城市(city): Secaucus
省份(region): New Jersey
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 69.10.48.130 | attackspambots | (sshd) Failed SSH login from 69.10.48.130 (US/United States/lushcurrent.com): 5 in the last 3600 secs |
2020-04-27 04:07:51 |
| 69.10.48.88 | attackspam | Apr 25 04:13:47 zn006 sshd[25091]: Address 69.10.48.88 maps to terrell.shardashuffieldserv.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 25 04:13:47 zn006 sshd[25091]: Invalid user carlos from 69.10.48.88 Apr 25 04:13:47 zn006 sshd[25091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.48.88 Apr 25 04:13:49 zn006 sshd[25091]: Failed password for invalid user carlos from 69.10.48.88 port 58560 ssh2 Apr 25 04:13:49 zn006 sshd[25091]: Received disconnect from 69.10.48.88: 11: Bye Bye [preauth] Apr 25 04:22:37 zn006 sshd[26092]: Address 69.10.48.88 maps to terrell.shardashuffieldserv.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 25 04:22:37 zn006 sshd[26092]: Invalid user te from 69.10.48.88 Apr 25 04:22:37 zn006 sshd[26092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.48.88 Apr 25 04:22:39 zn006 sshd[26092]: ........ ------------------------------- |
2020-04-26 06:34:45 |
| 69.10.48.130 | attackbotsspam | Apr 19 07:20:19 mail sshd[9172]: Invalid user cn from 69.10.48.130 Apr 19 07:20:19 mail sshd[9172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.48.130 Apr 19 07:20:19 mail sshd[9172]: Invalid user cn from 69.10.48.130 Apr 19 07:20:22 mail sshd[9172]: Failed password for invalid user cn from 69.10.48.130 port 45244 ssh2 Apr 19 07:27:51 mail sshd[20440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.10.48.130 user=root Apr 19 07:27:53 mail sshd[20440]: Failed password for root from 69.10.48.130 port 43338 ssh2 ... |
2020-04-19 14:10:12 |
| 69.10.48.67 | attackbots | Apr 11 06:20:48 www sshd[29910]: Failed password for r.r from 69.10.48.67 port 55588 ssh2 Apr 11 06:20:49 www sshd[29912]: Invalid user admin from 69.10.48.67 Apr 11 06:20:51 www sshd[29912]: Failed password for invalid user admin from 69.10.48.67 port 60982 ssh2 Apr 11 06:20:52 www sshd[29914]: Invalid user admin from 69.10.48.67 Apr 11 06:20:54 www sshd[29914]: Failed password for invalid user admin from 69.10.48.67 port 37452 ssh2 Apr 11 06:20:54 www sshd[29916]: Invalid user user from 69.10.48.67 Apr 11 06:20:57 www sshd[29916]: Failed password for invalid user user from 69.10.48.67 port 41582 ssh2 Apr 11 06:20:58 www sshd[29918]: Invalid user ubnt from 69.10.48.67 Apr 11 06:21:00 www sshd[29918]: Failed password for invalid user ubnt from 69.10.48.67 port 47208 ssh2 Apr 11 06:21:01 www sshd[29922]: Invalid user admin from 69.10.48.67 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=69.10.48.67 |
2020-04-11 17:36:18 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 69.10.32.0 - 69.10.63.255
CIDR: 69.10.32.0/19
NetName: INTERSERVER
NetHandle: NET-69-10-32-0-1
Parent: NET69 (NET-69-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Interserver, Inc (INTER-83)
RegDate: 2007-04-11
Updated: 2012-02-24
Comment: Please use abusencc@interserver.net for all abuse reports.
Ref: https://rdap.arin.net/registry/ip/69.10.32.0
OrgName: Interserver, Inc
OrgId: INTER-83
Address: 110 Meadowlands Pkwy
Address: 1st Floor
City: Secaucus
StateProv: NJ
PostalCode: 07094
Country: US
RegDate: 2003-03-17
Updated: 2024-11-25
Comment: Please use https://www.interserver.net/contact-information.html for all abuse complaints.
Comment:
Comment: DMCA registered agent dmca@interserver.net
Ref: https://rdap.arin.net/registry/entity/INTER-83
ReferralServer: rwhois://rwhois.trouble-free.net:4321
OrgAbuseHandle: NOC1390-ARIN
OrgAbuseName: Network Operations Center
OrgAbusePhone: +1-201-605-1440
OrgAbuseEmail: abusencc@interserver.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN
OrgTechHandle: NOC1390-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-201-605-1440
OrgTechEmail: abusencc@interserver.net
OrgTechRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN
OrgNOCHandle: NOC1390-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-201-605-1440
OrgNOCEmail: abusencc@interserver.net
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN
RAbuseHandle: MLA13-ARIN
RAbuseName: Lavrik, Michael
RAbusePhone: +1-201-605-1440
RAbuseEmail: abusencc@interserver.net
RAbuseRef: https://rdap.arin.net/registry/entity/MLA13-ARIN
RTechHandle: NOC1390-ARIN
RTechName: Network Operations Center
RTechPhone: +1-201-605-1440
RTechEmail: abusencc@interserver.net
RTechRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN
RNOCHandle: NOC1390-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-201-605-1440
RNOCEmail: abusencc@interserver.net
RNOCRef: https://rdap.arin.net/registry/entity/NOC1390-ARIN
# end
# start
NetRange: 69.10.48.128 - 69.10.48.255
CIDR: 69.10.48.128/25
NetName: PWG2
NetHandle: NET-69-10-48-128-1
Parent: INTERSERVER (NET-69-10-32-0-1)
NetType: Reassigned
OriginAS:
Organization: Premier Web Group LLC (PWG-13)
RegDate: 2020-09-01
Updated: 2023-10-25
Ref: https://rdap.arin.net/registry/ip/69.10.48.128
OrgName: Premier Web Group LLC
OrgId: PWG-13
Address: 70 SPRUCE ST BLDG 12
City: PATERSON
StateProv: NJ
PostalCode: 07501
Country: US
RegDate: 2013-10-24
Updated: 2023-10-25
Comment: Premier Web Group provides fully managed linux and windows dedicated servers with 24/7 support. Lowest internet prices. Free setup.
Ref: https://rdap.arin.net/registry/entity/PWG-13
OrgNOCHandle: GOLDI4-ARIN
OrgNOCName: goldin, boris
OrgNOCPhone: +1-917-456-7716
OrgNOCEmail: bgoldin@hotmail.com
OrgNOCRef: https://rdap.arin.net/registry/entity/GOLDI4-ARIN
OrgTechHandle: GOLDI4-ARIN
OrgTechName: goldin, boris
OrgTechPhone: +1-917-456-7716
OrgTechEmail: bgoldin@hotmail.com
OrgTechRef: https://rdap.arin.net/registry/entity/GOLDI4-ARIN
OrgAbuseHandle: GOLDI4-ARIN
OrgAbuseName: goldin, boris
OrgAbusePhone: +1-917-456-7716
OrgAbuseEmail: bgoldin@hotmail.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/GOLDI4-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to rwhois.trouble-free.net:4321.
%rwhois V-1.5:003fff:00 rwhois.trouble-free.net (by Network Solutions, Inc. V-1.5.9.6)
network:Auth-Area:69.10.32.0/19
network:Class-Name:network
network:Network-Name:NETBLK-69.10.48.128/25
network:IP-Network:69.10.48.128/25
network:Organization;I:163672.interserver.net
network:Abuse-Email:abusencc@interserver.net
network:Tech-Contact;I:hostmaster.interserver.net
network:Admin-Contact;I:client163672.interserver.net
network:Auth-Area:69.10.32.0/19
network:Class-Name:network
network:Network-Name:NETBLK-69.10.32.0/19
network:IP-Network:69.10.32.0/19
network:Organization;I:org.interserver.net
network:Street-Address:PO Box 1707
network:City:Englewood Cliffs
network:State:NJ
network:Postal-Code:07632
network:Country-Code:US
network:Abuse-Email:abusencc@interserver.net
network:Tech-Contact;I:hostmaster.interserver.net
network:Admin-Contact;I:hostmaster.interserver.net
%ok; <<>> DiG 9.10.3-P4-Ubuntu <<>> 69.10.48.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32022
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;69.10.48.159. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026031602 1800 900 604800 86400
;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 17 13:30:20 CST 2026
;; MSG SIZE rcvd: 105159.48.10.69.in-addr.arpa domain name pointer gyourgyousi.fun.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
159.48.10.69.in-addr.arpa name = gyourgyousi.fun.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 61.7.144.24 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-09-06 17:01:07 |
| 88.201.34.243 | attack | Tried our host z. |
2020-09-06 17:00:33 |
| 45.130.97.87 | attackspam | Attempted connection to port 445. |
2020-09-06 16:34:37 |
| 101.89.92.230 | attackspambots | Lines containing failures of 101.89.92.230 Sep 3 04:00:56 shared01 sshd[11678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.92.230 user=r.r Sep 3 04:00:58 shared01 sshd[11678]: Failed password for r.r from 101.89.92.230 port 44058 ssh2 Sep 3 04:00:59 shared01 sshd[11678]: Received disconnect from 101.89.92.230 port 44058:11: Bye Bye [preauth] Sep 3 04:00:59 shared01 sshd[11678]: Disconnected from authenticating user r.r 101.89.92.230 port 44058 [preauth] Sep 3 04:17:14 shared01 sshd[16636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.92.230 user=r.r Sep 3 04:17:15 shared01 sshd[16636]: Failed password for r.r from 101.89.92.230 port 41728 ssh2 Sep 3 04:17:15 shared01 sshd[16636]: Received disconnect from 101.89.92.230 port 41728:11: Bye Bye [preauth] Sep 3 04:17:15 shared01 sshd[16636]: Disconnected from authenticating user r.r 101.89.92.230 port 41728 [preauth........ ------------------------------ |
2020-09-06 17:01:33 |
| 181.13.139.26 | attack | Honeypot attack, port: 445, PTR: host26.181-13-139.telecom.net.ar. |
2020-09-06 16:37:38 |
| 67.143.192.177 | attackspam | Attempted connection to port 445. |
2020-09-06 16:30:46 |
| 50.196.46.20 | attack | Honeypot attack, port: 81, PTR: 50-196-46-20-static.hfc.comcastbusiness.net. |
2020-09-06 16:27:15 |
| 45.142.120.117 | attackbotsspam | Sep 6 10:57:37 vmanager6029 postfix/smtpd\[5013\]: warning: unknown\[45.142.120.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 10:58:12 vmanager6029 postfix/smtpd\[5013\]: warning: unknown\[45.142.120.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2020-09-06 16:58:41 |
| 190.85.169.4 | attackbots | Attempted connection to port 2323. |
2020-09-06 16:35:28 |
| 31.28.253.97 | attackspambots | Unauthorized connection attempt from IP address 31.28.253.97 on Port 445(SMB) |
2020-09-06 16:51:52 |
| 37.49.225.144 | attackspambots | Merda |
2020-09-06 16:19:11 |
| 202.154.40.18 | attack | Automatic report - Banned IP Access |
2020-09-06 16:38:03 |
| 194.99.105.206 | attackspambots | Attempt to access VoIP server |
2020-09-06 16:36:07 |
| 116.25.188.32 | attack | Unauthorized connection attempt from IP address 116.25.188.32 on Port 445(SMB) |
2020-09-06 16:52:21 |
| 222.186.175.183 | attackspambots | Sep 6 10:34:23 vps647732 sshd[1355]: Failed password for root from 222.186.175.183 port 9272 ssh2 Sep 6 10:34:35 vps647732 sshd[1355]: error: maximum authentication attempts exceeded for root from 222.186.175.183 port 9272 ssh2 [preauth] ... |
2020-09-06 16:35:49 |