JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.88.20.210

149.88.20.210 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 11%: ?

11%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-88-20-210.datapacket.com
Domain Name	datacamp.co.uk
Country	🇵🇹 Portugal
City	Lisbon, Lisbon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.88.20.210

Whois 149.88.20.210

IP Abuse Reports for 149.88.20.210:

This IP address has been reported a total of 28 times from 19 distinct sources. 149.88.20.210 was first reported on February 20th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-17 09:57:47 (1 day ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
🇩🇪 FeG Deutschland	2026-04-28 08:17:26 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27	Exploited Host Web App Attack
🇵🇹 Information Security	2026-04-14 12:31:47 (2 months ago)	Web App Attack	Web App Attack
🇨🇭 backslash	2026-03-28 22:18:00 (2 months ago)	block ruleset 7B8FD6B12C4E12B6F0DAE02E53C0597FBEDDF5BC	Bad Web Bot
🇵🇱 get-money.pl	2026-03-28 13:46:00 (2 months ago)	Confirmed source of repeated and high-risk malicious activity targeting web applications. Observed b ... show more Confirmed source of repeated and high-risk malicious activity targeting web applications. Observed behavior includes high-volume automated requests, multiple confirmed SQL injection attempts, and targeted exploitation of application endpoints. The activity triggered repeated critical Fail2Ban detections (Category: SQL injection / intrusion) and demonstrates clear hostile intent. Due to persistence and severity, the IP address has been permanently blocked at firewall and WAF level and classified as malicious. show less	Brute-Force Exploited Host Web App Attack SSH Hacking SQL Injection
🇩🇪 FeG Deutschland	2026-03-28 12:22:24 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇧🇪 cmbplf	2026-03-23 17:29:55 (2 months ago)	120 requests with url.path .sql.tar 110 requests with url.path .sql.gz	Brute-Force Bad Web Bot
🇺🇸 fortypoundhead	2026-03-12 05:52:19 (3 months ago)	Banned IP Address	Hacking Web App Attack
🇯🇵 HeliJP	2026-03-11 21:45:39 (3 months ago)	2026-03-11T21:21:13Z - Recognized attacks\bad behavior from IP address 149.88.20.210 on port 443\80 ... show more 2026-03-11T21:21:13Z - Recognized attacks\bad behavior from IP address 149.88.20.210 on port 443\80 (4 daily hits): SQL Injection Attack: Common Injection Testing Detected, Detects classic SQL injection probings 1/3, Request Missing an Accept Header show less	Hacking SQL Injection
🇩🇪 FeG Deutschland	2026-03-02 17:43:16 (3 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 fortypoundhead	2026-03-01 08:54:31 (3 months ago)	Banned IP Address	Hacking Web App Attack
Anonymous	2026-02-28 20:15:03 (3 months ago)	Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-28 20:12:02 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 149.88.20.210 (unn-149-88-20-210.datapacket.com ... show more (mod_security) mod_security (id:225170) triggered by 149.88.20.210 (unn-149-88-20-210.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 15:11:57.785325 2026] [security2:error] [pid 3539:tid 3539] [client 149.88.20.210:55649] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|luxandunion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "luxandunion.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaNMDeBLySeYzGOilgkROwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 vaia.cloud	2026-02-28 19:49:01 (3 months ago)	trying wp-login.php/xmlrpc.php 67 times in 1 minutes	Brute-Force Web App Attack
🇺🇸 mnsf	2026-02-28 19:05:36 (3 months ago)	Login Too Frequent (7)	Brute-Force Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 148.153.32.9

🇨🇳 101.206.211.72

🇺🇸 45.63.4.69

🇬🇧 35.203.211.95

🇹🇼 198.235.24.68

🇪🇬 102.191.163.208

🇱🇹 85.206.120.213

🇷🇺 82.162.56.186

🇫🇷 51.159.149.103

🇳🇱 45.86.200.11

🇺🇸 34.24.124.163

🇧🇷 2.57.171.13

🇨🇳 220.248.173.137

🇨🇴 186.115.63.10

🇩🇪 178.104.39.131

🇹🇭 165.154.120.226

🇺🇸 162.216.149.152

🇪🇸 149.91.97.132

🇨🇳 110.53.234.158

🇱🇹 81.30.98.62