IP address

Passive DNS

Tags: Login attempts

IP blacklists

DataPlane SSH login

31.169.126.45 is listed on the DataPlane SSH login blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds, and measurement resource for operators, by operators. IPs trying an unsolicited login to a host using SSH password authentication.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-17 03:10:01.875000
Was present on blacklist at: 2025-12-10 03:10, 2025-12-10 07:10, 2025-12-10 15:10, 2025-12-10 19:10, 2025-12-11 03:10, 2025-12-11 07:10, 2025-12-11 15:10, 2025-12-11 19:10, 2025-12-12 03:10, 2025-12-12 07:10, 2025-12-12 15:10, 2025-12-12 19:10, 2025-12-13 03:10, 2025-12-13 07:10, 2025-12-13 15:10, 2025-12-13 19:10, 2025-12-14 03:10, 2025-12-14 07:10, 2025-12-14 15:10, 2025-12-14 19:10, 2025-12-15 03:10, 2025-12-15 07:10, 2025-12-15 15:10, 2025-12-15 19:10, 2025-12-16 03:10, 2025-12-16 07:10, 2025-12-16 15:10, 2025-12-16 19:10, 2025-12-17 03:10

Blocklist.net.ua

31.169.126.45 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks, send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-17 03:15:01.533000
Was present on blacklist at: 2025-12-10 19:15, 2025-12-10 23:15, 2025-12-11 03:15, 2025-12-11 07:15, 2025-12-11 11:15, 2025-12-11 15:15, 2025-12-12 03:15, 2025-12-12 07:15, 2025-12-12 11:15, 2025-12-12 15:15, 2025-12-12 19:15, 2025-12-12 23:15, 2025-12-13 23:15, 2025-12-14 03:15, 2025-12-14 07:15, 2025-12-14 11:15, 2025-12-14 15:15, 2025-12-14 19:15, 2025-12-14 23:15, 2025-12-15 03:15, 2025-12-15 07:15, 2025-12-15 11:15, 2025-12-15 15:15, 2025-12-15 19:15, 2025-12-15 23:15, 2025-12-16 03:15, 2025-12-16 07:15, 2025-12-16 11:15, 2025-12-16 15:15, 2025-12-16 19:15, 2025-12-16 23:15, 2025-12-17 03:15

blocklist.de SSH

31.169.126.45 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-12-17 05:05:00.422000
Was present on blacklist at: 2025-12-10 23:05, 2025-12-11 05:05, 2025-12-11 11:05, 2025-12-11 17:05, 2025-12-11 23:05, 2025-12-12 05:05, 2025-12-12 11:05, 2025-12-12 17:05, 2025-12-12 23:05, 2025-12-13 05:05, 2025-12-13 11:05, 2025-12-13 17:05, 2025-12-13 23:05, 2025-12-14 05:05, 2025-12-14 11:05, 2025-12-14 17:05, 2025-12-14 23:05, 2025-12-15 05:05, 2025-12-15 11:05, 2025-12-15 17:05, 2025-12-15 23:05, 2025-12-16 05:05, 2025-12-16 11:05, 2025-12-16 17:05, 2025-12-16 23:05, 2025-12-17 05:05

AbuseIPDB

31.169.126.45 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc. Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-12-15 05:00:00.709000
Was present on blacklist at: 2025-12-12 05:00, 2025-12-15 05:00

Warden events (228)

2025-12-17: AttemptLogin (node.4dc198): 3; AttemptLogin (node.368407): 2
2025-12-16: AttemptLogin (node.368407): 16; AttemptLogin (node.4dc198): 16
2025-12-15: AttemptLogin (node.4dc198): 9; AttemptLogin (node.368407): 14
2025-12-14: AttemptLogin (node.4dc198): 28; AttemptLogin (node.368407): 18; ReconScanning (node.9c1411): 2; IntrusionUserCompromise (node.e1f86c): 31; AttemptLogin (node.e1f86c): 6
2025-12-13: AttemptLogin (node.368407): 18; AttemptLogin (node.4dc198): 27; ReconScanning (node.9c1411): 1
2025-12-12: AttemptLogin (node.4dc198): 11; AttemptLogin (node.368407): 19
2025-12-11: AttemptLogin (node.4dc198): 2
2025-12-10: AttemptLogin (node.368407): 5

DShield reports (IP summary, reports)

2025-12-13: Number of reports: 1633; Distinct targets: 4
2025-12-14: Number of reports: 348; Distinct targets: 3
2025-12-16: Number of reports: 771; Distinct targets: 4

Origin AS: AS41745 - FORTIS-AS
BGP Prefix: 31.169.126.0/24
geo: Poland, Warsaw; 🕑 Europe/Warsaw
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 31.169.124.0 - 31.169.127.255
last_activity: 2025-12-17 02:39:12
last_warden_event: 2025-12-17 02:39:12
rep: 0.5821428571428572
reserved_range: 0
Shodan's InternetDB: Open ports: 22, 443; Tags: self-signed; CPEs: cpe:/a:openbsd:openssh:8.9p1, cpe:/o:canonical:ubuntu_linux, cpe:/a:google:web_server
ts_added: 2025-12-10 03:20:13.169000
ts_last_update: 2025-12-17 05:09:03.692000

Warden event timeline

DShield event timeline

Presence on blacklists