JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 144.202.0.149

144.202.0.149 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 100%: ?

100%

ISP	Vultr Holdings, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Hostname(s)	144.202.0.149.vultrusercontent.com
Domain Name	vultr.com
Country	🇺🇸 United States of America
City	Piscataway, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 144.202.0.149

Whois 144.202.0.149

IP Abuse Reports for 144.202.0.149:

This IP address has been reported a total of 33 times from 31 distinct sources. 144.202.0.149 was first reported on June 20th 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Gwyneth Llewelyn	2026-06-20 23:04:41 (1 minute ago)	144.202.0.149 - - [21/Jun/2026:00:04:40 +0100] "GET /cgi-bin/index.php HTTP/1.1" 404 1006 "-" "Mozil ... show more 144.202.0.149 - - [21/Jun/2026:00:04:40 +0100] "GET /cgi-bin/index.php HTTP/1.1" 404 1006 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot
🇫🇷 SpaceHost-Server	2026-06-20 22:26:39 (39 minutes ago)		Brute-Force Web App Attack
🇩🇪 maxpower	2026-06-20 22:26:09 (39 minutes ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 144.202.0.149 (US/United States/144.202.0.149 ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 144.202.0.149 (US/United States/144.202.0.149.vultrusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 144.202.0.149 - - [21/Jun/2026:00:26:07 +0200] "GET /f35.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=confartigianato.pe.it show less	Port Scan
🇱🇻 garmtech.com	2026-06-20 22:08:06 (57 minutes ago)	Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthori ... show more Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 Epimetheus	2026-06-20 21:42:10 (1 hour ago)	Unauthorized access attempts: [GET] /epinyins.php [GET] /wp-includes/php-compat/ [GET] /wp.php [GET ... show more Unauthorized access attempts: [GET] /epinyins.php [GET] /wp-includes/php-compat/ [GET] /wp.php [GET] /function/function.php [GET] /wp-includes/SimplePie/admin.php [GET] /wp-content/uploads/ [GET] /cache.php [GET] /rip.php [GET] /files/index.php [GET] /o.php [GET] /images/images/about.php [GET] /wp-includes/js/crop/ [GET] /wp-admin/maint/admin.php [GET] /wp-includes/js/crop/ [GET] /wp-includes/IXR/index.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 francoisunix	2026-06-20 20:59:10 (2 hours ago)	144.202.0.149 - - [20/Jun/2026:20:59:06 +0000] "GET /wp-includes/block-supports/ HTTP/1.0" 403 548 " ... show more 144.202.0.149 - - [20/Jun/2026:20:59:06 +0000] "GET /wp-includes/block-supports/ HTTP/1.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 144.202.0.149 - - [20/Jun/2026:20:59:06 +0000] "GET /wp-admin/css/ HTTP/1.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 144.202.0.149 - - [20/Jun/2026:20:59:07 +0000] "GET /wp-includes/js/ HTTP/1.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 144.202.0.149 - - [20/Jun/2026:20:59:07 +0000] "GET /wp-admin/css/colors/ HTTP/1.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 144.202.0.149 - - [20/Jun/2026:20:59:08 +0000] "GET /wp-includes/html-api/ HTTP/1.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML ... show less	Web App Attack
🇬🇷 setupgr	2026-06-20 20:43:50 (2 hours ago)	(mod_security) mod_security (id:11000011) triggered by 144.202.0.149 (US/United States/New Jersey/Pi ... show more (mod_security) mod_security (id:11000011) triggered by 144.202.0.149 (US/United States/New Jersey/Piscataway/-/[AS20473 AS-VULTR]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 20 23:43:46.973533 2026] [security2:error] [pid 2277:tid 2348] [client 144.202.0.149:52545] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "vultrusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 144.202.0.149.vultrusercontent.com"] [severity "CRITICAL"] [hostname "www.doityourself.gr"] [uri "/admin.php"] [unique_id "ajb7glVjV5VR3hAZ4rl3nAAAAEA"] show less	Port Scan
Anonymous	2026-06-20 20:05:20 (3 hours ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (162/60 min)'; Requests=162	Port Scan
🇳🇱 Site.eu	2026-06-20 19:26:56 (3 hours ago)	Excessive multi-domain requests	Brute-Force
🇮🇩 zam	2026-06-20 19:25:34 (3 hours ago)	144.202.0.149 - - [20/Jun/2026:19:25:30 +0000] "GET /gecko.php HTTP/1.1" 302 270	Web App Attack
🇧🇾 lns.bz	2026-06-20 19:12:47 (3 hours ago)	Too many 404 requests [BY]	Web App Attack
🇸🇬 Cloudkul Cloudkul	2026-06-20 19:12:27 (3 hours ago)	Attempted Brute Force on our application	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-20 19:05:48 (4 hours ago)	Too many Status 40X (13)	Brute-Force Web App Attack
Anonymous	2026-06-20 19:04:56 (4 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Webshell probing show less	Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-06-20 18:35:38 (4 hours ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 203.245.41.180

🇺🇸 174.85.187.123

🇻🇳 103.60.242.169

🇮🇷 78.39.15.7

🇺🇸 74.7.229.177

🇮🇪 63.35.162.91

🇳🇱 45.198.224.190

🇺🇸 44.204.109.101

🇺🇸 37.218.221.94

🇬🇧 35.203.211.61

🇺🇸 34.227.98.82

🇸🇬 18.142.243.221

🇫🇷 15.188.49.133

🇸🇬 13.212.117.150

🇩🇪 8.209.127.2

🇩🇪 3.79.31.205

🇦🇺 3.27.77.95

🇹🇷 176.91.130.189

🇺🇸 138.186.136.168

🇯🇵 103.143.72.165