116.196.80.104

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Beijing Jingdong 360 Degree E-Commerce Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-05-04 12:50:36
attackspambots	Apr 11 02:09:20 web1 sshd\[6888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 user=root Apr 11 02:09:22 web1 sshd\[6888\]: Failed password for root from 116.196.80.104 port 44488 ssh2 Apr 11 02:12:31 web1 sshd\[7249\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 user=root Apr 11 02:12:33 web1 sshd\[7249\]: Failed password for root from 116.196.80.104 port 41464 ssh2 Apr 11 02:15:36 web1 sshd\[7591\]: Invalid user canna from 116.196.80.104 Apr 11 02:15:36 web1 sshd\[7591\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104	2020-04-12 01:39:04
attackspambots	2020-03-17 11:59:29 server sshd[96705]: Failed password for invalid user root from 116.196.80.104 port 58630 ssh2	2020-03-19 03:11:05
attack	SSH Bruteforce attempt	2020-02-10 07:53:21
attackspambots	Unauthorized connection attempt detected from IP address 116.196.80.104 to port 2220 [J]	2020-02-04 19:34:05
attackspambots	Unauthorized connection attempt detected from IP address 116.196.80.104 to port 2220 [J]	2020-01-25 00:42:20
attackbots	Unauthorized connection attempt detected from IP address 116.196.80.104 to port 2220 [J]	2020-01-04 23:57:36
attackbots	Invalid user krishan from 116.196.80.104 port 33116	2020-01-01 05:51:24
attackbotsspam	Dec 24 05:54:00 lnxweb61 sshd[4590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104	2019-12-24 13:54:44
attackspam	Dec 13 15:18:27 sauna sshd[29198]: Failed password for root from 116.196.80.104 port 37710 ssh2 ...	2019-12-13 21:27:10
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 23:18:57
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 14:53:12
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 07:17:02
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 01:29:51
attackspam	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-08 15:18:42
attackspambots	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-08 09:22:39
attackbotsspam	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-07 15:42:44
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-07 13:28:20
attackbotsspam	Nov 16 17:32:58 Invalid user nen from 116.196.80.104 port 51026	2019-11-17 04:16:32
attackbotsspam	Nov 5 18:31:43 localhost sshd\[10360\]: Invalid user com from 116.196.80.104 port 50618 Nov 5 18:31:43 localhost sshd\[10360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Nov 5 18:31:44 localhost sshd\[10360\]: Failed password for invalid user com from 116.196.80.104 port 50618 ssh2 Nov 5 18:35:22 localhost sshd\[10471\]: Invalid user testtest123 from 116.196.80.104 port 56066 Nov 5 18:35:22 localhost sshd\[10471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 ...	2019-11-06 02:51:51
attackbotsspam	2019-11-05 03:29:52,977 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 04:03:46,628 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 04:41:47,270 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 05:16:12,717 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 05:52:43,102 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 ...	2019-11-05 14:19:56
attackbots	Nov 3 08:54:38 hosting sshd[7897]: Invalid user student2 from 116.196.80.104 port 49174 ...	2019-11-03 15:01:19
attackspambots	Automatic report - Banned IP Access	2019-10-26 23:23:39
attackspam	2019-10-26T03:47:44.619880abusebot-4.cloudsearch.cf sshd\[9836\]: Invalid user ack from 116.196.80.104 port 34634	2019-10-26 16:53:24
attack	2019-10-21T08:12:35.411595abusebot-7.cloudsearch.cf sshd\[28831\]: Invalid user mt from 116.196.80.104 port 53968	2019-10-21 16:22:50
attackbotsspam	Oct 14 17:47:36 markkoudstaal sshd[16332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Oct 14 17:47:38 markkoudstaal sshd[16332]: Failed password for invalid user oracle from 116.196.80.104 port 46662 ssh2 Oct 14 17:53:24 markkoudstaal sshd[16800]: Failed password for root from 116.196.80.104 port 56452 ssh2	2019-10-15 00:20:56
attackspam	Oct 6 07:10:13 sauna sshd[188793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Oct 6 07:10:16 sauna sshd[188793]: Failed password for invalid user abc@2018 from 116.196.80.104 port 47728 ssh2 ...	2019-10-06 12:33:15
attackbots	Sep 20 06:33:32 microserver sshd[13298]: Invalid user postgres from 116.196.80.104 port 56310 Sep 20 06:33:32 microserver sshd[13298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Sep 20 06:33:34 microserver sshd[13298]: Failed password for invalid user postgres from 116.196.80.104 port 56310 ssh2 Sep 20 06:38:04 microserver sshd[13958]: Invalid user upload from 116.196.80.104 port 40338 Sep 20 06:38:04 microserver sshd[13958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Sep 20 06:51:30 microserver sshd[15903]: Invalid user system from 116.196.80.104 port 48852 Sep 20 06:51:30 microserver sshd[15903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Sep 20 06:51:32 microserver sshd[15903]: Failed password for invalid user system from 116.196.80.104 port 48852 ssh2 Sep 20 06:56:14 microserver sshd[16590]: Invalid user msimon from 116.196.80.1	2019-10-05 05:24:52
attackspambots	2019-10-02T01:15:03.426430shield sshd\[25778\]: Invalid user gy from 116.196.80.104 port 40938 2019-10-02T01:15:03.431199shield sshd\[25778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 2019-10-02T01:15:04.675933shield sshd\[25778\]: Failed password for invalid user gy from 116.196.80.104 port 40938 ssh2 2019-10-02T01:18:35.488910shield sshd\[26172\]: Invalid user asael from 116.196.80.104 port 43888 2019-10-02T01:18:35.493197shield sshd\[26172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104	2019-10-02 09:29:58
attackspam	2019-09-29T05:29:24.903168abusebot-2.cloudsearch.cf sshd\[6981\]: Invalid user george from 116.196.80.104 port 36498	2019-09-29 14:03:52

相同子网IP讨论:

IP	类型	评论内容	时间
116.196.80.119	attackspam	Apr 18 11:29:54 marvibiene sshd[34039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.119 user=root Apr 18 11:29:56 marvibiene sshd[34039]: Failed password for root from 116.196.80.119 port 47338 ssh2 Apr 18 11:59:51 marvibiene sshd[34461]: Invalid user test from 116.196.80.119 port 48786 ...	2020-04-19 00:54:14

类型

评论内容

时间

116.196.80.119

attackspam

Apr 18 11:29:54 marvibiene sshd[34039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.119  user=root
Apr 18 11:29:56 marvibiene sshd[34039]: Failed password for root from 116.196.80.119 port 47338 ssh2
Apr 18 11:59:51 marvibiene sshd[34461]: Invalid user test from 116.196.80.119 port 48786
...

2020-04-19 00:54:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.196.80.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63719
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.196.80.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 27 10:37:37 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 104.80.196.116.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 104.80.196.116.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
161.117.55.176	attackbots	161.117.55.176 - - [07/Aug/2020:21:26:50 +0100] "POST /wp-login.php HTTP/1.1" 200 1973 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 161.117.55.176 - - [07/Aug/2020:21:26:53 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 161.117.55.176 - - [07/Aug/2020:21:26:56 +0100] "POST /wp-login.php HTTP/1.1" 200 1953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-08 05:45:29
116.106.101.130	attackspam	Attempted to establish connection to non opened port 23	2020-08-08 05:24:29
115.124.65.2	attack	Aug 7 23:07:00 cp sshd[29689]: Failed password for root from 115.124.65.2 port 39798 ssh2 Aug 7 23:07:00 cp sshd[29689]: Failed password for root from 115.124.65.2 port 39798 ssh2	2020-08-08 05:26:31
192.169.200.135	attackbotsspam	Attempt to hack Wordpress Login, XMLRPC or other login	2020-08-08 05:31:36
106.12.86.205	attackbotsspam	Aug 7 22:59:35 piServer sshd[31290]: Failed password for root from 106.12.86.205 port 34364 ssh2 Aug 7 23:02:45 piServer sshd[31649]: Failed password for root from 106.12.86.205 port 51196 ssh2 ...	2020-08-08 05:22:49
167.71.235.173	attackspambots	POST /xmlrpc.php HTTP/1.1 POST /xmlrpc.php HTTP/1.1 POST /xmlrpc.php HTTP/1.1	2020-08-08 05:14:25
218.92.0.216	attackbots	Aug 8 02:15:00 gw1 sshd[4873]: Failed password for root from 218.92.0.216 port 14778 ssh2 Aug 8 02:15:04 gw1 sshd[4873]: Failed password for root from 218.92.0.216 port 14778 ssh2 ...	2020-08-08 05:16:59
117.50.65.167	attackbots	Attempted to establish connection to non opened port 55553	2020-08-08 05:26:14
45.129.33.11	attack	Attempted to establish connection to non opened port 5965	2020-08-08 05:29:04
103.12.151.6	attackspam	xmlrpc attack	2020-08-08 05:20:56
180.101.145.234	attackspam	Aug 7 22:27:19 srv-ubuntu-dev3 postfix/smtpd[65529]: warning: unknown[180.101.145.234]: SASL LOGIN authentication failed: authentication failure Aug 7 22:27:20 srv-ubuntu-dev3 postfix/smtpd[65529]: warning: unknown[180.101.145.234]: SASL LOGIN authentication failed: authentication failure Aug 7 22:27:21 srv-ubuntu-dev3 postfix/smtpd[65529]: warning: unknown[180.101.145.234]: SASL LOGIN authentication failed: authentication failure Aug 7 22:27:22 srv-ubuntu-dev3 postfix/smtpd[65529]: warning: unknown[180.101.145.234]: SASL LOGIN authentication failed: authentication failure Aug 7 22:27:23 srv-ubuntu-dev3 postfix/smtpd[65529]: warning: unknown[180.101.145.234]: SASL LOGIN authentication failed: authentication failure ...	2020-08-08 05:40:43
218.92.0.215	attackbots	Aug 7 23:12:24 v22018053744266470 sshd[16845]: Failed password for root from 218.92.0.215 port 10202 ssh2 Aug 7 23:12:32 v22018053744266470 sshd[16855]: Failed password for root from 218.92.0.215 port 37637 ssh2 ...	2020-08-08 05:18:00
193.112.1.26	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-08 05:50:23
193.32.161.147	attackspam	08/07/2020-17:26:06.040535 193.32.161.147 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-08 05:27:39
185.173.35.41	attackspam	port	2020-08-08 05:14:37

最近上报的IP列表

130.61.27.145	120.51.167.0	107.170.209.246	163.112.58.52
17.192.115.249	139.119.163.141	178.46.128.103	9.252.145.169
235.21.149.78	192.247.255.118	156.7.126.110	243.194.233.192
238.171.99.82	46.183.222.117	124.154.99.56	233.125.183.224
58.140.229.218	1.235.40.213	43.176.227.230	224.253.140.27