IP address
Tags:
IP in hostname
Scanner
- IP blacklists
Spamhaus XBL CBL
31.70.69.187 is listed on the Spamhaus XBL CBL blacklist.
Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed:
secondary (DNSBL) (
feed detail page)
Last checked at:
2026-05-30 15:05:50.352000
Was present on blacklist at:
2026-05-16 15:05,
2026-05-23 15:05,
2026-05-30 15:05
Echelon enterprise software probe
31.70.69.187 is listed on the Echelon enterprise software probe blacklist.
Description: Probing for enterprise software (Confluence, Jenkins, etc.)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-24 09:15:00.352000
Was present on blacklist at:
2026-05-18 09:15,
2026-05-19 09:15,
2026-05-20 09:15,
2026-05-21 09:15,
2026-05-22 09:15,
2026-05-24 09:15
Echelon web crawler
31.70.69.187 is listed on the Echelon web crawler blacklist.
Description: HTTP web crawling activity detected on web honeypots
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-30 09:50:00.356000
Was present on blacklist at:
2026-05-18 09:50,
2026-05-19 09:50,
2026-05-20 09:50,
2026-05-21 09:50,
2026-05-22 09:50,
2026-05-24 09:50,
2026-05-25 09:50,
2026-05-26 09:50,
2026-05-27 09:50,
2026-05-28 09:50,
2026-05-29 09:50,
2026-05-30 09:50
Echelon TLS/SSL crawler
31.70.69.187 is listed on the Echelon TLS/SSL crawler blacklist.
Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-30 09:40:00.480000
Was present on blacklist at:
2026-05-19 09:40,
2026-05-20 09:40,
2026-05-21 09:40,
2026-05-22 09:40,
2026-05-24 09:40,
2026-05-25 09:40,
2026-05-26 09:40,
2026-05-27 09:40,
2026-05-28 09:40,
2026-05-29 09:40,
2026-05-30 09:40
AbuseIPDB
31.70.69.187 is listed on the AbuseIPDB blacklist.
Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed:
primary (
feed detail page)
Last checked at:
2026-05-21 04:00:00.637000
Was present on blacklist at:
2026-05-21 04:00
Threat categories
| TL | Role | Category | Details |
|---|
| 66 |
src |
scan |
port: many
|
| 25 |
src |
— |
|
- Warden events (303)
- 2026-05-30
-
-
ReconScanning (node.9c1411): 64
- 2026-05-29
-
-
ReconScanning (node.9c1411): 75
- 2026-05-28
-
-
ReconScanning (node.9c1411): 78
- 2026-05-27
-
-
ReconScanning (node.9c1411): 18
- 2026-05-26
-
-
ReconScanning (node.9c1411): 36
- 2026-05-21
-
-
ReconScanning (node.9c1411): 17
- 2026-05-20
-
-
ReconScanning (node.9c1411): 9
- 2026-05-17
-
-
ReconScanning (node.ce2b59): 1
- 2026-05-16
-
-
ReconScanning (node.ce2b59): 5
- DShield reports (IP summary, reports)
- 2026-05-28
- Number of reports: 18
- Distinct targets: 6
- Origin AS
- AS8560 - ONEANDONE-AS
- BGP Prefix
- 31.70.64.0/18
- geo
-
Germany
- 🕑 Europe/Berlin
- hostname
- ip31-70-69-187.pbiaas.com
- hostname_class
- ['ip_in_hostname']
- Address block ('inetnum' or 'NetRange' in whois database)
- 31.64.0.0 - 31.79.255.255
- last_activity
- 2026-05-30 19:53:36
- last_warden_event
- 2026-05-30 19:53:36
- rep
- 0.5067610582785176
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 3389
- Tags: self-signed
- CPEs: –
- ts_added
- 2026-05-16 15:05:40.974000
- ts_last_update
- 2026-05-30 20:02:04.618000
Warden event timeline
DShield event timeline
Presence on blacklists
