120.234.31.116

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 120.234.31.116 to port 5555 [J]	2020-01-17 08:55:15
attackbots	Unauthorized connection attempt detected from IP address 120.234.31.116 to port 5555 [T]	2020-01-09 04:16:34
attack	Unauthorized connection attempt detected from IP address 120.234.31.116 to port 5555 [J]	2020-01-07 02:37:34
attackspam	Unauthorized connection attempt detected from IP address 120.234.31.116 to port 5555	2019-12-31 06:46:15
attackbots	Unauthorized connection attempt detected from IP address 120.234.31.116 to port 5555	2019-12-31 00:53:41

Comments on same subnet:

IP	Type	Details	Datetime
120.234.31.120	attack	Unauthorized connection attempt detected from IP address 120.234.31.120 to port 5555 [J]	2020-01-15 23:54:10
120.234.31.118	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-09 01:32:17
120.234.31.120	attackspambots	Unauthorized connection attempt detected from IP address 120.234.31.120 to port 5555 [T]	2020-01-09 01:10:06
120.234.31.119	attack	Unauthorized connection attempt detected from IP address 120.234.31.119 to port 5555 [J]	2020-01-07 04:31:22
120.234.31.120	attackspam	Unauthorized connection attempt detected from IP address 120.234.31.120 to port 5555 [J]	2020-01-07 01:45:56
120.234.31.119	attackspambots	Unauthorized connection attempt detected from IP address 120.234.31.119 to port 5555	2020-01-01 19:57:20
120.234.31.119	attack	5555/tcp [2019-12-31]1pkt	2020-01-01 04:06:52
120.234.31.117	attackbots	Unauthorized connection attempt detected from IP address 120.234.31.117 to port 5555	2019-12-31 21:06:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.234.31.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12179
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.234.31.116.			IN	A

;; AUTHORITY SECTION:
.			377	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123000 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 00:53:33 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 116.31.234.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 116.31.234.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.17.171.29	attack	Multiple suspicious activities were detected	2020-01-24 05:35:54
222.186.15.158	attackspambots	Unauthorized connection attempt detected from IP address 222.186.15.158 to port 22 [J]	2020-01-24 05:51:18
91.187.48.138	attackspam	DATE:2020-01-23 17:01:27, IP:91.187.48.138, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-01-24 06:08:56
14.225.17.9	attack	Jan 23 18:50:11 server sshd\[2239\]: Invalid user www-data from 14.225.17.9 Jan 23 18:50:11 server sshd\[2239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 Jan 23 18:50:13 server sshd\[2239\]: Failed password for invalid user www-data from 14.225.17.9 port 52558 ssh2 Jan 23 19:02:29 server sshd\[5077\]: Invalid user mm from 14.225.17.9 Jan 23 19:02:29 server sshd\[5077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.225.17.9 ...	2020-01-24 05:38:01
212.237.53.169	attackspambots	$f2bV_matches	2020-01-24 05:58:14
104.236.228.46	attackspambots	$f2bV_matches	2020-01-24 05:57:04
208.48.252.70	attackbotsspam	2020-01-23T17:01:41.493475 sshd[7886]: Invalid user pi from 208.48.252.70 port 47662 2020-01-23T17:01:41.687919 sshd[7888]: Invalid user pi from 208.48.252.70 port 47670 2020-01-23T17:01:41.606644 sshd[7886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.48.252.70 2020-01-23T17:01:41.493475 sshd[7886]: Invalid user pi from 208.48.252.70 port 47662 2020-01-23T17:01:43.661270 sshd[7886]: Failed password for invalid user pi from 208.48.252.70 port 47662 ssh2 2020-01-23T17:01:41.793798 sshd[7888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.48.252.70 2020-01-23T17:01:41.687919 sshd[7888]: Invalid user pi from 208.48.252.70 port 47670 2020-01-23T17:01:43.848210 sshd[7888]: Failed password for invalid user pi from 208.48.252.70 port 47670 ssh2 ...	2020-01-24 06:09:31
83.20.142.188	attackspambots	Unauthorized connection attempt detected from IP address 83.20.142.188 to port 2220 [J]	2020-01-24 05:49:53
106.13.127.142	attackspam	Automatic report - SSH Brute-Force Attack	2020-01-24 05:32:42
206.189.233.76	attack	Unauthorized connection attempt detected from IP address 206.189.233.76 to port 8545 [J]	2020-01-24 05:48:41
159.203.201.163	attackspam	01/23/2020-17:02:07.118881 159.203.201.163 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-24 05:55:29
37.57.167.225	attackspambots	Unauthorized connection attempt detected from IP address 37.57.167.225 to port 3306 [J]	2020-01-24 05:52:45
27.72.31.185	attackbots	Unauthorized connection attempt from IP address 27.72.31.185 on Port 445(SMB)	2020-01-24 06:12:16
162.247.99.34	attackbots	Unauthorized connection attempt detected from IP address 162.247.99.34 to port 80 [J]	2020-01-24 05:38:56
219.91.133.139	attackspambots	GET /wp-login.php	2020-01-24 06:01:28

Recently Reported IPs

68.224.152.142	113.88.167.144	37.202.87.128	146.170.53.163
158.239.242.153	154.6.35.238	99.99.125.206	34.186.222.147
113.22.24.253	215.214.115.228	112.21.188.10	111.178.215.212
111.75.214.18	111.72.196.223	111.33.149.234	111.20.101.72
110.155.200.19	110.45.103.239	144.237.243.184	103.216.50.230