JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.102.224.195

149.102.224.195 was found in our database!

This IP was reported 101 times. Confidence of Abuse is 63%: ?

63%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-102-224-195.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Miami, Florida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.102.224.195

Whois 149.102.224.195

IP Abuse Reports for 149.102.224.195:

This IP address has been reported a total of 101 times from 47 distinct sources. 149.102.224.195 was first reported on June 12th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-06-26 00:39:56 (1 day ago)	2.959 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇩🇪 BlueWire Hosting	2026-06-25 23:24:49 (2 days ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 19:24:42 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket ... show more (mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 15:24:35.252778 2026] [security2:error] [pid 2456:tid 2456] [client 149.102.224.195:36352] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.224.195 (+1 hits since last alert)\|visionremota.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "visionremota.info"] [uri "/xmlrpc.php"] [unique_id "aj2Ac4ix3h5ozuzYfjUw6QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-25 16:45:41 (2 days ago)	(wordpress) Failed wordpress login from 149.102.224.195 (US/United States/unn-149-102-224-195.datapa ... show more (wordpress) Failed wordpress login from 149.102.224.195 (US/United States/unn-149-102-224-195.datapacket.com) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 15:15:46 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket ... show more (mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:15:40.043212 2026] [security2:error] [pid 31746:tid 31746] [client 149.102.224.195:37732] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.224.195 (+1 hits since last alert)\|capriexpress.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "capriexpress.com"] [uri "/xmlrpc.php"] [unique_id "aj1GHMGGZFH5t1wNHFJkvAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 14:44:37 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket ... show more (mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:44:30.919883 2026] [security2:error] [pid 22497:tid 22497] [client 149.102.224.195:46036] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.224.195 (+1 hits since last alert)\|vm-srl.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vm-srl.com"] [uri "/xmlrpc.php"] [unique_id "aj0-zk1OcCuZn26f46R7yQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 12:52:09 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket ... show more (mod_security) mod_security (id:225170) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 08:52:03.930444 2026] [security2:error] [pid 11054:tid 11054] [client 149.102.224.195:57174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aifactoid.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aifactoid.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj0kc3d0h8vBDYO8A19-CAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 05:30:57 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket ... show more (mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:30:50.700942 2026] [security2:error] [pid 22756:tid 22756] [client 149.102.224.195:55798] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.224.195 (+1 hits since last alert)\|twinls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "twinls.com"] [uri "/xmlrpc.php"] [unique_id "ajy9Ci5RzGsNp1qdjyGY7gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 05:30:06 (2 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-25 05:29:56 (2 days ago)	[redacted] 149.102.224.195 - - [25/Jun/2026:07:29:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 149.102.224.195 - - [25/Jun/2026:07:29:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.3; http://site24333713.com" [redacted] 149.102.224.195 - - [25/Jun/2026:07:29:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 149.102.224.195 - - [25/Jun/2026:07:29:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.3; http://site89730843.com" [redacted] 149.102.224.195 - - [25/Jun/2026:07:29:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 149.102.224.195 - - [25/Jun/2026:07:29:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 05:01:08 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket ... show more (mod_security) mod_security (id:240335) triggered by 149.102.224.195 (unn-149-102-224-195.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:01:00.871705 2026] [security2:error] [pid 31265:tid 31271] [client 149.102.224.195:38972] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.224.195 (+1 hits since last alert)\|chaoticperception.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "chaoticperception.com"] [uri "/xmlrpc.php"] [unique_id "ajy2DAHoHcDGrQDKH4EMTgAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 03:46:56 (2 days ago)	[redacted] 149.102.224.195 - - [25/Jun/2026:05:46:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 149.102.224.195 - - [25/Jun/2026:05:46:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.3; http://site87325242.com" [redacted] 149.102.224.195 - - [25/Jun/2026:05:46:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" [redacted] 149.102.224.195 - - [25/Jun/2026:05:46:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 149.102.224.195 - - [25/Jun/2026:05:46:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site91041907.com" [redacted] 149.102.224.195 - - [25/Jun/2026:05:46:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)" ... show less	Hacking Web App Attack
🇦🇺 oncord	2026-06-22 19:27:36 (5 days ago)	Form spam	Web Spam
🇺🇸 LARL-Stompro-2024	2026-06-21 20:20:13 (6 days ago)	Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1	Bad Web Bot
🇱🇻 garmtech.com	2026-06-20 09:57:23 (1 week ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack

Showing 1 to 15 of 101 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 216.26.233.76

🇸🇦 154.205.134.214

🇧🇩 103.142.80.122

🇺🇸 69.118.232.13

🇬🇧 35.203.211.92

🇨🇳 27.22.149.178

🇬🇧 217.146.80.114

🇨🇳 175.21.244.12

🇺🇸 172.253.218.216

🇫🇮 147.185.133.14

🇺🇸 66.132.186.137

🇷🇺 37.77.150.241

🇬🇧 35.203.211.201

🇺🇸 20.65.201.33

🇨🇳 218.203.203.232

🇺🇸 216.26.224.214

🇳🇱 185.156.73.157

🇳🇱 176.65.149.230

🇰🇷 175.201.203.181

🇺🇸 162.216.150.245