JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.31.148.244

144.31.148.244 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 15%: ?

15%

ISP	VPSPay - vpspay.cloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS201988
Domain Name	vpspay.cloud
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.31.148.244

Whois 144.31.148.244

IP Abuse Reports for 144.31.148.244:

This IP address has been reported a total of 4 times from 4 distinct sources. 144.31.148.244 was first reported on May 16th 2026, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 kmtnck	2026-05-17 19:59:36 (4 weeks ago)	Fail2Ban (traefik-botsearch): Ban 144.31.148.244 after 28 failures 144.31.148.244 - - [16/May/2026:0 ... show more Fail2Ban (traefik-botsearch): Ban 144.31.148.244 after 28 failures 144.31.148.244 - - [16/May/2026:00:53:56 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 50863 "-" "python-requests/2.31.0" 144.31.148.244 - - [16/May/2026:00:53:56 +0000] "GET /backup.sql HTTP/1.1" 401 7881 "-" "python-requests/2.31.0" show less	Web App Attack
🇺🇸 Vinh Nguyen	2026-05-17 18:54:18 (4 weeks ago)	ModSecurity: Warning. Matched "Operator `Rx' with parameter `(?i:(?:select\|union\|insert\|update\|delet ... show more ModSecurity: Warning. Matched "Operator `Rx' with parameter `(?i:(?:select\|union\|insert\|update\|delete\|drop\|alter))' against variable `ARGS:id' [file "/etc/nginx/modsec/crs/rules.conf"] [line "1234"] [id "932115"] [msg "Remote Command Execution: Windows Command Injection"] [data "Matched Data"] [severity "CRITICAL"] [ver "OWASP_CRS/4.0.0"] [maturity "5"] [accuracy "5"] 144.31.148.244 - - [15/May/2026:04:42:02 +0000] "GET /wp-admin/ HTTP/1.1" 403 1119 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇦🇺 Aman kumar	2026-05-17 01:13:04 (4 weeks ago)	iptables DROP: IN=eth0 OUT= SRC=144.31.148.244 DST=10.40.239.1 LEN=58 TOS=0x00 PREC=0x00 TTL=105 ID= ... show more iptables DROP: IN=eth0 OUT= SRC=144.31.148.244 DST=10.40.239.1 LEN=58 TOS=0x00 PREC=0x00 TTL=105 ID=40659 DF PROTO=TCP SPT=34245 DPT=22 WINDOW=23994 RES=0x00 SYN URGP=0 321 hits from 144.31.148.244 in last 37 minutes targeting port 22 show less	Port Scan
🇷🇴 Adar P	2026-05-16 22:23:09 (4 weeks ago)	ModSecurity: Access denied with code 403 (phase 2). [id "930110"] [msg "Path Traversal Attack (/../) ... show more ModSecurity: Access denied with code 403 (phase 2). [id "930110"] [msg "Path Traversal Attack (/../)"] [severity "CRITICAL"] [tag "OWASP_CRS"] [ver "OWASP_CRS/4.0.0"] 144.31.148.244 - - [14/May/2026:01:48:26 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 1471 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" Unique ID: ff3c4113 show less	Hacking Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 179.185.227.77

🇺🇸 173.255.221.22

🇺🇸 162.217.162.250

🇹🇭 118.193.57.59

🇻🇳 113.161.222.150

🇰🇿 92.47.46.174

🇧🇷 45.5.102.93

🇨🇳 36.35.166.177

🇮🇳 182.95.230.142

🇳🇱 176.65.140.201

🇺🇸 173.255.243.63

🇺🇸 134.122.125.153

🇷🇺 84.47.160.26

🇬🇧 51.68.200.137

🇩🇪 45.131.108.251

🇨🇳 120.207.175.197

🇨🇳 111.31.165.144

🇧🇬 62.133.47.13

🇰🇷 34.50.18.202

🇮🇹 209.227.237.29