JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.220.95.104

31.220.95.104 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 23%: ?

23%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3121272.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.220.95.104

Whois 31.220.95.104

IP Abuse Reports for 31.220.95.104:

This IP address has been reported a total of 10 times from 8 distinct sources. 31.220.95.104 was first reported on March 6th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 dcnet	2026-06-18 14:00:49 (6 days ago)	FortiGate detected DOS attack from IPv4 address 31.220.95.104	DDoS Attack
🇫🇷 Sklurk	2026-05-30 04:33:22 (3 weeks ago)	Web App Attack	Web App Attack
🇪🇸 pipeline.es	2026-05-29 13:24:51 (3 weeks ago)	Port scanning / recon \| Evidence: date=2026-05-29 time=15:22:39 devname="[redacted]" devid="[redacte ... show more Port scanning / recon \| Evidence: date=2026-05-29 time=15:22:39 devname="[redacted]" devid="[redacted]" eventtime=1780060959193876969 tz=\"+0200\" logid=\"0000000013\" type=\"traffic\" subtype=\"forward\" level=\"notice\" vd="[redacted]" srcip=31.220.95.104 srcport=45630 srcintf="[redacted]" srcintfrole=\"wan\" dstip=[redacted] dstport=443 dstintf="[redacted]" dstintfrole=\"lan\" srccountry=\"France\" dstcountry=\"Spain\" sessioni \| ASN: Contabo GmbH \| Country: FR show less	Port Scan Web App Attack
🇮🇹 Progetto1	2026-05-22 01:40:14 (1 month ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 02:49:47 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 31.220.95.104 (vmi3121272.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 31.220.95.104 (vmi3121272.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 22:49:43.439492 2026] [security2:error] [pid 923:tid 923] [client 31.220.95.104:52736] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Hudson II/Vermont Bark/Loveseat/Thumbs.db"] [unique_id "agKVR2a1AeWYWUosi5IwYwAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-11 15:48:12 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 31.220.95.104 (vmi3121272.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 31.220.95.104 (vmi3121272.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 11:48:07.223271 2026] [security2:error] [pid 26365:tid 26365] [client 31.220.95.104:36478] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.3905ccn.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.3905ccn.org"] [uri "/\\\\\\\\quickqsl.com"] [unique_id "agH6NycF5HlfhVDFUlSJrAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-04-23 02:06:32 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 Sklurk	2026-03-18 13:49:06 (3 months ago)	Web App Attack	Web App Attack
🇩🇪 strzonnek	2026-03-10 03:05:20 (3 months ago)	attack on webform	Brute-Force Web App Attack
🇮🇩 Burayot	2026-03-06 06:48:45 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:10000003) triggered by 31.220.95.104 (FR/France/vmi312127 ... show more LF_MODSEC: (mod_security) mod_security (id:10000003) triggered by 31.220.95.104 (FR/France/vmi3121272.contaboserver.net): 2 in the last 3600 secs show less	Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c17::12a

🇧🇷 205.210.31.184

🇪🇹 196.189.225.77

🇵🇱 194.180.48.33

🇧🇴 190.129.122.185

🇧🇷 187.87.241.49

🇧🇷 187.16.96.250

🇨🇱 179.9.167.16

🇸🇬 168.138.188.55

🇦🇹 152.53.0.56

🇨🇳 106.6.136.191

🇺🇸 104.248.179.230

🇫🇷 91.196.152.212

🇸🇨 45.194.67.146

🇳🇱 45.148.10.29

🇺🇸 35.230.48.215

🇺🇸 20.65.193.255

🇺🇸 152.70.157.25

🇺🇸 147.182.237.2

🇨🇳 123.54.51.163