JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.31.20.8

64.31.20.8 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 0%: ?

ISP	Limestone Networks, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Hostname(s)	8-20-31-64.static.reverse.lstn.net
Domain Name	limestonenetworks.com
Country	🇺🇸 United States of America
City	Washington, District of Columbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.31.20.8

Whois 64.31.20.8

IP Abuse Reports for 64.31.20.8:

This IP address has been reported a total of 64 times from 24 distinct sources. 64.31.20.8 was first reported on January 26th 2025, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 TOCE	2025-09-18 00:45:59 (9 months ago)	116 hits seen on 2025-09-18, ports 3389 (RDP) on a honeypot from www.toce.ch	Brute-Force
🇨🇭 TOCE	2025-09-17 23:59:33 (9 months ago)	600 hits seen on 2025-09-17, ports 3389 (RDP) on a honeypot from www.toce.ch	Brute-Force
🇺🇸 oncord	2025-05-27 18:08:17 (1 year ago)	Form spam	Web Spam
Anonymous	2025-04-26 02:36:38 (1 year ago)	Aggressive web graphql scan	Web App Attack
🇩🇪 LRob.fr	2025-04-22 10:15:19 (1 year ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
Anonymous	2025-04-22 07:59:17 (1 year ago)	APTUDE WEBFORM SPAM 64.31.20.8 (8-20-31-64.static.reverse.lstn.net)	Web Spam
🇺🇸 TPI-Abuse	2025-04-22 07:16:44 (1 year ago)	(mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net) ... show more (mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 22 03:16:39.358498 2025] [security2:error] [pid 19784:tid 19784] [client 64.31.20.8:56660] [client 64.31.20.8] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|digitalmarketing-group.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "digitalmarketing-group.com"] [uri "/scripts/form-1234-9ea1.php"] [unique_id "aAdCV9yHYWCttaIqB7Z5YgAAAAY"], referer: https://digitalmarketing-group.com/Home.html show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-22 06:37:44 (1 year ago)	TACHIDE WEBFORM SPAM 64.31.20.8 (8-20-31-64.static.reverse.lstn.net)	Web Spam
Anonymous	2025-04-22 02:47:23 (1 year ago)	SOHODE WEBFORM SPAM 64.31.20.8 (8-20-31-64.static.reverse.lstn.net)	Web Spam
🇺🇸 TPI-Abuse	2025-04-22 02:33:11 (1 year ago)	(mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net) ... show more (mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 21 22:33:05.675350 2025] [security2:error] [pid 1422901:tid 1422901] [client 64.31.20.8:57719] [client 64.31.20.8] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|fxztrader.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "fxztrader.com"] [uri "/contact/"] [unique_id "aAb_4VrfeWHtfwDsODoS2wAAAAU"], referer: https://fxztrader.com/contact/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-22 00:54:12 (1 year ago)	(mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net) ... show more (mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 21 20:54:09.200572 2025] [security2:error] [pid 3518404:tid 3518404] [client 64.31.20.8:53609] [client 64.31.20.8] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|jsvnetwork.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "jsvnetwork.com"] [uri "/contact.php"] [unique_id "aAbosd7tDdoOhi05J2dTeQAAAAY"], referer: http://jsvnetwork.com/contact.html show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-22 00:31:02 (1 year ago)	LOKWIDE WEBFORM SPAM 64.31.20.8 (8-20-31-64.static.reverse.lstn.net)	Web Spam
Anonymous	2025-04-22 00:30:25 (1 year ago)	Malicious activity detected	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-04-21 23:31:56 (1 year ago)	(mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net) ... show more (mod_security) mod_security (id:217280) triggered by 64.31.20.8 (8-20-31-64.static.reverse.lstn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 21 19:31:49.265976 2025] [security2:error] [pid 4557:tid 4557] [client 64.31.20.8:60997] [client 64.31.20.8] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|www.kreweofblackbeardsrevenge.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.kreweofblackbeardsrevenge.com"] [uri "/contact_us.html"] [unique_id "aAbVZUU2ifgq9AhWVYlIHwAAAAk"], referer: https://www.kreweofblackbeardsrevenge.com/contact_us.html show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-21 21:24:44 (1 year ago)	SPROVFR WEBFORM SPAM 64.31.20.8 (8-20-31-64.static.reverse.lstn.net)	Web Spam

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.190.52

🇫🇮 216.40.72.248

🇲🇽 187.191.48.23

🇨🇳 180.167.128.202

🇹🇭 152.32.245.44

🇺🇸 147.185.132.120

🇩🇪 139.19.117.131

🇺🇸 113.20.0.58

🇺🇸 47.251.108.216

🇺🇸 20.65.193.113

🇨🇳 221.208.226.214

🇰🇷 221.165.184.5

🇨🇳 123.138.72.206

🇮🇳 122.170.100.253

🇨🇳 121.29.84.195

🇺🇸 66.132.172.212

🇩🇪 46.101.105.71

🇸🇬 43.134.54.246

🇨🇳 36.106.167.147

🇧🇪 198.235.24.180