JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.88.103.68

149.88.103.68 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 33%: ?

33%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-88-103-68.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.88.103.68

Whois 149.88.103.68

IP Abuse Reports for 149.88.103.68:

This IP address has been reported a total of 102 times from 70 distinct sources. 149.88.103.68 was first reported on June 18th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-06-18 19:27:54 (10 hours ago)	Try to access /vendor/phpunit/phpunit/phpunit.xsd	Web App Attack
🇩🇪 FeG Deutschland	2026-06-18 05:20:31 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇯🇵 demonsword	2026-05-29 12:07:13 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: ifconfig.me:443 show less	Open Proxy Port Scan
🇱🇻 garmtech.com	2026-05-15 07:42:08 (1 month ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇩🇪 Bedios GmbH	2026-05-14 17:56:58 (1 month ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-05-07 08:31:47 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 04:31:41.368248 2026] [security2:error] [pid 3098:tid 3098] [client 149.88.103.68:38939] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.grhall.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.grhall.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afxN7T3i53DbztjAsFNSGAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 07:01:06 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 03:01:02.358246 2026] [security2:error] [pid 24207:tid 24207] [client 149.88.103.68:52537] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.tttns.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tttns.com"] [uri "/about-jason/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afw4rjvfdpGzdunirHbjhwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 06:39:35 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 02:39:31.755765 2026] [security2:error] [pid 29211:tid 29211] [client 149.88.103.68:30009] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|wisecoautomotive.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wisecoautomotive.com"] [uri "/performance.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwzo4YQMNj3bSHc1qGqiAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 06:23:30 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 02:23:21.882962 2026] [security2:error] [pid 21394:tid 21394] [client 149.88.103.68:45121] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|wisdomwfm.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wisdomwfm.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwv2dtSA7-uiCLIwvTbSgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 05:36:30 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 01:36:26.757440 2026] [security2:error] [pid 27560:tid 27560] [client 149.88.103.68:30787] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|red-jacket.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "red-jacket.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwk2koBaB-t6mNPSA3dCgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 05:19:34 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 01:19:30.641907 2026] [security2:error] [pid 32061:tid 32061] [client 149.88.103.68:58173] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lisalehmann.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lisalehmann.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwg4h644qwsWdYl8_YqFgAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 04:45:11 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 00:45:08.193015 2026] [security2:error] [pid 22035:tid 22049] [client 149.88.103.68:40233] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.thetooheys.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.thetooheys.com"] [uri "/patzer/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwY1NzWpOYW0jZs4jiJQwAAAUs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 04:09:23 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 00:09:19.564410 2026] [security2:error] [pid 22643:tid 22643] [client 149.88.103.68:41773] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.rademeyer.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.rademeyer.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwQbyGH3v9eWi6eRRmUTQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-05-06 14:09:53 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /vendor/phpunit/phpunit/phpunit.xsd UA: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-05 11:40:06 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.68 (unn-149-88-103-68.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 07:39:59.655802 2026] [security2:error] [pid 28829:tid 28829] [client 149.88.103.68:22097] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|theradarshop.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "theradarshop.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afnXD81sUt-GrtuseQIFSQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2405:201:e018:302f:9ddb:eb79:a9b4:bc7e

🇺🇸 216.25.89.116

🇧🇪 34.156.68.202

🇨🇳 14.103.84.145

🇳🇱 213.177.179.61

🇨🇳 180.168.24.186

🇬🇧 172.64.192.149

🇰🇷 121.165.187.77

🇨🇳 120.55.92.37

🇮🇳 115.187.38.142

🇭🇰 103.30.40.129

🇬🇧 86.8.48.61

🇭🇰 74.125.179.146

🇺🇸 195.184.76.183

🇬🇧 172.69.224.148

🇮🇳 113.193.127.135

🇩🇪 69.5.169.238

🇮🇹 57.131.49.91

🇳🇱 45.148.10.157

🇩🇪 45.135.141.10