JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.31.53.252

144.31.53.252 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 11%: ?

11%

ISP	VPSPay - vpspay.cloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS201988
Domain Name	vpspay.cloud
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.31.53.252

Whois 144.31.53.252

IP Abuse Reports for 144.31.53.252:

This IP address has been reported a total of 4 times from 3 distinct sources. 144.31.53.252 was first reported on May 16th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 kmtnck	2026-05-17 19:24:10 (1 month ago)	Fail2Ban (traefik-botsearch): Ban 144.31.53.252 after 32 failures 144.31.53.252 - - [16/May/2026:04: ... show more Fail2Ban (traefik-botsearch): Ban 144.31.53.252 after 32 failures 144.31.53.252 - - [16/May/2026:04:08:29 +0000] "GET /ecp/default.aspx HTTP/1.1" 400 26185 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 144.31.53.252 - - [16/May/2026:04:08:29 +0000] "GET /api/config HTTP/1.1" 404 8158 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" show less	Web App Attack
🇫🇮 Gowtham A	2026-05-17 18:32:05 (1 month ago)	CrowdSec: crowdsecurity/http-crawl-non_statics 144.31.53.252 - - [15/May/2026:16:45:55 +0000] "GET / ... show more CrowdSec: crowdsecurity/http-crawl-non_statics 144.31.53.252 - - [15/May/2026:16:45:55 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 401 44385 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv)" 3 alerts in 8s \| Action: ban 4h show less	Web App Attack
🇨🇦 kmtnck	2026-05-17 01:33:25 (1 month ago)	Fail2Ban (traefik-botsearch): Ban 144.31.53.252 after 15 failures 144.31.53.252 - - [16/May/2026:11: ... show more Fail2Ban (traefik-botsearch): Ban 144.31.53.252 after 15 failures 144.31.53.252 - - [16/May/2026:11:17:56 +0000] "GET /.htpasswd HTTP/1.1" 404 27411 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 144.31.53.252 - - [16/May/2026:11:17:56 +0000] "GET /admin/config.php HTTP/1.1" 403 5821 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Web App Attack
🇷🇴 Adar P	2026-05-16 22:30:36 (1 month ago)	ModSecurity: Access denied with code 403 (phase 2). [id "913100"] [msg "Found User-Agent associated ... show more ModSecurity: Access denied with code 403 (phase 2). [id "913100"] [msg "Found User-Agent associated with security scanner"] [severity "CRITICAL"] [tag "OWASP_CRS"] [ver "OWASP_CRS/4.0.0"] 144.31.53.252 - - [15/May/2026:12:33:37 +0000] "GET /.htaccess HTTP/1.1" 403 1137 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" Unique ID: 62fdc70a show less	Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.46.255.86

🇻🇳 118.70.146.125

🇸🇬 52.237.80.79

🇺🇸 50.2.50.10

🇳🇱 45.148.10.151

🇰🇿 37.151.58.74

🇺🇸 13.89.125.29

🇵🇱 2a00:1450:4025:807::128

🇺🇸 195.184.76.93

🇳🇱 195.178.110.135

🇩🇪 194.88.98.118

🇳🇱 176.65.148.244

🇩🇪 165.227.163.140

🇰🇷 121.133.252.114

🇧🇩 103.204.247.58

🇺🇸 71.27.102.242

🇺🇸 185.180.141.67

🇺🇸 158.94.187.235

🇺🇸 104.244.124.135

🇬🇧 91.204.209.46