Am I just seeing the aftereffects of other sites that used this IP address?
Part of me believes you are seeing traffic based on the IP address’ previous use. Think of it as being no different than getting a “new” phone number but finding out a few days later that some 24 hour locksmith used to have that number; you’re going to get calls all day and night.
But with that said doing some searches of domain name history via this online tool leads me other conclusions.
For example, using that online tool a historical look at DNS for scyimi.com
shows only one cluster of DNS servers ever being associated with that address:
ns6.ezdnscenter.com ns5.ezdnscenter.com ns4.ezdnscenter.com ns3.ezdnscenter.com ns2.ezdnscenter.com ns1.ezdnscenter.com
So if I run a dig
from the command line doing a lookup on one of those specific DNS servers for scyimi.com
like this:
dig @ns1.ezdnscenter.com scyimi.com
This is the result I get back:
; <<>> DiG 9.8.3-P1 <<>> @ns1.ezdnscenter.com scyimi.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2606 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;scyimi.com. IN A ;; ANSWER SECTION: scyimi.com. 28800 IN A 192.161.50.176 ;; Query time: 370 msec ;; SERVER: 113.17.175.134#53(113.17.175.134) ;; WHEN: Sun Dec 7 20:11:46 2014 ;; MSG SIZE rcvd: 44
So yes, some DNS servers are clearly connecting that hostname to that IP.
As for what this means to you? 100% nothing really. The Internet is a big place. And if you do whois
searches on the DNS hosts above—as well as the original hostnames—you can see them all being owned by some entity in China.
Concerned about how it would impact your site? The reality is it probably won’t mean much of anything. Servers are constantly being probed constantly so it’s no big deal.
But if you are concerned, one step you can do is to ensure your site is being delivered via name-based virtual host setup if you are using Apache for the web serve. And making sure the bare IP address dead-ends to a blank page.
What Apache does with a name-based virtual host configuration is it binds the Apache web server to the hostname as well as the IP address. So any traffic coming your way would have to explicitly come from someone—or something—making a request to that hostname. Any requests to the IP address would be treated as a separate virtual host. And I like to ensure that the bare IP address on a server just deadens to a blank page.
If you do that, then the traffic coming from those other hostnames would basically fall into that dead end. And legit traffic flows smoothly to your main site. I do this on pretty much all of the high traffic web servers I setup. It makes a difference.
But again, this might not mean much if you are running a low-traffic personal portfolio site. Eventually as you pass your site URL to others, more of that spider/robot traffic will show up anyway… The big difference is now they will be useless visitors to your actual domain.