JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.34.251.247

149.34.251.247 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 77%: ?

77%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-34-251-247.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.34.251.247

Whois 149.34.251.247

IP Abuse Reports for 149.34.251.247:

This IP address has been reported a total of 27 times from 16 distinct sources. 149.34.251.247 was first reported on April 25th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-17 22:27:00 (14 hours ago)		Web Spam
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-17 08:28:29 (1 day ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇦🇺 oncord	2026-06-17 03:38:37 (1 day ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-06-16 23:06:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:06:15.773247 2026] [security2:error] [pid 11671:tid 11671] [client 149.34.251.247:44972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.qxoticdivas.postermodelsworldwideinc.com"] [uri "/.env.development"] [unique_id "ajHW54dE6dWGCpLBaz4wGAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-06-16 09:28:55 (2 days ago)	Fail2Ban banned 149.34.251.247 for security violations in jail wp-armour. Log: 2026/06/16 09:28:54 [ ... show more Fail2Ban banned 149.34.251.247 for security violations in jail wp-armour. Log: 2026/06/16 09:28:54 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 149.34.251.247 \| Target: contactform7 \| URI: /wp-json/contact-form-7/v1/contact-forms/15583/feedback?_locale=user" , client: 149.34.251.247, server: [REDACTED], request: "POST /wp-json/contact-form-7/v1/contact-forms/15583/feedback?_locale=user HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://cnpuertocolon.com/contacto" ... show less	Web Spam
🇧🇷 KingHost	2026-06-16 02:26:33 (2 days ago)		Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 01:42:54 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:42:50.371690 2026] [security2:error] [pid 5317:tid 5317] [client 149.34.251.247:44482] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ilandman.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ilandman.com"] [uri "/one-api.db"] [unique_id "ajCqGvWsvLWb0g6jx20h-wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-06-15 19:42:45 (2 days ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-06-15 17:44:25 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:44:19.522359 2026] [security2:error] [pid 23289:tid 23309] [client 149.34.251.247:10208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardleeweatherman.com"] [uri "/.env.production"] [unique_id "ajA58yUhuiPsUjylIaAv_QAAAE0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:05:52 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 149.34.251.247 (unn-149-34-251-247.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:05:43.048197 2026] [security2:error] [pid 9084:tid 9084] [client 149.34.251.247:36942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.construction.bonefrog.com"] [uri "/.env.gemini.gpg"] [unique_id "ajAi10vW-zUMpGn7_7l0hAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-15 15:36:05 (2 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
Anonymous	2026-06-12 19:58:52 (5 days ago)	postfix	Email Spam Web App Attack
🇫🇷 Duggy_Tuxy🧱	2026-06-12 09:21:52 (6 days ago)	[HP02-SRV02-FR] Blocked by SysWarden Firewall (Traffic from Malicious Hoster (ASN))	Port Scan
🇹🇷 Threat.live	2026-06-08 10:55:03 (1 week ago)	Suspicious Connection Attempts	Brute-Force
🇨🇿 Honzas	2026-06-06 21:20:52 (1 week ago)	Brute Force SMTP AUTH Attack	Brute-Force

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.125.231.80

🇸🇬 114.119.143.207

🇺🇸 143.198.54.86

🇵🇱 83.168.95.29

🇧🇬 79.124.49.194

🇺🇸 74.7.243.48

🇺🇸 66.132.195.22

🇺🇸 66.132.186.132

🇳🇱 45.148.10.151

🇬🇧 35.203.211.127

🇮🇷 2.188.34.119

🇺🇸 216.25.89.75

🇸🇬 172.188.218.162

🇨🇳 59.110.239.11

🇮🇳 182.95.113.122

🇷🇺 178.178.194.136

🇺🇸 162.216.149.117

🇺🇸 142.248.80.196

🇨🇳 106.75.184.33

🇻🇳 103.173.154.45