JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.102.239.88

149.102.239.88 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 57%: ?

57%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-102-239-88.datapacket.com
Domain Name	datacamp.co.uk
Country	🇷🇴 Romania
City	Bucharest, Bucharest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.102.239.88

Whois 149.102.239.88

IP Abuse Reports for 149.102.239.88:

This IP address has been reported a total of 27 times from 23 distinct sources. 149.102.239.88 was first reported on September 21st 2023, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Kepler-1649c	2026-06-17 22:05:27 (14 hours ago)	Detected Attack: HTTP.URI.SQL.Injection	Hacking
🇺🇸 Secure Gateway®️	2026-06-17 22:00:25 (14 hours ago)	Report By Secure Gateway Security Team: Brute Force Login Attempt	SQL Injection
🇺🇸 ALSCO®️	2026-06-17 22:00:25 (14 hours ago)	Report By ALSCO Security Team: Potential CSRF Attack Detected	SQL Injection
🇫🇷 lafi.fr	2026-06-17 13:23:00 (23 hours ago)	sql injection attempts	Bad Web Bot Web App Attack
🇫🇮 danskefilm.dk	2026-06-17 13:00:01 (23 hours ago)	SQL injection	SQL Injection
Anonymous	2026-06-17 12:10:03 (1 day ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇳🇱 Mangelot Hosting	2026-06-17 12:08:48 (1 day ago)	(modsecurity) srv102 ModSecurity 149.102.239.88 (RO/Romania/unn-149-102-239-88.datapacket.com): 10 i ... show more (modsecurity) srv102 ModSecurity 149.102.239.88 (RO/Romania/unn-149-102-239-88.datapacket.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
Anonymous	2026-06-17 11:55:34 (1 day ago)	149.102.239.88 - - [17/Jun/2026:13:55:22 +0200] "GET /?_err=session&_task=login%27+AND+1%3D1+UNION+S ... show more 149.102.239.88 - - [17/Jun/2026:13:55:22 +0200] "GET /?_err=session&_task=login%27+AND+1%3D1+UNION+SELECT+NULL--+- HTTP/1.1" 200 3484 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 149.102.239.88 - - [17/Jun/2026:13:55:23 +0200] "GET /?_err=session&_task=login%27+AND+1%3D1--+- HTTP/1.1" 200 3468 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 149.102.239.88 - - [17/Jun/2026:13:55:23 +0200] "GET /?_mbox=INBOX&_task=mail%27+AND+1%3D1--+- HTTP/1.1" 200 3431 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 149.102.239.88 - - [17/Jun/2026:13:55:23 +0200] "GET /?_err=session%27+AND+1%3D1--+-&_task=login HTTP/1.1" 200 3427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 149.102.239.88 - - [17/Jun/2026:13:55:23 +0200] "GET /?_mbox=INBOX%27+AND+1%3D1--+-&_task=mail HTTP/1.1" 200 3430 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 149.102.239.88 - - [17/Jun/2026:13:55:24 +0200] "GET /?_mbox=INBOX&_tas ... show less	Web App Attack
🇸🇰 GOVCERT	2026-06-17 11:24:45 (1 day ago)	XMLRPC	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 16:02:31 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 149.102.239.88 (unn-149-102-239-88.datapacket.c ... show more (mod_security) mod_security (id:240335) triggered by 149.102.239.88 (unn-149-102-239-88.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 12:02:23.675332 2026] [security2:error] [pid 1903489:tid 1903489] [client 149.102.239.88:64538] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.239.88 (+1 hits since last alert)\|ssion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "aeJZj7wf22XD2F1UtPS12QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 15:12:06 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 149.102.239.88 (unn-149-102-239-88.datapacket.c ... show more (mod_security) mod_security (id:240335) triggered by 149.102.239.88 (unn-149-102-239-88.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 11:11:59.631416 2026] [security2:error] [pid 799686:tid 799686] [client 149.102.239.88:64589] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.239.88 (+1 hits since last alert)\|tenmenband.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tenmenband.com"] [uri "/xmlrpc.php"] [unique_id "aeJNv4fd2YNKINurTGub2gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 10:05:46 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 149.102.239.88 (unn-149-102-239-88.datapacket.c ... show more (mod_security) mod_security (id:240335) triggered by 149.102.239.88 (unn-149-102-239-88.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 06:05:41.714850 2026] [security2:error] [pid 108156:tid 108156] [client 149.102.239.88:64007] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 149.102.239.88 (+1 hits since last alert)\|allotrope.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "allotrope.com"] [uri "/xmlrpc.php"] [unique_id "aeIF9U0W2UHOb9UR_aPwQQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Kenshin869	2026-04-17 09:12:34 (2 months ago)	Wordpress unauthorized access attempt	Brute-Force
🇫🇮 YF	2026-04-17 08:00:39 (2 months ago)	xmlrpc.php (Potential DDoS or brute force)	Brute-Force Web App Attack
Anonymous	2026-04-17 06:18:39 (2 months ago)		Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.39.46.41

🇺🇸 162.216.150.92

🇩🇿 154.241.113.27

🇮🇳 122.168.123.73

🇷🇺 85.175.99.67

🇷🇺 83.217.220.136

🇷🇺 80.253.31.232

🇻🇳 27.79.45.134

🇮🇹 2a00:1450:4025:1803::125

🇫🇷 207.180.199.91

🇩🇪 202.61.233.72

🇦🇪 151.253.89.13

🇷🇴 141.98.83.240

🇰🇷 121.132.27.238

🇨🇳 114.249.210.198

🇨🇳 111.225.149.51

🇫🇷 85.217.140.24

🇮🇩 43.157.224.34

🇳🇱 34.141.241.125

🇩🇪 31.76.44.51