196.189.91.164

基本信息:

城市(city): Addis Ababa

省份(region): Addis Ababa

国家(country): Ethiopia

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
196.189.91.71	spambotsattackproxynormal	Pms	2022-09-24 13:26:53
196.189.91.71	spambotsattackproxynormal	196.189.91.71	2022-09-24 02:08:57
196.189.91.71	spambotsattackproxynormal	196.189.91.71	2022-09-24 02:08:50
196.189.91.190	attack	DATE:2020-09-14 11:25:32, IP:196.189.91.190, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-15 00:43:38
196.189.91.190	attackbots	[portscan] Port scan	2020-09-14 16:27:24
196.189.91.162	attack	(sshd) Failed SSH login from 196.189.91.162 (ET/Ethiopia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 29 08:58:58 amsweb01 sshd[29482]: Invalid user ipt from 196.189.91.162 port 53506 Aug 29 08:58:59 amsweb01 sshd[29482]: Failed password for invalid user ipt from 196.189.91.162 port 53506 ssh2 Aug 29 09:19:48 amsweb01 sshd[407]: Invalid user vbox from 196.189.91.162 port 40802 Aug 29 09:19:51 amsweb01 sshd[407]: Failed password for invalid user vbox from 196.189.91.162 port 40802 ssh2 Aug 29 09:21:55 amsweb01 sshd[779]: Invalid user yp from 196.189.91.162 port 54436	2020-08-29 18:27:50
196.189.91.162	attackbots	$f2bV_matches	2020-08-20 04:13:12
196.189.91.129	attackspambots	Aug 15 06:25:35 plg sshd[16313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 15 06:25:37 plg sshd[16313]: Failed password for invalid user root from 196.189.91.129 port 47912 ssh2 Aug 15 06:28:08 plg sshd[16325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 15 06:28:09 plg sshd[16325]: Failed password for invalid user root from 196.189.91.129 port 38296 ssh2 Aug 15 06:30:46 plg sshd[16342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 15 06:30:49 plg sshd[16342]: Failed password for invalid user root from 196.189.91.129 port 57192 ssh2 ...	2020-08-15 15:31:36
196.189.91.129	attack	Aug 11 08:29:34 root sshd[17718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.129 user=root Aug 11 08:29:36 root sshd[17718]: Failed password for root from 196.189.91.129 port 42440 ssh2 ...	2020-08-11 18:00:29
196.189.91.138	attack	Invalid user nmt from 196.189.91.138 port 49360	2020-06-21 18:13:53
196.189.91.166	attack	Invalid user owncloud from 196.189.91.166 port 40850	2020-06-18 03:40:53
196.189.91.138	attack	$f2bV_matches	2020-06-14 17:36:24
196.189.91.166	attackspam	Jun 14 10:33:32 melroy-server sshd[2123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 Jun 14 10:33:34 melroy-server sshd[2123]: Failed password for invalid user n from 196.189.91.166 port 45956 ssh2 ...	2020-06-14 17:05:30
196.189.91.138	attackspam	Jun 9 02:23:47 vps46666688 sshd[15239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.138 Jun 9 02:23:49 vps46666688 sshd[15239]: Failed password for invalid user carrie from 196.189.91.138 port 46816 ssh2 ...	2020-06-09 13:27:09
196.189.91.166	attackbots	May 31 01:51:42 web1 sshd[24819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 user=root May 31 01:51:44 web1 sshd[24819]: Failed password for root from 196.189.91.166 port 48616 ssh2 May 31 02:02:47 web1 sshd[27683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 user=root May 31 02:02:48 web1 sshd[27683]: Failed password for root from 196.189.91.166 port 53016 ssh2 May 31 02:05:37 web1 sshd[28657]: Invalid user purple from 196.189.91.166 port 33688 May 31 02:05:37 web1 sshd[28657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.189.91.166 May 31 02:05:37 web1 sshd[28657]: Invalid user purple from 196.189.91.166 port 33688 May 31 02:05:39 web1 sshd[28657]: Failed password for invalid user purple from 196.189.91.166 port 33688 ssh2 May 31 02:08:27 web1 sshd[29284]: Invalid user redmine from 196.189.91.166 port 42496 ...	2020-05-31 01:24:54

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.189.91.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3075
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;196.189.91.164.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025040200 1800 900 604800 86400

;; Query time: 137 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 02 14:03:44 CST 2025
;; MSG SIZE  rcvd: 107

HOST信息:

Host 164.91.189.196.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.91.189.196.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
104.248.151.177	attackbots	$f2bV_matches	2020-03-25 07:45:28
112.21.191.244	attack	Mar 12 17:47:55 [snip] sshd[12825]: Invalid user 140.224.96.42 from 112.21.191.244 port 48792 Mar 12 17:47:55 [snip] sshd[12825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.21.191.244 Mar 12 17:47:57 [snip] sshd[12825]: Failed password for invalid user 140.224.96.42 from 112.21.191.244 port 48792 ssh2[...]	2020-03-25 07:40:36
117.50.96.235	attack	Invalid user chang from 117.50.96.235 port 51154	2020-03-25 08:19:23
112.91.145.58	attackbotsspam	Brute-force attempt banned	2020-03-25 08:05:07
212.92.108.94	attack	RDPBruteVem	2020-03-25 08:17:51
68.183.147.162	attackspambots	Invalid user ghost from 68.183.147.162 port 34136	2020-03-25 07:54:47
212.47.253.178	attackspambots	Invalid user yangzishuang from 212.47.253.178 port 33076	2020-03-25 07:53:55
185.186.245.29	attackbotsspam	firewall-block, port(s): 11211/udp	2020-03-25 07:48:08
23.106.216.2	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/23.106.216.2/ US - 1H : (96) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN396190 IP : 23.106.216.2 CIDR : 23.106.192.0/19 PREFIX COUNT : 85 UNIQUE IP COUNT : 125696 ATTACKS DETECTED ASN396190 : 1H - 2 3H - 2 6H - 2 12H - 2 24H - 2 DateTime : 2020-03-24 19:25:14 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery	2020-03-25 08:22:05
163.172.118.125	attack	SSH brute force	2020-03-25 08:15:34
77.222.107.127	attack	Unauthorized connection attempt detected from IP address 77.222.107.127 to port 445	2020-03-25 08:12:25
148.72.209.44	attack	Mar 24 19:25:40 debian-2gb-nbg1-2 kernel: \[7333423.822048\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=148.72.209.44 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=44 ID=0 DF PROTO=TCP SPT=22 DPT=10339 WINDOW=29200 RES=0x00 ACK SYN URGP=0	2020-03-25 08:02:15
167.114.47.68	attackspam	detected by Fail2Ban	2020-03-25 08:06:13
180.168.141.246	attack	SSH Invalid Login	2020-03-25 07:57:31
185.53.88.49	attackbots	[2020-03-24 19:53:59] NOTICE[1148][C-000167d1] chan_sip.c: Call from '' (185.53.88.49:5076) to extension '9011972595778361' rejected because extension not found in context 'public'. [2020-03-24 19:53:59] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-24T19:53:59.511-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011972595778361",SessionID="0x7fd82c530768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.49/5076",ACLName="no_extension_match" [2020-03-24 20:02:45] NOTICE[1148][C-000167de] chan_sip.c: Call from '' (185.53.88.49:5078) to extension '5011972595778361' rejected because extension not found in context 'public'. [2020-03-24 20:02:45] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-24T20:02:45.323-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="5011972595778361",SessionID="0x7fd82c43c848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/18 ...	2020-03-25 08:13:29

最近上报的IP列表

244.123.114.92	107.95.229.112	205.138.61.20	135.114.2.208
254.197.233.253	153.97.140.4	247.106.206.227	38.65.205.153
72.202.176.66	221.195.44.213	9.18.6.48	44.241.240.21
119.97.57.237	129.39.109.46	86.187.57.182	54.71.174.94
238.163.183.181	59.65.204.73	164.56.82.180	194.92.251.109