JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.244.54.29

143.244.54.29 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 38%: ?

38%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-143-244-54-29.datapacket.com
Domain Name	datacamp.co.uk
Country	🇷🇴 Romania
City	Bucharest, Bucharest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.244.54.29

Whois 143.244.54.29

IP Abuse Reports for 143.244.54.29:

This IP address has been reported a total of 90 times from 42 distinct sources. 143.244.54.29 was first reported on June 13th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-17 13:23:18 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 masterguru	2026-06-08 06:19:26 (2 weeks ago)	(xmlrpc) Failed xmlrpc access from 143.244.54.29 (RO/Romania/unn-143-244-54-29.datapacket.com): 5 in ... show more (xmlrpc) Failed xmlrpc access from 143.244.54.29 (RO/Romania/unn-143-244-54-29.datapacket.com): 5 in the last 3600 secs (0-122) show less	Hacking
🇫🇷 ELYAZ	2026-06-04 17:34:15 (2 weeks ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 143.244.54.29 (RO/Romani ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 143.244.54.29 (RO/Romania/unn-143-244-54-29.datapacket.com): (CF_ENABLE) show less	Port Scan
🇮🇹 LTM	2026-05-23 06:20:02 (4 weeks ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
Anonymous	2026-05-23 04:47:29 (1 month ago)	143.244.54.29 - - [23/May/2026:06:46:37 +0200] "POST /xmlrpc.php HTTP/1.0" 200 624 "-" "Mozilla/5.0 ... show more 143.244.54.29 - - [23/May/2026:06:46:37 +0200] "POST /xmlrpc.php HTTP/1.0" 200 624 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/92.0.0.0 Safari/537.36" 143.244.54.29 - - [23/May/2026:06:46:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/92.0.0.0 Safari/537.36" 143.244.54.29 - - [23/May/2026:06:47:05 +0200] "POST /xmlrpc.php HTTP/1.0" 200 624 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/94.0.0.0 Safari/537.36" 143.244.54.29 - - [23/May/2026:06:47:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/94.0.0.0 Safari/537.36" 143.244.54.29 - - [23/May/2026:06:47:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/62.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇨🇳 pengpeng	2026-05-23 01:35:34 (1 month ago)	monitor: on VM-0-7-ubuntu \| port: 37903 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 37903 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 factor1	2026-05-22 21:46:51 (1 month ago)	Fail2ban at saturn Reports Abuse.	Brute-Force Web App Attack
🇳🇱 wlt-blocker	2026-05-13 10:12:47 (1 month ago)	Unauthorized access to webpage admin	Web App Attack
🇬🇧 consul.to	2026-05-12 04:24:04 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 openstrike.co.uk	2026-05-11 07:59:14 (1 month ago)	10 packets to ports 465 587	Brute-Force
🇺🇸 bigscoots.com	2026-05-10 03:14:37 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 143.244.54.29 (RO/Romania/unn-143-244-54-29.datapacket.com): ... show more (smtpauth) Failed SMTP AUTH login from 143.244.54.29 (RO/Romania/unn-143-244-54-29.datapacket.com): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-09 23:12:58 dovecot_login authenticator failed for H=(2LbOUu) [143.244.54.29]:51007: 535 Incorrect authentication data ([email protected]) 2026-05-09 23:13:07 dovecot_login authenticator failed for H=(O5JALIaI) [143.244.54.29]:61385: 535 Incorrect authentication data (set_id=erika) 2026-05-09 23:13:20 dovecot_login authenticator failed for H=(H7ww4561pq) [143.244.54.29]:26389: 535 Incorrect authentication data ([email protected]) 2026-05-09 23:13:25 dovecot_login authenticator failed for H=(j58k4gjb) [143.244.54.29]:20480: 535 Incorrect authentication data (set_id=erika) 2026-05-09 23:14:34 dovecot_login authenticator failed for H=(izDFrcEsfl) [143.244.54.29]:5637: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇬🇧 consul.to	2026-05-01 18:26:25 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 4server	2026-05-01 14:20:20 (1 month ago)	[FriMay0116:20:19.0736062026][security2:error][pid469404:tid469486][client143.244.54.29:0]ModSecurit ... show more [FriMay0116:20:19.0736062026][security2:error][pid469404:tid469486][client143.244.54.29:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"royalhosting.ch\"][uri\"/xmlrpc.php\"][unique_id\"afS2o-Z2advSCir3rDwGxQAAANE\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-01 13:59:45 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 143.244.54.29 (unn-143-244-54-29.datapacket.com ... show more (mod_security) mod_security (id:225170) triggered by 143.244.54.29 (unn-143-244-54-29.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 09:59:39.986488 2026] [security2:error] [pid 12555:tid 12555] [client 143.244.54.29:22469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ralphharris.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ralphharris.org"] [uri "/wp-json/wp/v2/users"] [unique_id "afSxy9eN22MyVktvd4D5GgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-04-29 06:27:01 (1 month ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.96.139.92

🇺🇸 172.59.155.170

🇰🇷 118.194.249.8

🇺🇸 20.127.244.206

🇩🇪 193.124.20.236

🇲🇾 183.171.249.119

🇯🇵 172.253.6.145

🇸🇬 152.42.240.74

🇧🇷 129.121.32.44

🇮🇳 122.177.242.181

🇧🇩 103.183.62.3

🇵🇰 101.50.76.229

🇨🇦 50.64.164.213

🇨🇦 4.204.223.67

🇲🇾 183.171.242.59

🇮🇳 182.95.185.158

🇫🇮 147.185.133.112

🇱🇹 45.227.254.170

🇺🇦 45.11.57.172

🇨🇳 42.176.165.184