119.160.128.54

Basic Info

City: Bandar Seri Begawan

Region: Brunei and Muara District

Country: Brunei

Internet Service Provider: Espeed - Broadband DSL

Hostname: unknown

Organization: Telekom Brunei Berhad

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/119.160.128.54/ BN - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BN NAME ASN : ASN10094 IP : 119.160.128.54 CIDR : 119.160.128.0/24 PREFIX COUNT : 135 UNIQUE IP COUNT : 117248 ATTACKS DETECTED ASN10094 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-07 07:18:13 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-07 22:38:01

Type

Details

Datetime

attack

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/119.160.128.54/ 
 
 BN - 1H : (1)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : BN 
 NAME ASN : ASN10094 
 
 IP : 119.160.128.54 
 
 CIDR : 119.160.128.0/24 
 
 PREFIX COUNT : 135 
 
 UNIQUE IP COUNT : 117248 
 
 
 ATTACKS DETECTED ASN10094 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-07 07:18:13 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-07 22:38:01

Comments on same subnet:

IP	Type	Details	Datetime
119.160.128.108	attackbotsspam	forum spam (documents)	2019-11-08 06:47:40

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 119.160.128.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60314
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;119.160.128.54.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri May 03 22:50:20 +08 2019
;; MSG SIZE  rcvd: 118

Host info

54.128.160.119.in-addr.arpa domain name pointer 54-128.adsl2.static.espeed.com.bn.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
54.128.160.119.in-addr.arpa	name = 54-128.adsl2.static.espeed.com.bn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.188	attack	03/08/2020-17:54:00.449266 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-03-09 05:54:24
46.152.195.177	attackspam	$f2bV_matches	2020-03-09 05:54:57
114.216.220.74	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 114.216.220.74 (CN/China/-): 5 in the last 3600 secs - Sun Sep 16 07:32:34 2018	2020-03-09 06:09:44
49.83.35.112	attack	suspicious action Sun, 08 Mar 2020 18:34:07 -0300	2020-03-09 05:47:57
5.39.75.36	attackbots	$f2bV_matches	2020-03-09 06:07:41
200.0.236.210	attackspam	$f2bV_matches	2020-03-09 05:46:02
103.143.196.2	attackbotsspam	2020-03-08 16:28:43 H=(jernih.jernihmultikomunikasi.net.id) [103.143.196.2]:38672 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/103.143.196.2) 2020-03-08 16:31:35 H=(jernih.jernihmultikomunikasi.net.id) [103.143.196.2]:46578 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-03-08 16:34:09 H=(jernih.jernihmultikomunikasi.net.id) [103.143.196.2]:54412 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/103.143.196.2) ...	2020-03-09 05:45:38
51.68.220.249	attack	$f2bV_matches	2020-03-09 06:11:34
121.227.102.164	attack	lfd: (smtpauth) Failed SMTP AUTH login from 121.227.102.164 (CN/China/164.102.227.121.broad.sz.js.dynamic.163data.com.cn): 5 in the last 3600 secs - Sun Sep 16 07:33:09 2018	2020-03-09 06:09:04
188.78.170.132	attack	Mar 8 22:01:09 vpn01 sshd[21763]: Failed password for root from 188.78.170.132 port 54530 ssh2 ...	2020-03-09 05:59:57
189.18.243.210	attackbotsspam	Mar 8 11:27:24 tdfoods sshd\[31835\]: Invalid user pms from 189.18.243.210 Mar 8 11:27:24 tdfoods sshd\[31835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189-18-243-210.dsl.telesp.net.br Mar 8 11:27:26 tdfoods sshd\[31835\]: Failed password for invalid user pms from 189.18.243.210 port 35184 ssh2 Mar 8 11:34:17 tdfoods sshd\[32396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189-18-243-210.dsl.telesp.net.br user=root Mar 8 11:34:19 tdfoods sshd\[32396\]: Failed password for root from 189.18.243.210 port 58458 ssh2	2020-03-09 05:35:23
195.54.166.224	attackbotsspam	Mar 8 22:52:29 debian-2gb-nbg1-2 kernel: \[5963503.631149\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.166.224 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=5706 PROTO=TCP SPT=58556 DPT=18365 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 05:59:41
211.75.136.208	attack	Oct 18 19:28:19 ms-srv sshd[37534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.75.136.208 user=root Oct 18 19:28:21 ms-srv sshd[37534]: Failed password for invalid user root from 211.75.136.208 port 33573 ssh2	2020-03-09 05:33:34
151.253.43.75	attack	2020-03-08T22:28:46.578176vps751288.ovh.net sshd\[29183\]: Invalid user chris from 151.253.43.75 port 7825 2020-03-08T22:28:46.589638vps751288.ovh.net sshd\[29183\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.253.43.75 2020-03-08T22:28:48.832169vps751288.ovh.net sshd\[29183\]: Failed password for invalid user chris from 151.253.43.75 port 7825 ssh2 2020-03-08T22:33:58.460118vps751288.ovh.net sshd\[29211\]: Invalid user vyos from 151.253.43.75 port 41334 2020-03-08T22:33:58.468190vps751288.ovh.net sshd\[29211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.253.43.75	2020-03-09 05:56:07
14.63.166.243	attackbotsspam	lfd: (smtpauth) Failed SMTP AUTH login from 14.63.166.243 (KR/Republic of Korea/-): 5 in the last 3600 secs - Sun Sep 16 20:01:32 2018	2020-03-09 06:07:16

Recently Reported IPs

65.184.196.91	182.206.179.167	113.189.227.183	61.186.239.151
151.170.93.138	145.43.79.97	186.240.176.73	95.57.48.94
205.244.254.54	59.54.76.6	174.35.249.242	75.86.22.109
79.166.74.35	95.90.46.17	156.200.154.120	173.71.95.102
152.254.148.220	196.9.88.173	71.7.205.36	210.205.11.21