JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.57.41.64

31.57.41.64 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 0%: ?

ISP	GOLD IP L.L.C-FZ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	goldipv4.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.57.41.64

Whois 31.57.41.64

IP Abuse Reports for 31.57.41.64:

This IP address has been reported a total of 27 times from 9 distinct sources. 31.57.41.64 was first reported on May 6th 2021, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 02:59:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:59:16.069449 2026] [security2:error] [pid 25852:tid 25871] [client 31.57.41.64:41941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/.env.old"] [unique_id "aXgqBHo_y1lZtrrGV3270gAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 06:31:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 01:31:38.244078 2026] [security2:error] [pid 26656:tid 26656] [client 31.57.41.64:54629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/a.htaccess"] [unique_id "aWssyir7i0F0gjcD8MeExgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 15:19:55 (6 months ago)	(mod_security) mod_security (id:210350) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210350) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 10:19:47.720947 2025] [security2:error] [pid 29462:tid 29462] [client 31.57.41.64:55341] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|ftp.nbcnewsradio.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ftp.nbcnewsradio.com"] [uri "/sse"] [unique_id "aRX3E1w74k6kHKOcD5fgPgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dayda.net	2025-10-13 03:22:21 (7 months ago)	query: option=com_svmap&controller=../../../../../../../etc/passwd%00	Bad Web Bot
🇺🇸 TPI-Abuse	2025-07-03 13:47:29 (11 months ago)	(mod_security) mod_security (id:240950) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240950) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 03 09:43:42.255759 2025] [security2:error] [pid 12818:tid 12857] [client 31.57.41.64:41833] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|autoconfig.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "autoconfig.kettlehill.net"] [uri "/secure/QueryComponentRendererValue!Default.jspa"] [unique_id "aGaJDgB8aX3B0N6lpYOYwwAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 03:37:45 (1 year ago)	(mod_security) mod_security (id:243930) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:243930) triggered by 31.57.41.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 23:37:41.255364 2025] [security2:error] [pid 4030444:tid 4030444] [client 31.57.41.64:56469] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}\|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)\|\|farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "farmers123.com"] [uri "/"] [unique_id "aDkoBaW4Yf3O3xs5mZrOhQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-10 19:05:06 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-03-03 06:00:18 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-21 21:44:09 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack
Anonymous	2025-02-19 01:10:44 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-09 18:28:39 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-07 04:52:01 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack
Anonymous	2025-02-02 10:26:05 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
🇦🇺 MAGIC	2025-01-26 16:02:11 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-01-26 12:00:15 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 35.203.211.200

🇮🇪 2a05:d018:10df:d402:e848:6537:70fe:c97a

🇲🇽 189.178.75.107

🇧🇷 177.196.49.164

🇮🇳 167.71.239.213

🇺🇸 147.185.132.59

🇰🇷 118.37.214.187

🇹🇼 114.25.66.139

🇬🇧 45.82.76.118

🇺🇸 43.173.69.147

🇩🇪 36.255.97.75

🇧🇪 35.205.18.114

🇮🇳 14.195.24.147

🇳🇱 213.177.179.128

🇧🇷 170.0.103.116

🇵🇭 150.228.183.33

🇺🇸 135.233.112.26

🇮🇳 122.187.250.138

🇮🇪 108.129.196.103

🇨🇭 107.189.2.75