116.196.80.104

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Jingdong 360 Degree E-Commerce Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	$f2bV_matches	2020-05-04 12:50:36
attackspambots	Apr 11 02:09:20 web1 sshd\[6888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 user=root Apr 11 02:09:22 web1 sshd\[6888\]: Failed password for root from 116.196.80.104 port 44488 ssh2 Apr 11 02:12:31 web1 sshd\[7249\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 user=root Apr 11 02:12:33 web1 sshd\[7249\]: Failed password for root from 116.196.80.104 port 41464 ssh2 Apr 11 02:15:36 web1 sshd\[7591\]: Invalid user canna from 116.196.80.104 Apr 11 02:15:36 web1 sshd\[7591\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104	2020-04-12 01:39:04
attackspambots	2020-03-17 11:59:29 server sshd[96705]: Failed password for invalid user root from 116.196.80.104 port 58630 ssh2	2020-03-19 03:11:05
attack	SSH Bruteforce attempt	2020-02-10 07:53:21
attackspambots	Unauthorized connection attempt detected from IP address 116.196.80.104 to port 2220 [J]	2020-02-04 19:34:05
attackspambots	Unauthorized connection attempt detected from IP address 116.196.80.104 to port 2220 [J]	2020-01-25 00:42:20
attackbots	Unauthorized connection attempt detected from IP address 116.196.80.104 to port 2220 [J]	2020-01-04 23:57:36
attackbots	Invalid user krishan from 116.196.80.104 port 33116	2020-01-01 05:51:24
attackbotsspam	Dec 24 05:54:00 lnxweb61 sshd[4590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104	2019-12-24 13:54:44
attackspam	Dec 13 15:18:27 sauna sshd[29198]: Failed password for root from 116.196.80.104 port 37710 ssh2 ...	2019-12-13 21:27:10
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 23:18:57
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 14:53:12
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 07:17:02
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-09 01:29:51
attackspam	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-08 15:18:42
attackspambots	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-08 09:22:39
attackbotsspam	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-07 15:42:44
attack	Dec 6 23:03:54 mail sshd[1431]: Failed password for root from 116.196.80.104 port 47674 ssh2 Dec 6 23:11:08 mail sshd[3259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Dec 6 23:11:10 mail sshd[3259]: Failed password for invalid user awhite from 116.196.80.104 port 48976 ssh2	2019-12-07 13:28:20
attackbotsspam	Nov 16 17:32:58 Invalid user nen from 116.196.80.104 port 51026	2019-11-17 04:16:32
attackbotsspam	Nov 5 18:31:43 localhost sshd\[10360\]: Invalid user com from 116.196.80.104 port 50618 Nov 5 18:31:43 localhost sshd\[10360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Nov 5 18:31:44 localhost sshd\[10360\]: Failed password for invalid user com from 116.196.80.104 port 50618 ssh2 Nov 5 18:35:22 localhost sshd\[10471\]: Invalid user testtest123 from 116.196.80.104 port 56066 Nov 5 18:35:22 localhost sshd\[10471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 ...	2019-11-06 02:51:51
attackbotsspam	2019-11-05 03:29:52,977 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 04:03:46,628 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 04:41:47,270 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 05:16:12,717 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 2019-11-05 05:52:43,102 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 116.196.80.104 ...	2019-11-05 14:19:56
attackbots	Nov 3 08:54:38 hosting sshd[7897]: Invalid user student2 from 116.196.80.104 port 49174 ...	2019-11-03 15:01:19
attackspambots	Automatic report - Banned IP Access	2019-10-26 23:23:39
attackspam	2019-10-26T03:47:44.619880abusebot-4.cloudsearch.cf sshd\[9836\]: Invalid user ack from 116.196.80.104 port 34634	2019-10-26 16:53:24
attack	2019-10-21T08:12:35.411595abusebot-7.cloudsearch.cf sshd\[28831\]: Invalid user mt from 116.196.80.104 port 53968	2019-10-21 16:22:50
attackbotsspam	Oct 14 17:47:36 markkoudstaal sshd[16332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Oct 14 17:47:38 markkoudstaal sshd[16332]: Failed password for invalid user oracle from 116.196.80.104 port 46662 ssh2 Oct 14 17:53:24 markkoudstaal sshd[16800]: Failed password for root from 116.196.80.104 port 56452 ssh2	2019-10-15 00:20:56
attackspam	Oct 6 07:10:13 sauna sshd[188793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Oct 6 07:10:16 sauna sshd[188793]: Failed password for invalid user abc@2018 from 116.196.80.104 port 47728 ssh2 ...	2019-10-06 12:33:15
attackbots	Sep 20 06:33:32 microserver sshd[13298]: Invalid user postgres from 116.196.80.104 port 56310 Sep 20 06:33:32 microserver sshd[13298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Sep 20 06:33:34 microserver sshd[13298]: Failed password for invalid user postgres from 116.196.80.104 port 56310 ssh2 Sep 20 06:38:04 microserver sshd[13958]: Invalid user upload from 116.196.80.104 port 40338 Sep 20 06:38:04 microserver sshd[13958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Sep 20 06:51:30 microserver sshd[15903]: Invalid user system from 116.196.80.104 port 48852 Sep 20 06:51:30 microserver sshd[15903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 Sep 20 06:51:32 microserver sshd[15903]: Failed password for invalid user system from 116.196.80.104 port 48852 ssh2 Sep 20 06:56:14 microserver sshd[16590]: Invalid user msimon from 116.196.80.1	2019-10-05 05:24:52
attackspambots	2019-10-02T01:15:03.426430shield sshd\[25778\]: Invalid user gy from 116.196.80.104 port 40938 2019-10-02T01:15:03.431199shield sshd\[25778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104 2019-10-02T01:15:04.675933shield sshd\[25778\]: Failed password for invalid user gy from 116.196.80.104 port 40938 ssh2 2019-10-02T01:18:35.488910shield sshd\[26172\]: Invalid user asael from 116.196.80.104 port 43888 2019-10-02T01:18:35.493197shield sshd\[26172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.104	2019-10-02 09:29:58
attackspam	2019-09-29T05:29:24.903168abusebot-2.cloudsearch.cf sshd\[6981\]: Invalid user george from 116.196.80.104 port 36498	2019-09-29 14:03:52

Comments on same subnet:

IP	Type	Details	Datetime
116.196.80.119	attackspam	Apr 18 11:29:54 marvibiene sshd[34039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.119 user=root Apr 18 11:29:56 marvibiene sshd[34039]: Failed password for root from 116.196.80.119 port 47338 ssh2 Apr 18 11:59:51 marvibiene sshd[34461]: Invalid user test from 116.196.80.119 port 48786 ...	2020-04-19 00:54:14

Type

Details

Datetime

116.196.80.119

attackspam

Apr 18 11:29:54 marvibiene sshd[34039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.80.119  user=root
Apr 18 11:29:56 marvibiene sshd[34039]: Failed password for root from 116.196.80.119 port 47338 ssh2
Apr 18 11:59:51 marvibiene sshd[34461]: Invalid user test from 116.196.80.119 port 48786
...

2020-04-19 00:54:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.196.80.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63719
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.196.80.104.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 27 10:37:37 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 104.80.196.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 104.80.196.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.53.46.53	attack	Aug 13 13:32:01 mail sshd\[11381\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.53.46.53 user=root Aug 13 13:32:03 mail sshd\[11381\]: Failed password for root from 117.53.46.53 port 45788 ssh2 ...	2019-08-13 20:43:39
198.211.125.131	attackbots	Aug 13 09:11:47 Ubuntu-1404-trusty-64-minimal sshd\[30635\]: Invalid user amber from 198.211.125.131 Aug 13 09:11:47 Ubuntu-1404-trusty-64-minimal sshd\[30635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.125.131 Aug 13 09:11:48 Ubuntu-1404-trusty-64-minimal sshd\[30635\]: Failed password for invalid user amber from 198.211.125.131 port 52180 ssh2 Aug 13 09:31:03 Ubuntu-1404-trusty-64-minimal sshd\[8608\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.125.131 user=root Aug 13 09:31:05 Ubuntu-1404-trusty-64-minimal sshd\[8608\]: Failed password for root from 198.211.125.131 port 35709 ssh2	2019-08-13 20:32:28
104.248.170.45	attack	Aug 13 10:40:12 localhost sshd\[1082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.45 user=root Aug 13 10:40:14 localhost sshd\[1082\]: Failed password for root from 104.248.170.45 port 33354 ssh2 Aug 13 10:44:49 localhost sshd\[1229\]: Invalid user mike from 104.248.170.45 Aug 13 10:44:49 localhost sshd\[1229\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.45 Aug 13 10:44:51 localhost sshd\[1229\]: Failed password for invalid user mike from 104.248.170.45 port 54366 ssh2 ...	2019-08-13 20:23:35
178.128.156.144	attackbots	2019-08-13T19:08:18.386644enmeeting.mahidol.ac.th sshd\[27166\]: User mysql from 178.128.156.144 not allowed because not listed in AllowUsers 2019-08-13T19:08:18.405397enmeeting.mahidol.ac.th sshd\[27166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.156.144 user=mysql 2019-08-13T19:08:20.346457enmeeting.mahidol.ac.th sshd\[27166\]: Failed password for invalid user mysql from 178.128.156.144 port 35944 ssh2 ...	2019-08-13 21:13:01
45.169.28.10	attack	Unauthorized connection attempt from IP address 45.169.28.10 on Port 445(SMB)	2019-08-13 20:33:41
187.188.196.73	attack	Unauthorized connection attempt from IP address 187.188.196.73 on Port 445(SMB)	2019-08-13 20:51:55
185.176.27.18	attackspam	slow and persistent scanner	2019-08-13 20:58:59
188.143.91.142	attack	Aug 13 13:24:26 debian sshd\[31382\]: Invalid user postgres from 188.143.91.142 port 38220 Aug 13 13:24:26 debian sshd\[31382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.143.91.142 ...	2019-08-13 20:25:36
211.22.154.223	attack	Aug 13 15:41:10 www sshd\[225174\]: Invalid user yu from 211.22.154.223 Aug 13 15:41:10 www sshd\[225174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.22.154.223 Aug 13 15:41:12 www sshd\[225174\]: Failed password for invalid user yu from 211.22.154.223 port 39054 ssh2 ...	2019-08-13 20:57:31
118.130.133.110	attackspambots	Aug 13 09:30:34 pornomens sshd\[25362\]: Invalid user cinema from 118.130.133.110 port 27728 Aug 13 09:30:34 pornomens sshd\[25362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.130.133.110 Aug 13 09:30:36 pornomens sshd\[25362\]: Failed password for invalid user cinema from 118.130.133.110 port 27728 ssh2 ...	2019-08-13 21:02:44
80.17.244.2	attack	Invalid user rosemary from 80.17.244.2 port 44822	2019-08-13 21:12:29
177.125.169.186	attackbots	Splunk® : Brute-Force login attempt on SSH: Aug 13 08:37:48 testbed sshd[19830]: Disconnected from 177.125.169.186 port 49710 [preauth]	2019-08-13 20:59:32
192.208.184.133	attackbots	Unauthorized connection attempt from IP address 192.208.184.133 on Port 445(SMB)	2019-08-13 20:34:57
14.176.93.90	attack	Unauthorized connection attempt from IP address 14.176.93.90 on Port 445(SMB)	2019-08-13 21:01:48
36.158.251.73	attackbots	2019-08-13T12:44:23.101152abusebot-4.cloudsearch.cf sshd\[28971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.158.251.73 user=root	2019-08-13 20:46:38

Recently Reported IPs

130.61.27.145	120.51.167.0	107.170.209.246	163.112.58.52
17.192.115.249	139.119.163.141	178.46.128.103	9.252.145.169
235.21.149.78	192.247.255.118	156.7.126.110	243.194.233.192
238.171.99.82	46.183.222.117	124.154.99.56	233.125.183.224
58.140.229.218	1.235.40.213	43.176.227.230	224.253.140.27