JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.102.254.17

149.102.254.17 was found in our database!

This IP was reported 491 times. Confidence of Abuse is 36%: ?

36%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-102-254-17.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.102.254.17

Whois 149.102.254.17

IP Abuse Reports for 149.102.254.17:

This IP address has been reported a total of 491 times from 197 distinct sources. 149.102.254.17 was first reported on July 17th 2023, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-19 11:27:51 (12 hours ago)	Brute force	Brute-Force
🇧🇷 ICS Labs	2026-05-28 20:07:48 (3 weeks ago)	ICS Labs identified 149.102.254.17 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇫🇮 notelseit	2026-05-22 03:15:34 (4 weeks ago)	2026-05-22T05:15:18.299982+02:00 mail dovecot: imap-login: Disconnected: Connection closed (no auth ... show more 2026-05-22T05:15:18.299982+02:00 mail dovecot: imap-login: Disconnected: Connection closed (no auth attempts in 1 secs): user=<>, rip=149.102.254.17, lip=65.21.131.50, TLS: Connection closed, session=<lzA3cF9SOdiVZv4R> 2026-05-22T05:15:19.541565+02:00 mail dovecot: auth-worker(1963226): conn unix:auth-worker (pid=1959707,uid=110): auth-worker<14>: sql([email protected],149.102.254.17,<vR5KcF9SQNmVZv4R>): Password mismatch 2026-05-22T05:15:26.101099+02:00 mail dovecot: auth-worker(1963226): conn unix:auth-worker (pid=1959707,uid=110): auth-worker<15>: sql([email protected],149.102.254.17,<vR5KcF9SQNmVZv4R>): Password mismatch 2026-05-22T05:15:32.475931+02:00 mail dovecot: auth-worker(1963226): conn unix:auth-worker (pid=1959707,uid=110): auth-worker<16>: sql([email protected],149.102.254.17,<vR5KcF9SQNmVZv4R>): Password mismatch 2026-05-22T05:15:34.478426+02:00 mail dovecot: imap-login: Disconnected: Connection closed (auth failed, 3 attempts in 15 secs): user=<rdaless ... show less	Brute-Force Email Spam
🇺🇸 WeekendWeb	2026-05-15 01:20:01 (1 month ago)	Wordpress Vunerability attack	Web App Attack
🇬🇧 consul.to	2026-05-11 09:36:22 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇭🇺 szasa	2026-05-01 07:00:32 (1 month ago)	2026/05/01 09:00:26 [error] 702128#702128: 1135345 access forbidden by rule, client: 149.102.254.17 ... show more 2026/05/01 09:00:26 [error] 702128#702128: 1135345 access forbidden by rule, client: 149.102.254.17, server: datamentor.hu, request: "POST /wp-login.php HTTP/1.1", host: "datamentor.hu", referrer: "https://datamentor.hu/wp-login.php" 2026/05/01 09:00:27 [error] 702128#702128: 1135346 access forbidden by rule, client: 149.102.254.17, server: datamentor.hu, request: "POST /wp-login.php HTTP/1.1", host: "datamentor.hu", referrer: "https://datamentor.hu/wp-login.php" 2026/05/01 09:00:29 [error] 702128#702128: 1135347 access forbidden by rule, client: 149.102.254.17, server: datamentor.hu, request: "POST /wp-login.php HTTP/1.1", host: "datamentor.hu", referrer: "https://datamentor.hu/wp-login.php" 2026/05/01 09:00:31 [error] 702128#702128: *1135348 access forbidden by rule, client: 149.102.254.17, server: datamentor.hu, request: "POST /wp-login.php HTTP/1.1", host: "datamentor.hu", referrer: "https://datamentor.hu/wp-login.php" ... show less	Web App Attack
🇩🇪 4server	2026-04-30 22:02:19 (1 month ago)	[FriMay0100:02:15.9043962026][security2:error][pid3710738:tid3710751][client149.102.254.17:0]ModSecu ... show more [FriMay0100:02:15.9043962026][security2:error][pid3710738:tid3710751][client149.102.254.17:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"restaurantgandria.ch\"][uri\"/wp-login.php\"][unique_id\"afPRZ_AswC50bL3Y_JsAKgAAAMo\"]\,referer:https://restaurantgandria.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇲🇾 Rizzy	2026-04-30 21:31:53 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 BlueWire Hosting	2026-04-25 22:03:47 (1 month ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇫🇷 SpaceHost-Server	2026-04-24 22:33:51 (1 month ago)		Brute-Force Web App Attack
🇺🇸 graphics-muse.org	2026-04-24 16:02:29 (1 month ago)	Fri Apr 24 10:02:26.292104 2026149.102.254.17 - - [24/Apr/2026:10:02:23 -0600] "POST /wp-login.php H ... show more Fri Apr 24 10:02:26.292104 2026149.102.254.17 - - [24/Apr/2026:10:02:23 -0600] "POST /wp-login.php HTTP/1.1" 200 5571 Fri Apr 24 10:02:26.292104 2026149.102.254.17 - - [24/Apr/2026:10:02:23 -0600] "POST /wp-login.php HTTP/1.1" 200 9046 "https://piboxproject.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:118.0) Gecko/20100101 Firefox/118.0" Fri Apr 24 10:02:27.106238 2026149.102.254.17 - - [24/Apr/2026:10:02:27 -0600] "POST /wp-login.php HTTP/1.1" 200 4363 Fri Apr 24 10:02:27.106238 2026149.102.254.17 - - [24/Apr/2026:10:02:27 -0600] "POST /wp-login.php HTTP/1.1" 200 7573 "https://piboxproject.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" Fri Apr 24 10:02:27.106238 2026149.102.254.17 - - [24/Apr/2026:10:02:28 -0600] "POST /wp-login.php HTTP/1.1" 200 4363 Fri Apr 24 10:02:27.106238 2026149.102.254.17 - - [24/Apr/2026:10:02:28 -0600] "POST /wp-login.php HTTP/1.1" 200 7572 "https://piboxproject.com/wp-login.php" " ... show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-04-24 11:33:34 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇷 SpaceHost-Server	2026-04-23 22:27:29 (1 month ago)		Brute-Force Web App Attack
🇮🇹 VHosting	2026-04-22 04:15:03 (1 month ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇭 backslash	2026-04-22 04:03:04 (1 month ago)	block ruleset 6A1105329D233F6F53B9B61CE056BD4DAAE75AB4	Web Spam

Showing 1 to 15 of 491 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 194.5.82.99

🇪🇨 191.99.34.75

🇺🇸 162.216.149.127

🇫🇮 147.185.133.198

🇫🇷 91.231.89.150

🇺🇸 18.234.82.246

🇧🇷 200.241.65.251

🇩🇪 142.251.20.139

🇮🇩 103.154.77.48

🇳🇱 80.82.77.139

🇻🇪 38.61.198.90

🇮🇷 31.130.179.156

🇺🇸 174.175.75.53

🇺🇸 162.216.149.105

🇰🇷 118.194.249.72

🇳🇱 91.92.40.231

🇧🇬 78.128.112.30

🇺🇸 32.196.175.27

🇮🇳 209.38.120.71

🇧🇷 201.131.182.0