JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.88.103.90

149.88.103.90 was found in our database!

This IP was reported 99 times. Confidence of Abuse is 27%: ?

27%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-88-103-90.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.88.103.90

Whois 149.88.103.90

IP Abuse Reports for 149.88.103.90:

This IP address has been reported a total of 99 times from 61 distinct sources. 149.88.103.90 was first reported on July 25th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 SentinalX by uzumaru	2026-05-29 06:43:49 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: icanhazip.com:443 show less	Open Proxy Port Scan
🇯🇵 SentinalX by uzumaru	2026-05-20 05:25:23 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: one.one.one.one:443 show less	Open Proxy Port Scan
🇱🇻 garmtech.com	2026-05-15 03:48:19 (3 weeks ago)	IM360 WAF: Laravel Apps Leaking Secrets exploit attempt MV:androxgh0st	Web App Attack
🇱🇻 garmtech.com	2026-05-15 03:48:14 (3 weeks ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇩🇪 MusicLibrary	2026-05-15 01:18:55 (3 weeks ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-14 23:25:42 (3 weeks ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 08:43:41 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 04:43:35.403152 2026] [security2:error] [pid 4930:tid 4930] [client 149.88.103.90:37861] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.photoservicesgroup.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.photoservicesgroup.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afxQt4_UwitdO6KHNRRP-AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 07:37:22 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 03:37:14.834978 2026] [security2:error] [pid 16564:tid 16575] [client 149.88.103.90:63391] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.philacentric.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.philacentric.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afxBKq5us2hWGW6enQpVHgAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 06:57:02 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 02:56:56.029118 2026] [security2:error] [pid 30432:tid 30432] [client 149.88.103.90:47701] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jimvassilakos.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jimvassilakos.com"] [uri "/guildsman/index.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afw3uBzbW7h96LqqxKVAvwAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 04:45:51 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 00:45:44.870640 2026] [security2:error] [pid 21973:tid 21981] [client 149.88.103.90:64727] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.biblewriter.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.biblewriter.com"] [uri "/CorbettReunion/default.htm/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwY-CfNokIAhoy4grVnHwAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 04:18:57 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 00:18:52.542268 2026] [security2:error] [pid 17817:tid 17817] [client 149.88.103.90:54553] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|backstore.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "backstore.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwSrPF8SZo0nVgpDQ7dLwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 04:02:20 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 00:02:16.545432 2026] [security2:error] [pid 17384:tid 17384] [client 149.88.103.90:47133] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kclawoffice.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kclawoffice.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwOyMbnU51E6VJhXJpmrAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 03:28:05 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 23:28:00.072670 2026] [security2:error] [pid 30760:tid 30760] [client 149.88.103.90:27403] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|stablechase.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stablechase.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwGwE_MDF2h0Etqh-NSuAAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 03:01:30 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 23:01:26.840937 2026] [security2:error] [pid 20892:tid 20892] [client 149.88.103.90:29453] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mitchellamazing.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mitchellamazing.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afwAhhpekNioUcim2lKXWAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 02:37:47 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com ... show more (mod_security) mod_security (id:210730) triggered by 149.88.103.90 (unn-149-88-103-90.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 22:37:40.694984 2026] [security2:error] [pid 12467:tid 12467] [client 149.88.103.90:21269] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.voodooshop.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.voodooshop.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "afv69DTrzTnJj9A_BYrS7gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 99 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 103.176.90.41

🇳🇱 192.144.89.118

🇵🇪 179.6.169.28

🇹🇼 175.182.37.66

🇺🇦 77.87.40.114

🇺🇸 76.79.213.70

🇳🇱 45.148.10.152

🇺🇸 32.195.164.191

🇫🇮 31.56.197.223

🇨🇳 14.216.252.73

🇭🇰 8.210.191.157

🇧🇷 177.22.171.114

🇺🇸 162.217.166.99

🇺🇸 129.153.90.200

🇩🇪 94.31.69.81

🇱🇹 81.30.98.62

🇫🇷 51.68.107.161

🇨🇳 8.130.74.15

🇲🇽 186.96.145.241

🇩🇪 139.19.117.197