JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.171.154.69

31.171.154.69 was found in our database!

This IP was reported 78 times. Confidence of Abuse is 0%: ?

ISP	Keminet Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197706
Domain Name	keminet.net
Country	🇦🇱 Albania
City	Tirana, Tirana

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.171.154.69

Whois 31.171.154.69

IP Abuse Reports for 31.171.154.69:

This IP address has been reported a total of 78 times from 44 distinct sources. 31.171.154.69 was first reported on June 15th 2022, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-02-26 05:02:22 (3 months ago)	Blocked by UFW (TCP on 3306) Source port: 45139 TTL: 42 Packet length: 44 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 3306) Source port: 45139 TTL: 42 Packet length: 44 TOS: 0x00 This report (for 31.171.154.69) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan SQL Injection
🇺🇸 oncord	2026-02-21 20:41:51 (3 months ago)	Form spam	Web Spam
🇩🇪 zumbo.net	2026-01-29 15:38:57 (4 months ago)	Jan 29 18:38:21 auth: Info: passwd-file([email protected],31.171.154.69): Password mismatch Jan 29 ... show more Jan 29 18:38:21 auth: Info: passwd-file([email protected],31.171.154.69): Password mismatch Jan 29 18:38:56 auth: Info: passwd-file([email protected],31.171.154.69): Password mismatch ... show less	Brute-Force
Anonymous	2026-01-29 04:31:05 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇫🇷 Dampen59	2026-01-29 01:38:11 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 31.171.154.69 (AL/Albania/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 31.171.154.69 (AL/Albania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-01-29 01:37:50 dovecot_login authenticator failed for H=(ADMIN) [31.171.154.69]:9053: 535 Incorrect authentication data ([email protected]) 2026-01-29 01:37:55 dovecot_login authenticator failed for H=(ADMIN) [31.171.154.69]:46526: 535 Incorrect authentication data ([email protected]) 2026-01-29 01:37:59 dovecot_login authenticator failed for H=(ADMIN) [31.171.154.69]:53062: 535 Incorrect authentication data ([email protected]) 2026-01-29 01:38:09 dovecot_login authenticator failed for H=(ADMIN) [31.171.154.69]:48585: 535 Incorrect authentication data ([email protected]) 2026-01-29 01:38:09 dovecot_login authenticator failed for H=(ADMIN) [31.171.154.69]:60268: 535 Incorrect authentication data ([email protected]) show less	Port Scan
🇳🇱 ReporTR	2026-01-28 23:02:31 (4 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-postfix'. TCP connection completed. IP ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-postfix'. TCP connection completed. IP banned. show less	Email Spam Brute-Force
🇮🇩 xveil	2026-01-09 14:25:21 (4 months ago)	2026-01-09T21:25:16.174060 mail-honeypot postfix/submission/smtpd[13731]: warning: unknown[31.171.15 ... show more 2026-01-09T21:25:16.174060 mail-honeypot postfix/submission/smtpd[13731]: warning: unknown[31.171.154.69]: SASL PLAIN authentication failed: authentication failure ... show less	Brute-Force
🇮🇩 xveil	2026-01-09 09:09:59 (4 months ago)	2026-01-09T16:09:57.786552 mail-honeypot postfix/submission/smtpd[16008]: warning: unknown[31.171.15 ... show more 2026-01-09T16:09:57.786552 mail-honeypot postfix/submission/smtpd[16008]: warning: unknown[31.171.154.69]: SASL PLAIN authentication failed: authentication failure ... show less	Brute-Force
🇨🇿 Countryman	2026-01-09 02:46:45 (4 months ago)	2026-01-09T03:46:11.495496 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Passw ... show more 2026-01-09T03:46:11.495496 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) 2026-01-09T03:46:17.882639 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) 2026-01-09T03:46:25.727293 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) 2026-01-09T03:46:27.573240 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) 2026-01-09T03:46:38.862208 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) 2026-01-09T03:46:40.708997 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) 2026-01-09T03:46:44.992515 orbis.img.cas.cz dovecot[2641722]: auth: ldap(sobol,31.171.154.69): Password mismatch (for LDAP bind) ... show less	Brute-Force
🇧🇷 SvrAdmin	2026-01-01 05:24:48 (5 months ago)	[101] (smtpauth) Failed SMTP AUTH login from 31.171.154.69 (AL/Albania/-): 5 in the last 3600 secs; ... show more [101] (smtpauth) Failed SMTP AUTH login from 31.171.154.69 (AL/Albania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2026-01-01 02:24:42 dovecot_login authenticator failed for (ADMIN) [31.171.154.69]:26883: 535 Incorrect authentication data ([email protected]) 2026-01-01 02:24:42 dovecot_login authenticator failed for (ADMIN) [31.171.154.69]:38355: 535 Incorrect authentication data ([email protected]) 2026-01-01 02:24:42 dovecot_login authenticator failed for (ADMIN) [31.171.154.69]:61964: 535 Incorrect authentication data ([email protected]) 2026-01-01 02:24:42 dovecot_login authenticator failed for (ADMIN) [31.171.154.69]:35589: 535 Incorrect authentication data ([email protected]) 2026-01-01 02:24:42 dovecot_login authenticator failed for (ADMIN) [31.171.154.69]:30264: 535 Incorrect authentication data ([email protected]) show less	Port Scan Hacking Brute-Force Exploited Host
🇮🇹 VHosting	2025-12-01 19:12:35 (6 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
Anonymous	2025-11-24 19:01:44 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 TPI-Abuse	2025-11-15 22:19:00 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 31.171.154.69 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 31.171.154.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 17:18:53.049345 2025] [security2:error] [pid 3600:tid 3600] [client 31.171.154.69:50363] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|acttapes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "acttapes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRj8Te5jISmr9mvhuAN8EQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2025-11-15 21:59:31 (6 months ago)	Blocked by CSF 13 firewall - Rule: XMLRPC AL/Albania/-	Web App Attack
🇩🇪 LRob.fr	2025-11-15 20:21:17 (6 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack

Showing 1 to 15 of 78 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 139.99.38.177

🇸🇾 91.144.21.210

🇳🇱 85.121.127.161

🇭🇰 189.1.223.75

🇳🇱 176.65.139.238

🇩🇪 167.94.145.24

🇲🇾 161.142.139.40

🇭🇰 154.83.14.111

🇨🇳 115.191.2.208

🇮🇳 103.91.246.73

🇷🇴 80.94.95.202

🇳🇱 195.178.110.30

🇸🇪 193.189.100.202

🇪🇨 186.68.83.104

🇬🇧 185.247.137.49

🇺🇸 162.216.150.19

🇦🇪 80.227.102.242

🇷🇺 80.78.245.233

🇩🇪 37.114.61.43

🇺🇸 216.194.172.68