JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.102.139.233

149.102.139.233 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 0%: ?

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	mail.kerkdiensten-archief.nl
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.102.139.233

Whois 149.102.139.233

IP Abuse Reports for 149.102.139.233:

This IP address has been reported a total of 4 times from 3 distinct sources. 149.102.139.233 was first reported on September 16th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2024-09-16 16:58:24 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇯🇵 ki3	2024-09-16 08:10:07 (1 year ago)	Fail2Ban: Web Attack 149.102.139.233 1726474207.0(JST)	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-16 07:48:49 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 149.102.139.233 (vmi2053654.contaboserver.net): ... show more (mod_security) mod_security (id:240335) triggered by 149.102.139.233 (vmi2053654.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 03:48:43.505440 2024] [security2:error] [pid 17851:tid 17851] [client 149.102.139.233:34050] [client 149.102.139.233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.139.233 (+1 hits since last alert)\|www.indoorsfinishing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.indoorsfinishing.com"] [uri "/xmlrpc.php"] [unique_id "Zufi27tINiq2jfXxJllvNgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-16 07:33:45 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 149.102.139.233 (vmi2053654.contaboserver.net): ... show more (mod_security) mod_security (id:240335) triggered by 149.102.139.233 (vmi2053654.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 03:33:37.424107 2024] [security2:error] [pid 24088:tid 24088] [client 149.102.139.233:58210] [client 149.102.139.233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.139.233 (+1 hits since last alert)\|www.miroconsulting.es\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.miroconsulting.es"] [uri "/xmlrpc.php"] [unique_id "ZuffURGwV6vEgsBHBDZN7AAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.217

🇷🇺 176.118.22.128

🇵🇰 110.93.224.226

🇺🇸 98.97.114.23

🇺🇸 75.210.111.219

🇭🇰 43.132.227.251

🇺🇸 40.83.182.122

🇺🇸 24.185.202.59

🇷🇴 2.57.121.25

🇺🇸 162.217.165.144

🇫🇮 147.185.133.101

🇩🇪 139.59.208.49

🇺🇸 103.203.57.26

🇰🇷 59.14.170.169

🇲🇾 47.250.135.156

🇺🇸 47.40.224.196

🇬🇧 20.254.59.214

🇺🇸 18.97.19.145

🇺🇸 4.236.124.53

🇬🇧 185.216.145.172