JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.57.41.70

31.57.41.70 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 0%: ?

ISP	GOLD IP L.L.C-FZ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	goldipv4.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.57.41.70

Whois 31.57.41.70

IP Abuse Reports for 31.57.41.70:

This IP address has been reported a total of 27 times from 7 distinct sources. 31.57.41.70 was first reported on November 27th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-01 11:51:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:51:43.658747 2026] [security2:error] [pid 483:tid 666] [client 31.57.41.70:48975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.kettlehill.com"] [uri "/web.config"] [unique_id "aX8-TwMxl-cQ0UzvOvSNFAAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 11:39:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 06:39:23.491744 2025] [security2:error] [pid 19796:tid 19796] [client 31.57.41.70:54683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nbcnewsradio.com"] [uri "/example.htaccess"] [unique_id "aRRx6-KXJjD-Mo7ERmmmXgAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-30 02:50:10 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-07-01 09:22:32 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 05:22:29.566208 2025] [security2:error] [pid 30219:tid 30231] [client 31.57.41.70:36673] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.kettlehill.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.kettlehill.net"] [uri "/...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\...\\\\windows\\\\win.ini"] [unique_id "aGOo1ftpdo0a25O2Z1YSCQAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-09 16:10:05 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-01 02:52:45 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 31.57.41.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 22:52:35.550852 2025] [security2:error] [pid 13509:tid 13543] [client 31.57.41.70:54203] [client 31.57.41.70] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|staging.kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/database.sql"] [unique_id "aBLh86ZtnGr1kuZXaNSV9QAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-03-29 09:08:01 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-03-03 07:56:57 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
🇦🇺 MAGIC	2025-02-27 21:02:03 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-02-25 23:03:18 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack
Anonymous	2025-02-19 15:43:38 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack
Anonymous	2025-02-16 06:32:18 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
🇦🇺 MAGIC	2025-02-11 22:00:49 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-02-09 04:40:03 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-07 10:49:46 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 160.25.81.6

🇳🇱 45.148.10.147

🇻🇪 190.6.12.144

🇮🇶 185.166.25.150

🇹🇼 114.32.249.235

🇧🇬 79.124.49.102

🇺🇸 66.132.224.28

🇺🇸 65.49.1.140

🇳🇱 45.148.10.152

🇳🇱 45.92.1.134

🇿🇦 41.135.122.104

🇷🇴 2.57.121.112

🇩🇪 85.214.161.104

🇺🇸 69.91.134.136

🇩🇪 46.224.230.91

🇬🇧 46.101.9.55

🇨🇳 36.41.173.197

🇺🇸 20.168.120.149

🇺🇸 216.25.89.81

🇳🇱 183.81.169.76