109.189.157.240

Basic Info

City: Bergen

Region: Vestland

Country: Norway

Internet Service Provider: Telenor

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.189.157.240
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14805
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;109.189.157.240.		IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020121201 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 13 02:29:45 CST 2020
;; MSG SIZE  rcvd: 119

Host info

240.157.189.109.in-addr.arpa domain name pointer ti0004q162-0492.bb.online.no.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
240.157.189.109.in-addr.arpa	name = ti0004q162-0492.bb.online.no.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.28.249.135	attack	Sep 7 05:34:21 eola postfix/smtpd[12457]: connect from unknown[196.28.249.135] Sep 7 05:34:35 eola postfix/smtpd[12462]: connect from unknown[196.28.249.135] Sep 7 05:34:56 eola postfix/smtpd[12464]: connect from unknown[196.28.249.135] Sep 7 05:34:56 eola postfix/smtpd[12464]: lost connection after CONNECT from unknown[196.28.249.135] Sep 7 05:34:56 eola postfix/smtpd[12464]: disconnect from unknown[196.28.249.135] commands=0/0 Sep 7 05:35:09 eola postfix/smtpd[12470]: connect from unknown[196.28.249.135] Sep 7 05:35:09 eola postfix/smtpd[12470]: lost connection after CONNECT from unknown[196.28.249.135] Sep 7 05:35:09 eola postfix/smtpd[12470]: disconnect from unknown[196.28.249.135] commands=0/0 Sep 7 05:35:22 eola postfix/smtpd[12464]: connect from unknown[196.28.249.135] Sep 7 05:36:23 eola postfix/smtpd[12470]: connect from unknown[196.28.249.135] Sep 7 05:36:23 eola postfix/smtpd[12470]: lost connection after CONNECT from unknown[196.28.249.135] Sep 7........ -------------------------------	2019-09-08 01:42:35
154.120.226.102	attackspambots	SSH invalid-user multiple login try	2019-09-08 01:20:17
93.67.249.237	attack	Automatic report - Port Scan Attack	2019-09-08 00:40:16
89.207.92.172	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 10:10:10,470 INFO [amun_request_handler] PortScan Detected on Port: 445 (89.207.92.172)	2019-09-08 01:29:52
201.116.12.217	attackspambots	Jan 16 21:46:05 vtv3 sshd\[25596\]: Invalid user mailtest from 201.116.12.217 port 50802 Jan 16 21:46:05 vtv3 sshd\[25596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.12.217 Jan 16 21:46:07 vtv3 sshd\[25596\]: Failed password for invalid user mailtest from 201.116.12.217 port 50802 ssh2 Jan 16 21:50:46 vtv3 sshd\[27143\]: Invalid user test from 201.116.12.217 port 37244 Jan 16 21:50:46 vtv3 sshd\[27143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.12.217 Jan 25 04:12:59 vtv3 sshd\[11169\]: Invalid user sftp from 201.116.12.217 port 41935 Jan 25 04:12:59 vtv3 sshd\[11169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.116.12.217 Jan 25 04:13:01 vtv3 sshd\[11169\]: Failed password for invalid user sftp from 201.116.12.217 port 41935 ssh2 Jan 25 04:17:25 vtv3 sshd\[12470\]: Invalid user om from 201.116.12.217 port 57580 Jan 25 04:17:25 vtv3 sshd\[12470	2019-09-08 01:35:42
125.215.207.40	attack	Sep 7 17:27:05 mail sshd\[31219\]: Invalid user alex from 125.215.207.40 port 34037 Sep 7 17:27:05 mail sshd\[31219\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.215.207.40 Sep 7 17:27:07 mail sshd\[31219\]: Failed password for invalid user alex from 125.215.207.40 port 34037 ssh2 Sep 7 17:36:41 mail sshd\[32297\]: Invalid user ftpuser from 125.215.207.40 port 33584 Sep 7 17:36:41 mail sshd\[32297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.215.207.40	2019-09-08 01:06:28
202.6.141.211	attackspambots	Automatic report - Banned IP Access	2019-09-08 01:46:06
111.230.228.183	attackbots	Sep 7 17:52:22 mail sshd\[1625\]: Invalid user cacti from 111.230.228.183 port 33316 Sep 7 17:52:22 mail sshd\[1625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.228.183 Sep 7 17:52:25 mail sshd\[1625\]: Failed password for invalid user cacti from 111.230.228.183 port 33316 ssh2 Sep 7 17:58:46 mail sshd\[2258\]: Invalid user pass1234 from 111.230.228.183 port 47100 Sep 7 17:58:46 mail sshd\[2258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.228.183	2019-09-08 01:13:30
183.129.150.2	attackspambots	Sep 7 17:36:26 dedicated sshd[20884]: Invalid user factorio123 from 183.129.150.2 port 56563	2019-09-08 01:26:36
51.254.57.17	attackspambots	Sep 7 17:00:25 mail sshd\[26462\]: Invalid user 123qwe from 51.254.57.17\ Sep 7 17:00:27 mail sshd\[26462\]: Failed password for invalid user 123qwe from 51.254.57.17 port 53099 ssh2\ Sep 7 17:04:53 mail sshd\[26497\]: Invalid user webmaster123 from 51.254.57.17\ Sep 7 17:04:55 mail sshd\[26497\]: Failed password for invalid user webmaster123 from 51.254.57.17 port 47109 ssh2\ Sep 7 17:09:30 mail sshd\[26652\]: Invalid user userftp from 51.254.57.17\ Sep 7 17:09:32 mail sshd\[26652\]: Failed password for invalid user userftp from 51.254.57.17 port 41131 ssh2\	2019-09-08 00:59:33
193.70.87.215	attackspam	Sep 7 19:39:35 SilenceServices sshd[13813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.87.215 Sep 7 19:39:36 SilenceServices sshd[13813]: Failed password for invalid user sysadmin from 193.70.87.215 port 46885 ssh2 Sep 7 19:43:30 SilenceServices sshd[15289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.87.215	2019-09-08 01:56:24
192.186.146.247	attackbotsspam	Sep 7 06:25:00 wildwolf wplogin[15921]: 192.186.146.247 prometheus.ngo [2019-09-07 06:25:00+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "admin" "prometheus2017" Sep 7 06:25:06 wildwolf wplogin[13267]: 192.186.146.247 prometheus.ngo [2019-09-07 06:25:06+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "alina" "" Sep 7 06:25:16 wildwolf wplogin[21795]: 192.186.146.247 prometheus.ngo [2019-09-07 06:25:16+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "burko" "" Sep 7 06:25:27 wildwolf wplogin[15744]: 192.186.146.247 prometheus.ngo [2019-09-07 06:25:27+0000] "POST /wp-login.php HTTP/1.1" "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "pavlo" "" Sep 7 06:25:33 wildwolf wplogin[19368]: 192.186.146.247 prometheus.ngo [2019-0........ ------------------------------	2019-09-08 00:42:57
115.49.146.71	attackspam	Unauthorised access (Sep 7) SRC=115.49.146.71 LEN=40 TTL=50 ID=49107 TCP DPT=23 WINDOW=10911 SYN	2019-09-08 01:40:31
51.89.153.213	attack	\[2019-09-07 18:00:29\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-09-07T18:00:29.249+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="468336627-2094504159-1076685137",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/51.89.153.213/53769",Challenge="1567872029/d29d6ddca5a95ab4d6e4906d656dbbbd",Response="9065798a802d7f5462264fda0dbc2e02",ExpectedResponse="" \[2019-09-07 18:00:29\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-09-07T18:00:29.295+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="468336627-2094504159-1076685137",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/51.89.153.213/53769",Challenge="1567872029/d29d6ddca5a95ab4d6e4906d656dbbbd",Response="58b5f230f2375976b448cbf8518af554",ExpectedResponse="" \[2019-09-07 18:00:29\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResp	2019-09-08 01:16:53
164.132.204.91	attackspam	Sep 7 19:38:11 SilenceServices sshd[13242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.204.91 Sep 7 19:38:13 SilenceServices sshd[13242]: Failed password for invalid user test from 164.132.204.91 port 38326 ssh2 Sep 7 19:42:05 SilenceServices sshd[14779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.204.91	2019-09-08 01:50:07

Recently Reported IPs

1.132.110.228	104.40.158.139	202.95.10.25	177.222.37.86
109.111.244.155	77.70.66.242	63.80.89.135	5.173.176.244
24.132.8.157	139.99.170.175	107.158.49.11	51.83.176.3
107.158.49.5	63.80.89.176	63.80.89.175	77.208.166.124
209.33.52.182	185.246.90.198	9.203.137.9	185.253.217.9