JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 173.244.55.114

173.244.55.114 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 0%: ?

ISP	VPN Consumer Network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS262287
Domain Name	vpnconsumer.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 173.244.55.114

Whois 173.244.55.114

IP Abuse Reports for 173.244.55.114:

This IP address has been reported a total of 68 times from 38 distinct sources. 173.244.55.114 was first reported on March 23rd 2023, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Apache	2026-02-10 04:53:48 (4 months ago)	(mod_security) mod_security (id:20000010) triggered by 173.244.55.114 (UY/Uruguay/-): 5 in the last ... show more (mod_security) mod_security (id:20000010) triggered by 173.244.55.114 (UY/Uruguay/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-09 02:42:44 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 myagent.site	2026-02-07 18:58:36 (4 months ago)	Blocking for trying to access an exploit file: /vendor/phpunit/phpunit/src/Util/PHP/	Hacking
Anonymous	2026-02-07 17:05:11 (4 months ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (956/60 min)'; Requests=956	Port Scan
🇺🇸 TPI-Abuse	2026-02-07 00:15:51 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 173.244.55.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240000) triggered by 173.244.55.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 19:15:44.647177 2026] [security2:error] [pid 1030684:tid 1030722] [client 173.244.55.114:29219] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|americanacademyofprojectmanagement.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "americanacademyofprojectmanagement.com"] [uri "/images/stories/themes.php"] [unique_id "aYaEMArN28uysBtQ6FF9bQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-06 23:56:10 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 173.244.55.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240000) triggered by 173.244.55.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 18:56:04.531711 2026] [security2:error] [pid 28430:tid 28430] [client 173.244.55.114:47637] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|techworksunlimited.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "techworksunlimited.com"] [uri "/images/stories/themes.php"] [unique_id "aYZ_lMMCCmmfjfmgQZB9iQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-03 07:22:03 (4 months ago)	Bot / scanning and/or hacking attempts: GET /admin/controller/extension/extension/ HTTP/1.1, GET /ad ... show more Bot / scanning and/or hacking attempts: GET /admin/controller/extension/extension/ HTTP/1.1, GET /admin/images/slider/ HTTP/1.1, GET /admin/tmp/ HTTP/1.1, GET /admin/uploads/ HTTP/1.1, GET /admin/editor/ HTTP/1.1, GET /sites/default/files/ HTTP/1.1 show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-02-03 02:53:57 (4 months ago)	IM360 WAF: Suspicious files in jQuery	Web App Attack
🇱🇻 garmtech.com	2026-02-03 02:53:36 (4 months ago)	IM360 WAF: Interaction with fake plugin MV:/wp-content/plugins/pwnd/pwnd.php	Web App Attack
🇱🇻 garmtech.com	2026-02-03 02:53:33 (4 months ago)	IM360 WAF: Interaction with fake plugin MV:/wp-content/plugins/seoplugins/db.php?u	Web App Attack
🇱🇻 garmtech.com	2026-02-03 02:53:31 (4 months ago)	IM360 WAF: Block interaction with malicious plugin	Web App Attack
🇱🇻 garmtech.com	2026-02-03 02:53:23 (4 months ago)	IM360 WAF: Block access to the shell MV:/.wp/wso.php	Hacking
🇳🇱 jjnxpct	2026-01-06 04:48:01 (5 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /images/class-config.php (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-01-05 11:30:00 (5 months ago)	(mod_security) mod_security (id:240000) triggered by 173.244.55.114 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240000) triggered by 173.244.55.114 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 06:29:53.753499 2026] [security2:error] [pid 31653:tid 31672] [client 173.244.55.114:37837] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|teanaunz.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "teanaunz.com"] [uri "/images/stories/themes.php"] [unique_id "aVugsVbQbs09hXIdZtnIbwAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-01-05 09:15:59 (5 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 207.148.108.129

🇮🇩 203.175.125.130

🇲🇴 182.93.50.90

🇩🇪 128.1.120.14

🇵🇰 110.93.224.226

🇮🇪 108.130.199.60

🇮🇩 103.146.202.84

🇦🇪 94.205.250.78

🇮🇩 69.5.23.222

🇹🇼 198.235.24.75

🇮🇩 182.253.79.195

🇱🇹 77.90.185.97

🇺🇸 66.228.53.4

🇳🇱 52.174.67.71

🇷🇴 2.57.122.238

🇲🇾 180.74.84.64

🇺🇸 172.96.182.111

🇳🇱 164.92.154.226

🇦🇪 155.117.183.79

🇩🇿 154.241.60.98