JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.220.1.49

31.220.1.49 was found in our database!

This IP was reported 103 times. Confidence of Abuse is 100%: ?

100%

ISP	KODDOS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206264
Domain Name	koddos.com
Country	🇩🇪 Germany
City	Bocholt, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.220.1.49

Whois 31.220.1.49

IP Abuse Reports for 31.220.1.49:

This IP address has been reported a total of 103 times from 84 distinct sources. 31.220.1.49 was first reported on June 2nd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sargetun	2026-06-16 05:10:30 (3 days ago)	Honeypot: Auto-ban: 24 hour idle after honeypot interaction. Auto-reported from VPS honeypot.	Brute-Force SSH Hacking
🇦🇹 urnilxfgbez	2026-06-15 22:45:00 (3 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-15 06:51:26 (4 days ago)	2026-06-15 06:51:26 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇺🇸 SecondBanana	2026-06-15 06:43:40 (4 days ago)	2026-06-15T06:43:39.604833+00:00 thecount sshd[20430]: Disconnected from authenticating user root 31 ... show more 2026-06-15T06:43:39.604833+00:00 thecount sshd[20430]: Disconnected from authenticating user root 31.220.1.49 port 29838 [preauth] ... show less	Brute-Force SSH
🇷🇺 weke	2026-06-15 06:27:29 (4 days ago)	ip=31.220.1.49 \| user=root \| pass=123456 \| event=cowrie.login.success \| source=ssh honeypot MSK \| t ... show more ip=31.220.1.49 \| user=root \| pass=123456 \| event=cowrie.login.success \| source=ssh honeypot MSK \| time=2026-06-15T06:27:29.544142Z show less	Brute-Force SSH
🇬🇧 OptimusGO	2026-06-15 05:38:09 (4 days ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-06-15 06:38:09 UTC Log evidence: 06/15/2026-06:38:08.586992 [] [1:1000090:1] POLICY Unauthorized Management Port Access [] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 31.220.1.49:43263 -> 185.127.18.66:22 show less	Port Scan Brute-Force
🇩🇪 licen777	2026-06-15 05:26:58 (4 days ago)	Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-15T04:02:15Z and 2026-06-1 ... show more Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-15T04:02:15Z and 2026-06-15T05:26:58Z show less	Brute-Force SSH
🇪🇸 Z\|ntrueñigO	2026-06-15 05:15:46 (4 days ago)	Auto-report. Hits=1, Ports=22, Country=-.	SSH
🇺🇸 cwytech	2026-06-15 04:58:56 (4 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-ssh-crit.	Brute-Force SSH
🇩🇪 Admins@FBN	2026-06-15 04:51:47 (4 days ago)	FW-PortScan: Traffic Blocked srcport=43263 dstport=22	Port Scan Hacking SSH
🇩🇪 senkodev	2026-06-15 04:49:58 (4 days ago)	2026-06-15T06:49:56.249693+02:00 vm1386.de.snk.wtf sshd[541334]: Failed password for root from 31.22 ... show more 2026-06-15T06:49:56.249693+02:00 vm1386.de.snk.wtf sshd[541334]: Failed password for root from 31.220.1.49 port 11882 ssh2 2026-06-15T06:49:57.746466+02:00 vm1386.de.snk.wtf sshd[541334]: Disconnected from authenticating user root 31.220.1.49 port 11882 [preauth] ... show less	Brute-Force SSH
🇺🇸 blizzard	2026-06-15 04:49:14 (4 days ago)	Jun 15 04:49:13 uptime-kuma sshd[975983]: Disconnected from authenticating user root 31.220.1.49 por ... show more Jun 15 04:49:13 uptime-kuma sshd[975983]: Disconnected from authenticating user root 31.220.1.49 port 16456 [preauth] ... show less	Brute-Force SSH
🇩🇪 XeroX	2026-06-15 04:37:42 (4 days ago)	2026-06-15T06:37:30.861948+02:00 de2 sshd-session[1160365]: pam_unix(sshd:auth): authentication fail ... show more 2026-06-15T06:37:30.861948+02:00 de2 sshd-session[1160365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.220.1.49 user=root 2026-06-15T06:37:32.923066+02:00 de2 sshd-session[1160365]: Failed password for invalid user root from 31.220.1.49 port 44980 ssh2 ... show less	Brute-Force SSH
🇺🇸 RAP	2026-06-15 04:26:42 (4 days ago)	2026-06-15 04:26:42 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇹🇭 Sawasdee	2026-06-15 03:27:15 (4 days ago)	SSH break in attempt ...	SSH

Showing 1 to 15 of 103 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.89

🇮🇩 118.99.114.224

🇸🇬 45.78.198.199

🇩🇪 43.165.3.187

🇩🇪 2a01:4f8:c014:7309::1

🇨🇳 223.109.252.191

🇮🇳 117.206.79.215

🇱🇹 81.30.98.142

🇻🇳 2405:4803:a5ff:c480:f089:9eb4:4755:5767

🇨🇳 180.110.149.157

🇩🇪 46.224.142.23

🇧🇪 34.78.184.254

🇻🇳 27.78.86.101

🇺🇸 18.217.208.51

🇻🇳 2001:ee0:5546:3940:6e83:b99:3553:2dbf

🇩🇪 216.26.249.138

🇺🇸 167.172.201.89

🇩🇪 139.59.208.225

🇿🇦 102.213.134.220

🇳🇱 91.92.40.200