JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.88.103.81

149.88.103.81 was found in our database!

This IP was reported 82 times. Confidence of Abuse is 41%: ?

41%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-88-103-81.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.88.103.81

Whois 149.88.103.81

IP Abuse Reports for 149.88.103.81:

This IP address has been reported a total of 82 times from 50 distinct sources. 149.88.103.81 was first reported on October 8th 2024, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-06-18 19:18:30 (17 hours ago)	Try to access /vendor/phpunit/phpunit/phpunit.xsd	Web App Attack
🇪🇸 librebit	2026-06-17 03:25:17 (2 days ago)	Brute force	Brute-Force
Anonymous	2026-06-17 00:41:33 (2 days ago)	[Firewall Canary] Temporary ban due to firewall rule match [URI:/vendor/]	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 23:36:58 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:36:54.226756 2026] [security2:error] [pid 28269:tid 28269] [client 149.88.103.81:64081] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|floridausa.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "floridausa.com"] [uri "/8news/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajHeFhQsWYYsxkBGSM7XuQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 SentinalX by uzumaru	2026-05-26 03:22:46 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.ipify.org:443 show less	Open Proxy Port Scan
🇱🇻 garmtech.com	2026-05-15 06:57:05 (1 month ago)	IM360 WAF: Laravel Apps Leaking Secrets exploit attempt MV:androxgh0st	Web App Attack
🇩🇪 BlueWire Hosting	2026-05-15 02:16:24 (1 month ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-07 08:47:46 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 04:47:41.833558 2026] [security2:error] [pid 17089:tid 17112] [client 149.88.103.81:55497] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|coloradosellers.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "coloradosellers.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afxRrfe59DFGBrFtOqCMogAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 08:30:11 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 04:29:56.917576 2026] [security2:error] [pid 24353:tid 24353] [client 149.88.103.81:31397] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aseguratuauto.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aseguratuauto.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afxNhMibPNkR22grWUVf0QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 07:33:32 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 03:33:25.749066 2026] [security2:error] [pid 23158:tid 23158] [client 149.88.103.81:42043] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.domainexecs.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.domainexecs.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afxARVTNE_I-uK9CfZBt5wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 07:00:36 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 03:00:29.240796 2026] [security2:error] [pid 828:tid 828] [client 149.88.103.81:27231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|backstore.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "backstore.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afw4jcOhPUt88RGkngNivwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 06:07:25 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 02:07:20.781015 2026] [security2:error] [pid 26958:tid 26958] [client 149.88.103.81:63585] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mitchellamazing.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mitchellamazing.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwsGK3Cei3JlDZjwPqMpQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 05:17:21 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 01:17:18.208525 2026] [security2:error] [pid 25673:tid 25673] [client 149.88.103.81:41781] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|marshdcs.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "marshdcs.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwgXkn-RoT5oPPxB9ViJgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 05:01:14 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 01:01:09.898143 2026] [security2:error] [pid 23730:tid 23730] [client 149.88.103.81:25101] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|appalachianstomp.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "appalachianstomp.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwclfpVaqFa8Xu_vqvBGAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 03:51:31 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.81 (unn-149-88-103-81.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 23:51:27.103153 2026] [security2:error] [pid 8895:tid 8895] [client 149.88.103.81:52187] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|danzantesdehuesca.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "danzantesdehuesca.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwMPyND1C0JGe-F2pHs-QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 82 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.168.120.151

🇭🇰 199.45.154.151

🇺🇸 192.159.99.144

🇫🇮 178.20.210.208

🇮🇩 103.217.217.106

🇦🇿 94.20.234.161

🇯🇵 43.165.180.54

🇺🇸 15.204.239.99

🇨🇳 8.135.29.109

🇬🇧 2a03:b0c0:1:e0::c00:e001

🇨🇦 174.94.236.211

🇫🇮 147.185.133.89

🇺🇸 64.62.156.22

🇲🇾 47.250.162.17

🇳🇱 45.148.10.240

🇳🇱 45.148.10.152

🇺🇸 20.65.192.98

🇨🇳 14.103.115.213

🇨🇳 221.131.139.70

🇳🇱 185.93.89.167