JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.31.220.41

144.31.220.41 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	aurorix networks
Usage Type	Data Center/Web Hosting/Transit
ASN	AS216039
Hostname(s)	protected-by.aurorix.net
Domain Name	aurorix.net
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.31.220.41

Whois 144.31.220.41

IP Abuse Reports for 144.31.220.41:

This IP address has been reported a total of 35 times from 27 distinct sources. 144.31.220.41 was first reported on June 22nd 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 EGP Abuse Dept	2026-06-23 07:38:26 (6 hours ago)	Unauthorized connection to Telnet port 23	Port Scan Hacking
🇹🇭 Sawasdee	2026-06-23 05:48:06 (7 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇬🇧 PeravixGroup	2026-06-23 01:56:04 (11 hours ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 rscott.us	2026-06-23 01:00:14 (12 hours ago)	Brute force SSH login attempts.	Brute-Force SSH
🇺🇸 MPL	2026-06-22 23:56:15 (13 hours ago)	tcp/22 (2 or more attempts)	Port Scan
🇸🇪 KIDOS	2026-06-22 15:06:30 (22 hours ago)	CrowdSec detected malicious activity	DDoS Attack
🇺🇸 MPL	2026-06-22 14:53:45 (22 hours ago)	tcp/23 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-22 14:53:45 (22 hours ago)	tcp ports: 23,443 (4 or more attempts)	Port Scan
🇺🇸 yzfdude1	2026-06-22 13:01:12 (1 day ago)	Jun 22 07:01:10 b146-38 sshd[380912]: Invalid user orangepi from 144.31.220.41 port 59680 Jun 22 07: ... show more Jun 22 07:01:10 b146-38 sshd[380912]: Invalid user orangepi from 144.31.220.41 port 59680 Jun 22 07:01:10 b146-38 sshd[380912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.31.220.41 Jun 22 07:01:11 b146-38 sshd[380912]: Failed password for invalid user orangepi from 144.31.220.41 port 59680 ssh2 ... show less	Brute-Force SSH
🇩🇪 maxpower	2026-06-22 12:35:38 (1 day ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 144.31.220.41 (DE/Germany/protected-by.a ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 144.31.220.41 (DE/Germany/protected-by.aurorix.net): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 144.31.220.41 - - [22/Jun/2026:14:35:23 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 10433 "-" "libredtail-http" "-" host=145.239.233.176 144.31.220.41 - - [22/Jun/2026:14:35:23 +0200] "GET /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 10429 "-" "libredtail-http" "-" host=145.239.233.176 show less	Port Scan
🇫🇷 security.rdmc.fr	2026-06-22 12:34:50 (1 day ago)	Port Scan Attack proto:TCP src:46696 dst:23	Port Scan
🇺🇸 4ensic	2026-06-22 12:20:29 (1 day ago)	Jun 22 07:18:34 racknerd-a34c87 sshd[76722]: pam_unix(sshd:auth): authentication failure; logname= u ... show more Jun 22 07:18:34 racknerd-a34c87 sshd[76722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.31.220.41 Jun 22 07:18:36 racknerd-a34c87 sshd[76722]: Failed password for invalid user orangepi from 144.31.220.41 port 47014 ssh2 Jun 22 07:19:25 racknerd-a34c87 sshd[76734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.31.220.41 user=root Jun 22 07:19:28 racknerd-a34c87 sshd[76734]: Failed password for root from 144.31.220.41 port 59140 ssh2 Jun 22 07:20:27 racknerd-a34c87 sshd[76751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.31.220.41 user=root Jun 22 07:20:28 racknerd-a34c87 sshd[76751]: Failed password for root from 144.31.220.41 port 36164 ssh2 ... show less	Brute-Force SSH
🇺🇸 RAP	2026-06-22 10:22:43 (1 day ago)	Probing web services for vulnerabilities	Port Scan
🇩🇪 Panter	2026-06-22 09:33:48 (1 day ago)	Bruteforce detected by fail2ban SSH	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-22 09:23:42 (1 day ago)	(mod_security) mod_security (id:218420) triggered by 144.31.220.41 (protected-by.aurorix.net): 1 in ... show more (mod_security) mod_security (id:218420) triggered by 144.31.220.41 (protected-by.aurorix.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 05:23:35.252497 2026] [security2:error] [pid 15018:tid 15018] [client 144.31.220.41:49040] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "38"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|192.64.151.12:80\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "192.64.151.12"] [uri "/hello.world"] [unique_id "ajj_F0R5Wv1vh033tg5C9AAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 111.198.221.98

🇮🇹 45.91.20.116

🇺🇸 34.133.246.1

🇨🇳 223.112.68.166

🇺🇸 162.216.149.180

🇸🇦 144.24.209.174

🇮🇹 93.95.216.100

🇳🇱 89.21.67.169

🇧🇷 45.162.8.14

🇧🇷 45.140.193.156

🇺🇸 2607:f8b0:4023:1004::12d

🇰🇿 185.239.146.241

🇺🇸 136.118.155.1

🇻🇳 103.176.24.57

🇺🇸 195.184.76.66

🇨🇳 180.165.38.170

🇳🇱 172.94.9.60

🇮🇶 95.170.206.42

🇵🇱 94.152.206.19

🇺🇸 91.230.168.137