147.238	attackspambots	Sep 26 08:06:42 server sshd[32310]: Failed password for root from 154.8.147.238 port 44636 ssh2 Sep 26 08:08:42 server sshd[927]: Failed password for invalid user docker from 154.8.147.238 port 38468 ssh2 Sep 26 08:10:12 server sshd[1721]: Failed password for root from 154.8.147.238 port 55376 ssh2	2020-09-26 15:27:12
49.232.65.29	attackspam	20 attempts against mh-ssh on soil	2020-09-26 15:23:42
68.183.193.148	attackspambots	Brute force attempt	2020-09-26 15:34:44
46.101.181.165	attackbots	TCP (SYN) 46.101.181.165:46082 -> port 18517, len 44	2020-09-26 15:09:20
27.64.157.67	attackspam	Automatic report - Port Scan Attack	2020-09-26 15:16:22
46.101.10.240	attack	46.101.10.240 - - [24/Sep/2020:13:25:28 -0400] "GET /.env HTTP/1.1" 301 232 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:29 -0400] "GET /.env HTTP/1.1" 404 202 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:30 -0400] "GET /admin/.env HTTP/1.1" 301 238 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:31 -0400] "GET /admin/.env HTTP/1.1" 404 208 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:31 -0400] "GET /laravel/.env HTTP/1.1" 301 240 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:31 -0400] "GET /laravel/.env HTTP/1.1" 404 210 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:31 -0400] "GET /public/.env HTTP/1.1" 301 239 "-" "python-requests/2.18.4" 46.101.10.240 - - [24/Sep/2020:13:25:33 -0400] "GET /public/.env HTTP/1.1" 404 209 "-" "python-requests/2.18.4" ...etc	2020-09-26 15:13:55
128.199.162.108	attackspam	Sep 26 03:14:17 ns3033917 sshd[22866]: Invalid user test from 128.199.162.108 port 46420 Sep 26 03:14:19 ns3033917 sshd[22866]: Failed password for invalid user test from 128.199.162.108 port 46420 ssh2 Sep 26 03:18:06 ns3033917 sshd[22896]: Invalid user td from 128.199.162.108 port 52966 ...	2020-09-26 15:49:55

Recently Reported IPs

139.94.230.253	207.40.73.189	254.200.250.72	101.159.131.145
181.123.53.68	248.41.249.91	116.26.169.177	212.241.61.167
54.38.211.2	137.63.6.217	14.5.221.80	136.236.23.171
251.8.243.25	160.135.215.174	222.213.140.9	123.179.171.143
202.70.219.230	17.84.135.217	75.37.37.89	19.94.207.41