196.189.91.164

基本信息:

城市(city): Addis Ababa

省份(region): Addis Ababa

国家(country): Ethiopia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
196.189.91.71	spambotsattackproxynormal	Pms	2022-09-24 13:26:53
196.189.91.71	spambotsattackproxynormal	196.189.91.71	2022-09-24 02:08:57
196.189.91.71	spambotsattackproxynormal	196.189.91.71	2022-09-24 02:08:50
196.189.91.190	attack	DATE:2020-09-14 11:25:32, IP:196.189.91.190, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-15 00:43:38
196.189.91.190	attackbots	[portscan] Port scan	2020-09-14 16:27:24
196.189.91.162	attack	(sshd) Failed SSH login from 196.189.91.162 (ET/Ethiopia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 29 08:58:58 amsweb01 sshd[29482]: Invalid user ipt from 196.189.91.162 port 53506 Aug 29 08:58:59 amsweb01 sshd[29482]: Failed password for invalid user ipt from 196.189.91.162 port 53506 ssh2 Aug 29 09:19:48 amsweb01 sshd[407]: Invalid user vbox from 196.189.91.162 port 40802 Aug 29 09:19:51 amsweb01 sshd[407]: Failed password for invalid user vbox from 196.189.91.162 port 40802 ssh2 Aug 29 09:21:55 amsweb01 sshd[779]: Invalid user yp from 196.189.91.162 port 54436	2020-08-29 18:27:50
196.189.91.162	attackbots	$f2bV_matches	2020-08-20 04:13:12
196.189.91.129	attackspambots	Aug 15 06:25:35 plg sshd[16313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 15 06:25:37 plg sshd[16313]: Failed password for invalid user root from 196.189.91.129 port 47912 ssh2 Aug 15 06:28:08 plg sshd[16325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 15 06:28:09 plg sshd[16325]: Failed password for invalid user root from 196.189.91.129 port 38296 ssh2 Aug 15 06:30:46 plg sshd[16342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 15 06:30:49 plg sshd[16342]: Failed password for invalid user root from 196.189.91.129 port 57192 ssh2 ...	2020-08-15 15:31:36
196.189.91.129	attack	Aug 11 08:29:34 root sshd[17718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 11 08:29:36 root sshd[17718]: Failed password for root from 196.189.91.129 port 42440 ssh2 ...	2020-08-11 18:00:29
196.189.91.138	attack	Invalid user nmt from 196.189.91.138 port 49360	2020-06-21 18:13:53
196.189.91.166	attack	Invalid user owncloud from 196.189.91.166 port 40850	2020-06-18 03:40:53
196.189.91.138	attack	$f2bV_matches	2020-06-14 17:36:24
196.189.91.166	attackspam	Jun 14 10:33:32 melroy-server sshd[2123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 Jun 14 10:33:34 melroy-server sshd[2123]: Failed password for invalid user n from 196.189.91.166 port 45956 ssh2 ...	2020-06-14 17:05:30
196.189.91.138	attackspam	Jun 9 02:23:47 vps46666688 sshd[15239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.138 Jun 9 02:23:49 vps46666688 sshd[15239]: Failed password for invalid user carrie from 196.189.91.138 port 46816 ssh2 ...	2020-06-09 13:27:09
196.189.91.166	attackbots	May 31 01:51:42 web1 sshd[24819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 user=root May 31 01:51:44 web1 sshd[24819]: Failed password for root from 196.189.91.166 port 48616 ssh2 May 31 02:02:47 web1 sshd[27683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 user=root May 31 02:02:48 web1 sshd[27683]: Failed password for root from 196.189.91.166 port 53016 ssh2 May 31 02:05:37 web1 sshd[28657]: Invalid user purple from 196.189.91.166 port 33688 May 31 02:05:37 web1 sshd[28657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 May 31 02:05:37 web1 sshd[28657]: Invalid user purple from 196.189.91.166 port 33688 May 31 02:05:39 web1 sshd[28657]: Failed password for invalid user purple from 196.189.91.166 port 33688 ssh2 May 31 02:08:27 web1 sshd[29284]: Invalid user redmine from 196.189.91.166 port 42496 ...	2020-05-31 01:24:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.189.91.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3075
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;196.189.91.164.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025040200 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 02 14:03:44 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 164.91.189.196.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.91.189.196.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
180.250.108.133	attackspambots	Repeated brute force against a port	2019-12-26 02:27:46
77.81.230.143	attack	Automatic report - Banned IP Access	2019-12-26 01:59:06
101.37.152.70	attackspambots	3389BruteforceFW23	2019-12-26 01:58:22
111.68.108.203	attackbotsspam	Unauthorized connection attempt detected from IP address 111.68.108.203 to port 445	2019-12-26 02:26:04
188.163.37.0	attackbotsspam	$f2bV_matches	2019-12-26 02:09:35
187.201.25.54	attackbotsspam	Invalid user gari from 187.201.25.54 port 46675	2019-12-26 02:16:03
103.26.43.202	attackspam	Dec 25 18:14:41 zeus sshd[25478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.43.202 Dec 25 18:14:43 zeus sshd[25478]: Failed password for invalid user test from 103.26.43.202 port 39993 ssh2 Dec 25 18:17:38 zeus sshd[25546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.43.202 Dec 25 18:17:40 zeus sshd[25546]: Failed password for invalid user info from 103.26.43.202 port 52641 ssh2	2019-12-26 02:28:47
14.138.167.28	attackbotsspam	CMS brute force ...	2019-12-26 02:19:38
79.137.73.253	attackbots	Dec 25 15:52:59 163-172-32-151 sshd[1191]: Invalid user home from 79.137.73.253 port 48118 ...	2019-12-26 01:54:10
181.48.155.149	attack	Dec 25 15:52:07 sxvn sshd[860991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.155.149	2019-12-26 02:32:24
14.241.39.126	attack	Unauthorized connection attempt detected from IP address 14.241.39.126 to port 445	2019-12-26 02:07:30
104.236.238.243	attack	Dec 25 17:31:49 work-partkepr sshd\[17774\]: User lp from 104.236.238.243 not allowed because not listed in AllowUsers Dec 25 17:31:49 work-partkepr sshd\[17774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.238.243 user=lp ...	2019-12-26 02:14:38
104.168.250.71	attackspam	SSH/22 MH Probe, BF, Hack -	2019-12-26 02:29:41
108.211.226.221	attackspam	$f2bV_matches	2019-12-26 01:57:26
156.223.207.22	attack	[WedDec2515:52:32.2109572019][:error][pid12669:tid47392701888256][client156.223.207.22:50058][client156.223.207.22]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected$DisableifyouwanttoallowMSIE6$"][severity"WARNING"][hostname"forum-wbp.com"][uri"/"][unique_id"XgN3sFqBm5I6twD7ibZzHAAAAEg"][WedDec2515:52:35.5162462019][:error][pid12669:tid47392706090752][client156.223.207.22:50068][client156.223.207.22]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof"rx$MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com$"against"REQUEST_HEADERS:User-Agent"required.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disable	2019-12-26 02:06:31

最近上报的IP列表

244.123.114.92	107.95.229.112	205.138.61.20	135.114.2.208
254.197.233.253	153.97.140.4	247.106.206.227	38.65.205.153
72.202.176.66	221.195.44.213	9.18.6.48	44.241.240.21
119.97.57.237	129.39.109.46	86.187.57.182	54.71.174.94
238.163.183.181	59.65.204.73	164.56.82.180	194.92.251.109