JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.88.23.82

149.88.23.82 was found in our database!

This IP was reported 748 times. Confidence of Abuse is 76%: ?

76%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-88-23-82.datapacket.com
Domain Name	datacamp.co.uk
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.88.23.82

Whois 149.88.23.82

IP Abuse Reports for 149.88.23.82:

This IP address has been reported a total of 748 times from 185 distinct sources. 149.88.23.82 was first reported on June 28th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 HerrWolf	2026-06-07 10:30:05 (10 hours ago)	CrowdSec Detection: crowdsecurity/http-probing	Web App Attack
Anonymous	2026-06-07 10:01:45 (10 hours ago)	IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-probing; Action=ban; Events=12; Ho ... show more IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-probing; Action=ban; Events=12; Hosts=_; Paths=HELP,OPTIONS sip:nm SIP/2.0,\x00\x00\x00\xA4\xFFSMBr\x00\x00\x00\x00\x08\x01@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x06\x00\x00\x01\x00\x00\x81\x00\x02PC NETWORK PROGRAM 1.0\x00\x02MICROSOFT NETWORKS 1.03\x00\x02MICROSOFT NETWORKS 3.0\x00\x02LANMAN1.0\x00\x02LM1.2X002\x00\x02Samba\x00\x02NT LANMAN 1.0\x00\x02NT LM 0.12\x00,\x00\x00\x00qj\x81n0\x81k\xA1\x03\x02\x01\x05\xA2\x03\x02\x01,\x00\x00\x07\x00\x08\x00\x03\x00\x04\x00\x05\x00\x06,\x00\x1E\x00\x06\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x07version\x04bind\x00\x00\x10\x00\x03,\x16\x03\x00\x00S\x01\x00\x00O\x03\x00?G\xD7\xF7\xBA,\xEE\xEA\xB2`~\xF3\x00\xFD\x82{\xB9\xD5\x96\xC8w\x9B\xE6\xC4\xDB<=\xDBo\xEF\x10n\x00\x00(\x00\x16\x00\x13\x00,\x16\x03\x00\x00i\x01\x00\x00e\x03\x03U\x1C\xA7\xE4random1random2rand show less	Port Scan Web App Attack
🇫🇷 /dev/null	2026-05-27 02:07:09 (1 week ago)	Probing websites for vulnerabilities	Brute-Force Web App Attack
🇺🇸 mind5t0rm	2026-05-27 01:43:04 (1 week ago)	(WPLOGIN) WP Login Attack 149.88.23.82 (SG/Singapore/unn-149-88-23-82.datapacket.com): 3 in the last ... show more (WPLOGIN) WP Login Attack 149.88.23.82 (SG/Singapore/unn-149-88-23-82.datapacket.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 149.88.23.82 - - [27/May/2026:08:42:44 +0700] "GET /wp-login.php HTTP/2.0" 200 2485 "https://duckduckgo.com/" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 149.88.23.82 - - [27/May/2026:08:43:00 +0700] "POST /wp-login.php HTTP/2.0" 200 2632 "https://tma.travel/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 149.88.23.82 - - [27/May/2026:08:43:02 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Ftma.travel%2Fwp-admin%2Findex.php&reauth=1 HTTP/2.0" 200 2489 "https://tma.travel/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Port Scan
🇳🇱 Site.eu	2026-05-27 00:05:49 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 mind5t0rm	2026-05-26 21:43:27 (1 week ago)	(WPLOGIN) WP Login Attack 149.88.23.82 (SG/Singapore/unn-149-88-23-82.datapacket.com): 3 in the last ... show more (WPLOGIN) WP Login Attack 149.88.23.82 (SG/Singapore/unn-149-88-23-82.datapacket.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 149.88.23.82 - - [27/May/2026:04:43:05 +0700] "GET /wp-login.php HTTP/2.0" 200 2484 "https://www.bing.com/" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0" 149.88.23.82 - - [27/May/2026:04:43:20 +0700] "POST /wp-login.php HTTP/2.0" 200 2633 "https://tma.travel/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 149.88.23.82 - - [27/May/2026:04:43:23 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Ftma.travel%2Fwp-admin%2Findex.php&reauth=1 HTTP/2.0" 200 2488 "https://tma.travel/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Port Scan
🇺🇸 S.O.B.A. Dev.	2026-05-26 20:36:34 (1 week ago)	Threat Blocked by BeeHive from (ASN:212238) (Network:Datacamp Limited) (Host:soba.dev) (Method:GET) ... show more Threat Blocked by BeeHive from (ASN:212238) (Network:Datacamp Limited) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-05-26T20:36:34Z) show less	Brute-Force Web Spam Web App Attack
🇩🇪 LRob.fr	2026-05-26 19:30:03 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇨🇭 backslash	2026-05-26 18:27:00 (1 week ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇸🇪 vaia.cloud	2026-05-26 15:42:01 (1 week ago)	trying wp-login.php/xmlrpc.php 30 times in 1 minutes	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 09:39:11 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 149.88.23.82 (unn-149-88-23-82.datapacket.com): ... show more (mod_security) mod_security (id:225170) triggered by 149.88.23.82 (unn-149-88-23-82.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 05:39:06.976170 2026] [security2:error] [pid 29400:tid 29400] [client 149.88.23.82:53386] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|autowinder.tremulant.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "autowinder.tremulant.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahF1uosPgazUjIl-CzLQJgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 middelkoopcc	2026-05-23 09:30:05 (2 weeks ago)	2026-05-23 11:16:07 [client 149.88.23.82:48304] AH01071: Got error 'Primary script unknown', referer ... show more 2026-05-23 11:16:07 [client 149.88.23.82:48304] AH01071: Got error 'Primary script unknown', referer: <redacted> && 2026-05-23 11:16:08 [client 149.88.23.82:48304] AH01071: Got error 'Primary script unknown', referer: <redacted> && 2026-05-23 11:16:11 [client 149.88.23.82:48320] AH01071: Got error 'Primary script unknown', referer: <redacted> && 22 more within 20 minutes show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-05-18 05:49:22 (2 weeks ago)	(wordpress) Apache: Failed WordPress login from 149.88.23.82 (SG/Singapore/unn-149-88-23-82.datapack ... show more (wordpress) Apache: Failed WordPress login from 149.88.23.82 (SG/Singapore/unn-149-88-23-82.datapacket.com): 10 in the last 3600 secs (0-193) show less	Hacking
🇳🇱 middelkoopcc	2026-05-17 20:50:05 (2 weeks ago)	2026-05-17 22:44:19 WordPress login error from 149.88.23.82: invalid_username && 2026-05-17 22:44:32 ... show more 2026-05-17 22:44:19 WordPress login error from 149.88.23.82: invalid_username && 2026-05-17 22:44:32 WordPress login error from 149.88.23.82: invalid_username && 2026-05-17 22:44:45 WordPress login error from 149.88.23.82: invalid_username && 20 more within 20 minutes show less	Brute-Force
Anonymous	2026-05-13 12:39:32 (3 weeks ago)	[redacted] 149.88.23.82 - - [13/May/2026:14:39:23 +0200] "POST /wp-login.php HTTP/1.1" 503 7452 "htt ... show more [redacted] 149.88.23.82 - - [13/May/2026:14:39:23 +0200] "POST /wp-login.php HTTP/1.1" 503 7452 "https://ravenna-network.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" [redacted] 149.88.23.82 - - [13/May/2026:14:39:25 +0200] "POST /wp-login.php HTTP/1.1" 503 7226 "https://ravenna-network.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" [redacted] 149.88.23.82 - - [13/May/2026:14:39:26 +0200] "POST /wp-login.php HTTP/1.1" 503 7226 "https://ravenna-network.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:118.0) Gecko/20100101 Firefox/118.0" [redacted] 149.88.23.82 - - [13/May/2026:14:39:27 +0200] "POST /wp-login.php HTTP/1.1" 503 7227 "https://ravenna-network.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 ... show less	Hacking Web App Attack

Showing 1 to 15 of 748 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 172.69.176.170

🇬🇧 87.236.176.93

🇺🇸 20.65.194.92

🇺🇸 20.51.235.107

🇸🇬 212.73.148.1

🇲🇽 189.245.201.18

🇦🇷 186.148.224.183

🇨🇳 113.221.44.222

🇬🇧 89.37.172.144

🇳🇱 45.148.10.157

🇨🇦 20.48.248.185

🇨🇦 20.48.184.58

🇨🇦 138.197.174.121

🇨🇳 129.211.167.37

🇺🇸 107.150.105.116

🇨🇳 106.12.86.145

🇮🇷 93.118.112.68

🇨🇦 20.48.166.247

🇨🇳 220.182.22.136

🇰🇷 211.254.212.59