JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.80.120

149.22.80.120 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 26%: ?

26%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-80-120.datapacket.com
Domain Name	datacamp.co.uk
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.80.120

Whois 149.22.80.120

IP Abuse Reports for 149.22.80.120:

This IP address has been reported a total of 24 times from 23 distinct sources. 149.22.80.120 was first reported on August 5th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-06-15 00:03:50 (5 days ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -79.836 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -79.836 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.6 show less	Web App Attack Bad Web Bot
🇨🇦 polycoda	2026-06-14 12:36:08 (6 days ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇯🇵 demonsword	2026-06-12 10:55:21 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 104.21.24.250:443 show less	Open Proxy Port Scan
🇺🇸 xmission.com	2026-05-28 23:28:05 (3 weeks ago)	Blocked by UFW (TCP on 80) Source port: 57451 TTL: 54 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 57451 TTL: 54 Packet length: 60 TOS: 0x08 This report (for 149.22.80.120) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇮🇩 xveil	2026-04-05 04:03:16 (2 months ago)	2026-04-05T11:03:14.068814 mail-honeypot postfix/submission/smtpd[21727]: warning: unknown[149.22.80 ... show more 2026-04-05T11:03:14.068814 mail-honeypot postfix/submission/smtpd[21727]: warning: unknown[149.22.80.120]: SASL LOGIN authentication failed: authentication failure ... show less	Brute-Force
🇳🇱 Roderic	2026-03-15 03:13:35 (3 months ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted])	Bad Web Bot
🇮🇹 VHosting	2026-02-18 22:48:08 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 SiliSoftware	2025-12-07 18:06:10 (6 months ago)	/phpBB3/feed.php	Web App Attack
🇳🇱 exxos	2025-09-24 15:05:55 (8 months ago)	Attacks with Bad user agents	Hacking
🇩🇪 pressler.pro	2025-09-22 11:18:08 (8 months ago)	Fail2ban - DDoS attack on woocommerce shop ...	DDoS Attack
🇺🇸 LARL-Stompro-2024	2025-08-19 05:03:17 (10 months ago)	Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1	Bad Web Bot
🇨🇦 wil.com	2025-08-04 12:58:16 (10 months ago)	GlobalProtect login attempts with user mraymond.	VPN IP Brute-Force
🇪🇸 Global Cyber Police	2025-07-27 16:55:26 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack
🇩🇪 NetworkOperationsTeam	2025-06-26 19:21:10 (11 months ago)	SMS Bombing. Trying to authenticate. API Abuse rate limit exceeded	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-06-13 16:02:57 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 149.22.80.120 (unn-149-22-80-120.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 149.22.80.120 (unn-149-22-80-120.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 13 12:02:51.325555 2025] [security2:error] [pid 1504339:tid 1504339] [client 149.22.80.120:40001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.correeo.gisur.com"] [uri "/.env"] [unique_id "aExLq5RTt8SICPq3gx8CLwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.83.114.88

🇮🇩 210.79.191.76

🇧🇩 202.84.34.85

🇰🇷 58.229.253.119

🇺🇸 34.162.236.157

🇺🇸 34.162.203.239

🇹🇼 211.22.222.251

🇺🇸 207.90.244.13

🇺🇸 184.154.76.34

🇺🇸 165.154.163.207

🇮🇷 130.185.72.228

🇩🇪 130.12.182.140

🇹🇷 87.232.127.53

🇵🇹 85.240.193.104

🇧🇬 79.124.59.78

🇺🇸 47.251.96.9

🇺🇸 35.223.170.51

🇺🇸 34.182.84.11

🇺🇸 34.168.26.251

🇳🇱 34.158.180.103