JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.102.246.9

149.102.246.9 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 100%: ?

100%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-102-246-9.datapacket.com
Domain Name	datacamp.co.uk
Country	🇬🇷 Greece
City	Athens, Attica

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.102.246.9

Whois 149.102.246.9

IP Abuse Reports for 149.102.246.9:

This IP address has been reported a total of 89 times from 53 distinct sources. 149.102.246.9 was first reported on November 29th 2023, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 paulshipley.com.au	2026-06-07 05:54:21 (13 hours ago)	[Sun Jun 07 15:54:20.366634 2026] [security2:error] [pid 879562] [client 149.102.246.9:55654] [clien ... show more [Sun Jun 07 15:54:20.366634 2026] [security2:error] [pid 879562] [client 149.102.246.9:55654] [client 149.102.246.9] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "support.paulshipley.com.au"] [uri "/.env"] [unique_id "aiUHjFNXY1v_gbRCU-BHUAAAADc"], referer: http://support.paulshipley.com.au/.env ... show less	Web App Attack
🇨🇭 4server	2026-06-07 04:17:56 (15 hours ago)	[SunJun0706:17:49.9949232026][security2:error][pid1334541:tid1335044][client149.102.246.9:0]ModSecur ... show more [SunJun0706:17:49.9949232026][security2:error][pid1334541:tid1335044][client149.102.246.9:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"mail.4server.ch\"][uri\"/.env\"][unique_id\"aiTw7ajGjj_XmML8nlE-dAAAAJE\"] show less	Hacking Web App Attack
🇧🇷 dominioz	2026-06-07 01:09:17 (18 hours ago)	2026-06-07 01:08:33 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 473 2026-06-07 01:08:33 G ... show more 2026-06-07 01:08:33 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 473 2026-06-07 01:08:33 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 481 2026-06-07 01:08:33 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 481 ... show less	Web App Attack
🇦🇺 2000cn.com.au	2026-06-07 00:52:28 (18 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇦🇺 paulshipley.com.au	2026-06-07 00:31:22 (18 hours ago)	[Sun Jun 07 10:31:21.004090 2026] [security2:error] [pid 848142] [client 149.102.246.9:55775] [clien ... show more [Sun Jun 07 10:31:21.004090 2026] [security2:error] [pid 848142] [client 149.102.246.9:55775] [client 149.102.246.9] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "shop.levellapromotions.com.au"] [uri "/.env"] [unique_id "aiS72S4OGxoKY0vQHoT8ZQAAAA0"], referer: http://shop.levellapromotions.com.au/.env ... show less	Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-07 00:27:16 (18 hours ago)	Blocked by CSF 13 firewall - Rule: config-dotfile US/United States/unn-149-102-246-9.datapacket.com	Web App Attack
🇧🇾 lns.bz	2026-06-06 23:56:02 (19 hours ago)	.env scanning [BY]	Web App Attack
🇧🇷 dominioz	2026-06-06 22:32:17 (20 hours ago)	2026-06-06 22:32:11 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 459 2026-06-06 22:32:12 G ... show more 2026-06-06 22:32:11 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 459 2026-06-06 22:32:12 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 467 2026-06-06 22:32:11 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 465 2026-06-06 22:32:12 GET /.env - - 149.102.246.9 HTTP/1.1 Mozilla/5.0 - 301 473 ... show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-06 22:01:38 (21 hours ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-06 17:53:09 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 149.102.246.9 (unn-149-102-246-9.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 149.102.246.9 (unn-149-102-246-9.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 13:53:02.259565 2026] [security2:error] [pid 7757:tid 7757] [client 149.102.246.9:58529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.toppress.ca"] [uri "/.env"] [unique_id "aiRefmy6tphAP_dkeht70gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-06-06 17:52:56 (1 day ago)	Accessed trap at '/.env'	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-06 17:17:57 (1 day ago)	[Sun Jun 07 03:17:57.162601 2026] [security2:error] [pid 809211] [client 149.102.246.9:60537] [clien ... show more [Sun Jun 07 03:17:57.162601 2026] [security2:error] [pid 809211] [client 149.102.246.9:60537] [client 149.102.246.9] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.id.au"] [uri "/.env"] [unique_id "aiRWRQKN7GHY__I26MljAAAAAAQ"], referer: http://www.paulshipley.id.au/.env ... show less	Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-06 14:19:03 (1 day ago)	GET /.env HTTP/1.1	Web App Attack
Anonymous	2026-06-06 09:35:55 (1 day ago)	149.102.246.9 - - [06/Jun/2026:09:35:54 +0000] "GET /.env HTTP/1.1" 302 421 "-" "Mozilla/5.0" ...	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-06 08:36:21 (1 day ago)	149.102.246.9 - - [06/Jun/2026:11:36:21 +0300] "GET /.env HTTP/1.1" 404 706 "-" "Mozilla/5.0" ...	Web App Attack

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.46.235.162

🇦🇪 217.165.36.195

🇧🇼 168.167.228.123

🇧🇷 167.249.94.156

🇨🇳 113.44.119.80

🇺🇸 2604:a880:400:d1:0:4:8bed:f001

🇺🇸 172.191.178.196

🇭🇰 159.138.44.51

🇮🇳 145.79.211.14

🇬🇧 141.98.252.184

🇨🇳 113.118.224.102

🇻🇳 112.78.4.53

🇳🇱 91.210.64.116

🇺🇸 66.132.172.102

🇩🇪 43.228.157.14

🇨🇳 14.103.124.188

🇧🇷 200.189.28.81

🇬🇧 195.206.182.208

🇦🇷 186.158.220.220

🇮🇳 182.76.86.130