JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.204.31.215

31.204.31.215 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 11%: ?

11%

ISP	WS Telecom Inc
Usage Type	Fixed Line ISP
ASN	AS209372
Domain Name	wstelecom.us
Country	🇺🇸 United States of America
City	Denver, Colorado

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.204.31.215

Whois 31.204.31.215

IP Abuse Reports for 31.204.31.215:

This IP address has been reported a total of 9 times from 5 distinct sources. 31.204.31.215 was first reported on December 9th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 pltcldvlpr	2026-06-19 17:11:21 (3 days ago)	Bogus Useragent: 31.204.31.215 - - [19/Jun/2026:19:11:20 +0200] "GET /protocol?id=rp_14_109&paragrap ... show more Bogus Useragent: 31.204.31.215 - - [19/Jun/2026:19:11:20 +0200] "GET /protocol?id=rp_14_109&paragraph=11076428&seq=844 HTTP/1.1" 403 5 "-" "Opera/8.43.(X11; Linux i686; pa-IN) Presto/2.9.189 Version/12.00" asn=209372 org="WS Telecom Inc" country=US ... show less	Bad Web Bot
🇩🇪 milcraft.nl	2026-05-18 01:14:34 (1 month ago)	Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ... show more Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse. show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 16:20:06 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 12:20:00.344333 2026] [security2:error] [pid 29779:tid 29779] [client 31.204.31.215:42927] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|guarinofurnituredesigns.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "guarinofurnituredesigns.com"] [uri "/"] [unique_id "ac6XMMlCAcuOC3Xjqp2CLgAAAAI"], referer: https://guarinofurnituredesigns.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 05:08:26 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 01:08:21.629315 2026] [security2:error] [pid 19246:tid 19246] [client 31.204.31.215:49295] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|starcrestsales.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "starcrestsales.com"] [uri "/about"] [unique_id "acyoRVICWDdkxI0vB0zE1wAAABo"], referer: https://starcrestsales.com/about show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-23 20:33:52 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 16:33:45.016333 2026] [security2:error] [pid 5008:tid 5008] [client 31.204.31.215:26651] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|bentonflybox.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bentonflybox.com"] [uri "/about-us"] [unique_id "acGjqfJykjOx9MJygX93bgAAABM"], referer: https://bentonflybox.com/about-us show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 raymarron.com	2026-03-20 22:16:57 (3 months ago)	/aboutus	Web App Attack
🇺🇸 TPI-Abuse	2026-03-20 00:49:21 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 20:49:13.804076 2026] [security2:error] [pid 3360:tid 3360] [client 31.204.31.215:55105] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.reyadecostarica.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.reyadecostarica.com"] [uri "/about"] [unique_id "abyZiXGQTu9vv13fVgAT6AAAAAg"], referer: http://www.reyadecostarica.com/about show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 04:36:45 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 31.204.31.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:36:37.537710 2026] [security2:error] [pid 16905:tid 16934] [client 31.204.31.215:49283] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|ajbruner.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ajbruner.com"] [uri "/ct/shop/"] [unique_id "aa-f1XGZN91bSB67zhJGigAAAM0"], referer: https://ajbruner.com/ct/shop/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-09 17:28:55 (6 months ago)	botnet	DDoS Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.113.47.155

🇺🇸 172.253.2.22

🇩🇪 164.90.176.216

🇳🇱 143.179.241.103

🇳🇱 213.176.16.100

🇸🇬 172.253.236.211

🇺🇸 147.185.132.64

🇺🇸 107.152.44.215

🇩🇪 104.207.56.17

🇺🇸 91.230.168.39

🇫🇷 82.66.180.77

🇩🇪 69.5.169.190

🇺🇸 52.53.178.194

🇬🇧 35.203.211.18

🇺🇸 184.168.21.211

🇮🇩 143.20.49.38

🇨🇳 120.48.135.32

🇮🇳 103.5.133.149

🇵🇪 38.250.131.21

🇷🇴 2.57.121.112