116.31.16.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Automatic report - Port Scan Attack	2020-05-25 02:04:18

Comments on same subnet:

IP	Type	Details	Datetime
116.31.166.93	attackspambots	Automatic report - Port Scan Attack	2020-10-01 08:06:38
116.31.166.93	attackspam	Automatic report - Port Scan Attack	2020-10-01 00:38:42
116.31.164.17	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54383696afd0e4fa \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/2 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20120101 Firefox/33.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:46:33

Type

Details

Datetime

116.31.166.93

attackspambots

Automatic report - Port Scan Attack

2020-10-01 08:06:38

116.31.166.93

attackspam

Automatic report - Port Scan Attack

2020-10-01 00:38:42

116.31.164.17

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 54383696afd0e4fa | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/2 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:33.0) Gecko/20120101 Firefox/33.0 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 04:46:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.31.16.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45120
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.31.16.6.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052401 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 25 02:04:15 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 6.16.31.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.16.31.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.249.254.66	attackbots	Oct 16 05:16:27 *** sshd[6883]: User root from 110.249.254.66 not allowed because not listed in AllowUsers	2019-10-16 16:03:23
180.241.44.89	attack	Automatic report - Port Scan Attack	2019-10-16 16:23:38
27.104.208.151	attack	SSH-bruteforce attempts	2019-10-16 16:10:10
71.91.230.226	attackspambots	Sent mail to target address hacked/leaked from abandonia in 2016	2019-10-16 16:05:57
180.248.120.10	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-10-16 16:13:44
42.116.255.216	attackspam	$f2bV_matches	2019-10-16 16:09:56
60.169.65.62	attackbotsspam	Dovecot Brute-Force	2019-10-16 16:16:47
222.186.180.223	attack	2019-10-16T09:44:22.731061scmdmz1 sshd\[25252\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root 2019-10-16T09:44:24.772919scmdmz1 sshd\[25252\]: Failed password for root from 222.186.180.223 port 41306 ssh2 2019-10-16T09:44:28.757894scmdmz1 sshd\[25252\]: Failed password for root from 222.186.180.223 port 41306 ssh2 ...	2019-10-16 15:57:14
14.18.93.114	attack	Invalid user laura from 14.18.93.114 port 40208	2019-10-16 16:13:57
111.230.247.243	attack	Triggered by Fail2Ban at Vostok web server	2019-10-16 15:59:13
31.47.38.100	attackspambots	Oct 16 13:38:46 our-server-hostname postfix/smtpd[11971]: connect from unknown[31.47.38.100] Oct x@x Oct 16 13:38:49 our-server-hostname postfix/smtpd[11971]: disconnect from unknown[31.47.38.100] Oct 16 13:38:52 our-server-hostname postfix/smtpd[25909]: connect from unknown[31.47.38.100] Oct x@x Oct 16 13:38:55 our-server-hostname postfix/smtpd[25909]: disconnect from unknown[31.47.38.100] Oct 16 13:39:04 our-server-hostname postfix/smtpd[5386]: connect from unknown[31.47.38.100] Oct x@x Oct 16 13:39:07 our-server-hostname postfix/smtpd[5386]: disconnect from unknown[31.47.38.100] Oct 16 13:42:59 our-server-hostname postfix/smtpd[13397]: connect from unknown[31.47.38.100] Oct x@x Oct 16 13:43:02 our-server-hostname postfix/smtpd[13397]: disconnect from unknown[31.47.38.100] Oct 16 13:43:12 our-server-hostname postfix/smtpd[26344]: connect from unknown[31.47.38.100] Oct x@x Oct 16 13:43:15 our-server-hostname postfix/smtpd[26344]: disconnect from unknown[31.47.38.100] O........ -------------------------------	2019-10-16 15:56:15
173.255.192.67	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 16:10:33
148.70.23.121	attackbots	invalid user	2019-10-16 16:25:16
61.180.38.132	attackbots	IMAP brute force ...	2019-10-16 16:18:47
106.13.19.75	attackspam	2019-10-16T04:30:05.726820abusebot.cloudsearch.cf sshd\[18104\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.19.75 user=root	2019-10-16 15:51:15

Recently Reported IPs

64.108.86.180	113.117.215.79	113.117.214.224	113.76.111.153
94.143.205.247	113.72.216.207	113.70.181.47	93.104.208.79
113.69.210.248	95.159.39.117	110.156.96.197	106.124.251.175
59.33.62.245	58.62.135.234	58.47.202.29	36.107.247.172
36.107.216.213	223.146.135.238	113.117.42.96	113.72.218.38