JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.31.55.20

64.31.55.20 was found in our database!

This IP was reported 176 times. Confidence of Abuse is 100%: ?

100%

ISP	Limestone Networks, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Hostname(s)	20-55-31-64.static.reverse.lstn.net
Domain Name	limestonenetworks.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.31.55.20

Whois 64.31.55.20

IP Abuse Reports for 64.31.55.20:

This IP address has been reported a total of 176 times from 104 distinct sources. 64.31.55.20 was first reported on June 1st 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bazter.pro	2026-06-16 10:51:25 (2 hours ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-06-16 10:37:48 (2 hours ago)	HTTP vulnerability scanning	Web App Attack
🇩🇪 MusicLibrary	2026-06-16 09:32:29 (3 hours ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇨🇦 electronico	2026-06-16 08:00:29 (5 hours ago)	64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /1.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (X11; L ... show more 64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /1.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:1.9.6.20) Gecko/ Firefox/3.6.14" 64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /dbdump.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0" 64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /db.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /localhost.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:1.9.5.20) Gecko/ Firefox/3.6.17" 64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /electronico.nc_db.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 64.31.55.20 - - [16/Jun/2026:19:00:28 +1100] "GET /www.sql HTTP/1.1" 404 5866 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit ... show less	Brute-Force Web App Attack
🇩🇪 4server	2026-06-16 07:01:18 (6 hours ago)	[TueJun1609:01:13.5270522026][security2:error][pid1154380:tid1154394][client64.31.55.20:0]ModSecurit ... show more [TueJun1609:01:13.5270522026][security2:error][pid1154380:tid1154394][client64.31.55.20:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"domoticaswiss.ch\"][uri\"/data.sql\"][unique_id\"ajD0ucPBq2nx2D_R5kxF-gAAAEs\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 Petros Stefanakis	2026-06-16 06:49:46 (6 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 64.31.55.20 (US/United States/20-55-31- ... show more (mod_security) mod_security triggered on hostname [redacted] 64.31.55.20 (US/United States/20-55-31-64.static.reverse.lstn.net) show less	SQL Injection
🇩🇪 rh24	2026-06-16 04:49:22 (8 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 64.31.55.20 (US/United States/20-55-31- ... show more (mod_security) mod_security triggered on hostname [redacted] 64.31.55.20 (US/United States/20-55-31-64.static.reverse.lstn.net) show less	SQL Injection
🇦🇺 2000cn.com.au	2026-06-16 02:04:40 (11 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
Anonymous	2026-06-16 00:48:21 (12 hours ago)	PSCSERV WPSCAN 64.31.55.20	Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-16 00:27:46 (12 hours ago)	[Tue Jun 16 10:27:45.618057 2026] [security2:error] [pid 183015] [client 64.31.55.20:49546] [client ... show more [Tue Jun 16 10:27:45.618057 2026] [security2:error] [pid 183015] [client 64.31.55.20:49546] [client 64.31.55.20] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/backup.sql"] [unique_id "ajCYgbnrjFwVkCb_ZDt97gAAAAI"] ... show less	Web App Attack
🇳🇱 Savvii	2026-06-15 23:33:30 (13 hours ago)	20 attempts against mh-misbehave-ban on ec102950	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Lino Project	2026-06-15 22:54:43 (14 hours ago)	CrowdSec abuse IP report (host SRV-2) Scenario: crowdsecurity/http-sensitive-files	Hacking
🇩🇪 SCHAPPY	2026-06-15 22:13:59 (15 hours ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Web App Attack Hacking
🇺🇸 kosada.com	2026-06-15 21:41:10 (15 hours ago)	Web vulnerability probing: /adaactionguide.com.sql	Web App Attack
🇫🇷 vtchost.com	2026-06-12 11:17:03 (4 days ago)	vtchost.com:443 64.31.55.20 - - [12/Jun/2026:13:17:02 +0200] "GET /wp-content/uploads/dump.sql HTTP/ ... show more vtchost.com:443 64.31.55.20 - - [12/Jun/2026:13:17:02 +0200] "GET /wp-content/uploads/dump.sql HTTP/1.1" 418 2776 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 176 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 176.193.255.210

🇺🇸 173.234.225.70

🇯🇵 154.31.115.131

🇺🇸 216.151.137.65

🇹🇭 202.29.228.248

🇨🇳 193.112.175.92

🇬🇹 190.56.224.172

🇪🇨 186.68.83.104

🇰🇷 118.37.214.187

🇯🇵 87.83.100.173

🇨🇦 85.217.149.23

🇫🇷 51.68.34.131

🇳🇱 45.148.10.141

🇮🇳 4.240.96.30

🇺🇸 2607:f8b0:4001:c62::126

🇷🇴 193.32.162.83

🇴🇲 188.66.215.112

🇨🇳 183.207.48.143

🇨🇳 139.170.72.29

🇮🇩 70.153.184.32