JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.57.82.140

31.57.82.140 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 3%: ?

ISP	GOLD IP L.L.C-FZ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	goldipv4.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.57.82.140

Whois 31.57.82.140

IP Abuse Reports for 31.57.82.140:

This IP address has been reported a total of 25 times from 9 distinct sources. 31.57.82.140 was first reported on January 24th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bigorre.org	2026-06-13 14:52:42 (6 days ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-17 09:51:41 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 04:51:33.687484 2026] [security2:error] [pid 23917:tid 23917] [client 31.57.82.140:52261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.production.local"] [unique_id "aWtbpRGcRTO7ZWkXbKEw4gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:47:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:46:59.224063 2025] [security2:error] [pid 22838:tid 22905] [client 31.57.82.140:58215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/.env.prod.local"] [unique_id "aVLMo-HXaA_hkms52yNwuAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:06:24 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:05:45.309754 2025] [security2:error] [pid 16431:tid 16431] [client 31.57.82.140:53825] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /servlets/FetchFile?fileName=../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/servlets/FetchFile"] [unique_id "aRWfab7GE9_j1TDq74EuTwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-14 22:45:00 (9 months ago)	$f2bV_matches	Brute-Force
Anonymous	2025-08-12 20:16:30 (10 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:44:31 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:221260) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:44:26.331358 2025] [security2:error] [pid 729660:tid 729758] [client 31.57.82.140:36735] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/test.cgi"] [unique_id "aIWEejL-HxGlFOvlGaU07QAAAIU"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 19:13:52 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 31.57.82.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 15:13:39.847768 2025] [security2:error] [pid 3254137:tid 3254137] [client 31.57.82.140:54953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/wp-config.php.swp"] [unique_id "aDix4885TkfajCIvxGvZTAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-05 10:20:43 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-26 09:51:38 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-17 12:54:39 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-15 21:01:28 (1 year ago)	ignores robots.txt	Bad Web Bot
Anonymous	2025-02-10 12:37:06 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-02 15:10:06 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-01-26 09:40:26 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 200.89.69.247

🇨🇦 139.28.218.151

🇮🇳 103.248.120.6

🇮🇳 103.189.101.146

🇧🇩 103.183.62.2

🇺🇸 65.49.20.99

🇺🇸 18.218.118.203

🇺🇸 162.216.149.150

🇨🇳 120.48.130.213

🇸🇬 114.119.130.183

🇩🇪 69.5.169.25

🇺🇸 66.132.186.249

🇨🇳 42.83.147.54

🇬🇧 35.203.210.212

🇺🇸 162.254.36.150

🇭🇰 154.221.17.137

🇺🇸 147.185.132.74

🇺🇸 3.131.220.121

🇺🇸 3.82.128.245

🇷🇴 193.46.255.86