JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.50.220.133

149.50.220.133 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 29%: ?

29%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-50-220-133.datapacket.com
Domain Name	datacamp.co.uk
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.50.220.133

Whois 149.50.220.133

IP Abuse Reports for 149.50.220.133:

This IP address has been reported a total of 38 times from 29 distinct sources. 149.50.220.133 was first reported on August 1st 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-05-10 18:03:12 (1 month ago)	[SunMay1020:03:07.2624052026][security2:error][pid565809:tid565920][client149.50.220.133:0]ModSecuri ... show more [SunMay1020:03:07.2624052026][security2:error][pid565809:tid565920][client149.50.220.133:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"behindthemoon.ch\"][uri\"/xmlrpc.php\"][unique_id\"agDIWz3wC4XA8i_ms-jZTgAAAJg\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 17:30:42 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.c ... show more (mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 13:30:37.989919 2026] [security2:error] [pid 31186:tid 31201] [client 149.50.220.133:50523] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|atlasrecordssearch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "atlasrecordssearch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agDAvbUPL0-lSfGxePrZXAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-05-10 06:52:03 (1 month ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 4server	2026-05-10 06:17:55 (1 month ago)	[SunMay1008:17:49.1755792026][security2:error][pid511686:tid511772][client149.50.220.133:0]ModSecuri ... show more [SunMay1008:17:49.1755792026][security2:error][pid511686:tid511772][client149.50.220.133:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"miotrentino.it\"][uri\"/xmlrpc.php\"][unique_id\"agAjDXVQmLjvVm5qWdnHkwAAAJc\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 23:00:38 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.c ... show more (mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 19:00:32.321394 2026] [security2:error] [pid 4766:tid 4769] [client 149.50.220.133:24494] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|frannykingsmith.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "frannykingsmith.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af-8kGDvN-s_F4HhoNXeYgAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 20:03:14 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.c ... show more (mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 16:03:10.280150 2026] [security2:error] [pid 16565:tid 16565] [client 149.50.220.133:28653] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|creationorevolution.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "creationorevolution.net"] [uri "/wp-json/wp/v2/users"] [unique_id "af-S_kvzqUbP3TAWMdT1bAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2026-05-09 17:59:00 (1 month ago)		Brute-Force Web App Attack
Anonymous	2026-05-09 17:57:32 (1 month ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 WellSpring	2026-05-09 15:46:41 (1 month ago)	xmlrpc exploit on 424.today/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 18:25:26 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.c ... show more (mod_security) mod_security (id:225170) triggered by 149.50.220.133 (unn-149-50-220-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 14:25:19.032706 2026] [security2:error] [pid 7702:tid 7702] [client 149.50.220.133:7944] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|americanexportimport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "americanexportimport.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af4qj5t0Sj-PuYkKmxRSdwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ipoac.nl	2026-05-08 17:43:22 (1 month ago)	-:443 149.50.220.133 - - [08/May/2026:19:43:21 +0200] - "POST /xmlrpc.php HTTP/1.1" 403 6406 "-" "Mo ... show more -:443 149.50.220.133 - - [08/May/2026:19:43:21 +0200] - "POST /xmlrpc.php HTTP/1.1" 403 6406 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.0.0 Safari/537.36" show less	Bad Web Bot
Anonymous	2026-05-08 00:27:43 (1 month ago)	149.50.220.133 - - [08/May/2026:02:27:43 +0200] "POST / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows ... show more 149.50.220.133 - - [08/May/2026:02:27:43 +0200] "POST / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/11.0.0.0 Safari/537.36" show less	Web App Attack
🇫🇷 dynamix	2026-05-07 16:47:33 (1 month ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 xmission.com	2026-03-06 09:27:28 (3 months ago)	Blocked by UFW (TCP on 58632) Source port: 8510 TTL: 114 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 58632) Source port: 8510 TTL: 114 Packet length: 52 TOS: 0x08 This report (for 149.50.220.133) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 Futunk	2025-10-08 08:08:07 (8 months ago)	Form spam (honeypot): POST /contact	Web Spam

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.156.128.5

🇧🇷 200.153.86.250

🇪🇨 177.234.209.102

🇺🇸 173.208.169.5

🇻🇳 125.212.235.194

🇺🇸 97.205.191.242

🇷🇺 85.239.63.12

🇳🇱 79.127.171.212

🇧🇷 45.205.1.73

🇺🇸 20.12.41.6

🇹🇼 1.170.227.140

🇩🇪 216.26.247.55

🇺🇸 209.85.216.71

🇺🇸 205.210.31.43

🇺🇦 195.137.202.110

🇲🇽 186.96.145.241

🇺🇸 172.56.68.70

🇧🇷 168.197.80.165

🇳🇱 144.31.72.50

🇧🇩 103.191.178.42