139.209.145.90

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jilin Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Mar 27) SRC=139.209.145.90 LEN=40 TTL=49 ID=27266 TCP DPT=8080 WINDOW=30259 SYN	2020-03-27 13:56:28

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.209.145.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33027
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.209.145.90.			IN	A

;; AUTHORITY SECTION:
.			481	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032601 1800 900 604800 86400

;; Query time: 136 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 27 13:56:22 CST 2020
;; MSG SIZE  rcvd: 118

Host info

90.145.209.139.in-addr.arpa domain name pointer 90.145.209.139.adsl-pool.jlccptt.net.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
90.145.209.139.in-addr.arpa	name = 90.145.209.139.adsl-pool.jlccptt.net.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.248.175.232	attack	Sep 22 11:01:07 auw2 sshd\[5041\]: Invalid user lucia from 104.248.175.232 Sep 22 11:01:07 auw2 sshd\[5041\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.175.232 Sep 22 11:01:09 auw2 sshd\[5041\]: Failed password for invalid user lucia from 104.248.175.232 port 39378 ssh2 Sep 22 11:05:26 auw2 sshd\[5467\]: Invalid user RX from 104.248.175.232 Sep 22 11:05:26 auw2 sshd\[5467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.175.232	2019-09-23 05:22:04
178.62.9.122	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-09-23 05:37:29
117.169.38.69	attack	Lines containing failures of 117.169.38.69 (max 1000) Sep 22 01:10:24 localhost sshd[16059]: Invalid user revan from 117.169.38.69 port 41310 Sep 22 01:10:24 localhost sshd[16059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.169.38.69 Sep 22 01:10:26 localhost sshd[16059]: Failed password for invalid user revan from 117.169.38.69 port 41310 ssh2 Sep 22 01:10:27 localhost sshd[16059]: Received disconnect from 117.169.38.69 port 41310:11: Bye Bye [preauth] Sep 22 01:10:27 localhost sshd[16059]: Disconnected from invalid user revan 117.169.38.69 port 41310 [preauth] Sep 22 01:31:40 localhost sshd[18786]: Invalid user cyborg from 117.169.38.69 port 36206 Sep 22 01:31:40 localhost sshd[18786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.169.38.69 Sep 22 01:31:42 localhost sshd[18786]: Failed password for invalid user cyborg from 117.169.38.69 port 36206 ssh2 Sep 22 01:31:42 local........ ------------------------------	2019-09-23 05:32:32
218.92.0.192	attack	Sep 22 23:05:25 dcd-gentoo sshd[6285]: User root from 218.92.0.192 not allowed because none of user's groups are listed in AllowGroups Sep 22 23:05:27 dcd-gentoo sshd[6285]: error: PAM: Authentication failure for illegal user root from 218.92.0.192 Sep 22 23:05:25 dcd-gentoo sshd[6285]: User root from 218.92.0.192 not allowed because none of user's groups are listed in AllowGroups Sep 22 23:05:27 dcd-gentoo sshd[6285]: error: PAM: Authentication failure for illegal user root from 218.92.0.192 Sep 22 23:05:25 dcd-gentoo sshd[6285]: User root from 218.92.0.192 not allowed because none of user's groups are listed in AllowGroups Sep 22 23:05:27 dcd-gentoo sshd[6285]: error: PAM: Authentication failure for illegal user root from 218.92.0.192 Sep 22 23:05:27 dcd-gentoo sshd[6285]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.192 port 29951 ssh2 ...	2019-09-23 05:19:14
222.186.15.217	attack	2019-09-23T04:12:34.215613enmeeting.mahidol.ac.th sshd\[24461\]: User root from 222.186.15.217 not allowed because not listed in AllowUsers 2019-09-23T04:12:34.617805enmeeting.mahidol.ac.th sshd\[24461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.217 user=root 2019-09-23T04:12:36.602338enmeeting.mahidol.ac.th sshd\[24461\]: Failed password for invalid user root from 222.186.15.217 port 59687 ssh2 ...	2019-09-23 05:22:21
5.70.185.184	attack	82/tcp 8888/tcp... [2019-09-22]7pkt,2pt.(tcp)	2019-09-23 05:45:52
106.13.39.233	attack	Sep 22 23:25:13 Ubuntu-1404-trusty-64-minimal sshd\[1783\]: Invalid user cssserver from 106.13.39.233 Sep 22 23:25:13 Ubuntu-1404-trusty-64-minimal sshd\[1783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.39.233 Sep 22 23:25:15 Ubuntu-1404-trusty-64-minimal sshd\[1783\]: Failed password for invalid user cssserver from 106.13.39.233 port 54538 ssh2 Sep 22 23:41:07 Ubuntu-1404-trusty-64-minimal sshd\[17798\]: Invalid user user from 106.13.39.233 Sep 22 23:41:07 Ubuntu-1404-trusty-64-minimal sshd\[17798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.39.233	2019-09-23 05:46:37
34.74.201.120	attackspam	Sep 23 02:35:21 areeb-Workstation sshd[29122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.74.201.120 Sep 23 02:35:23 areeb-Workstation sshd[29122]: Failed password for invalid user admin from 34.74.201.120 port 35286 ssh2 ...	2019-09-23 05:23:34
200.199.6.204	attackbotsspam	Sep 22 11:06:54 kapalua sshd\[15734\]: Invalid user test1 from 200.199.6.204 Sep 22 11:06:54 kapalua sshd\[15734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.199.6.204 Sep 22 11:06:56 kapalua sshd\[15734\]: Failed password for invalid user test1 from 200.199.6.204 port 57969 ssh2 Sep 22 11:11:50 kapalua sshd\[16300\]: Invalid user ocean from 200.199.6.204 Sep 22 11:11:50 kapalua sshd\[16300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.199.6.204	2019-09-23 05:23:02
219.250.188.133	attack	Sep 22 23:05:07 ArkNodeAT sshd\[31551\]: Invalid user default from 219.250.188.133 Sep 22 23:05:07 ArkNodeAT sshd\[31551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.250.188.133 Sep 22 23:05:08 ArkNodeAT sshd\[31551\]: Failed password for invalid user default from 219.250.188.133 port 60316 ssh2	2019-09-23 05:33:30
118.68.189.76	attackbotsspam	9090/tcp 8081/tcp [2019-09-22]2pkt	2019-09-23 05:30:35
79.127.110.65	attackbotsspam	8080/tcp 8081/tcp [2019-09-22]2pkt	2019-09-23 05:28:01
51.255.173.222	attack	Sep 22 21:31:29 web8 sshd\[14391\]: Invalid user nmt from 51.255.173.222 Sep 22 21:31:29 web8 sshd\[14391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.173.222 Sep 22 21:31:31 web8 sshd\[14391\]: Failed password for invalid user nmt from 51.255.173.222 port 47048 ssh2 Sep 22 21:35:24 web8 sshd\[16247\]: Invalid user world from 51.255.173.222 Sep 22 21:35:24 web8 sshd\[16247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.173.222	2019-09-23 05:42:22
46.38.144.202	attack	Sep 22 23:33:37 mail postfix/smtpd\[24526\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:36:01 mail postfix/smtpd\[23985\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 22 23:38:22 mail postfix/smtpd\[31041\]: warning: unknown\[46.38.144.202\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-09-23 05:50:57
206.189.122.133	attackspam	Sep 22 11:16:59 lcprod sshd\[15711\]: Invalid user lia from 206.189.122.133 Sep 22 11:16:59 lcprod sshd\[15711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.122.133 Sep 22 11:17:01 lcprod sshd\[15711\]: Failed password for invalid user lia from 206.189.122.133 port 52648 ssh2 Sep 22 11:20:57 lcprod sshd\[16005\]: Invalid user marketing from 206.189.122.133 Sep 22 11:20:57 lcprod sshd\[16005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.122.133	2019-09-23 05:34:38

Recently Reported IPs

201.157.39.242	181.48.73.2	185.232.65.230	88.132.109.164
95.163.118.126	229.76.247.60	94.66.27.14	69.85.239.16
189.80.44.98	199.126.70.202	115.76.178.155	217.182.38.4
113.175.121.179	27.74.248.125	51.75.55.33	49.94.166.214
113.175.118.69	128.199.234.128	1.28.205.33	92.118.38.82