JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.88.20.6

149.88.20.6 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 44%: ?

44%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-88-20-6.datapacket.com
Domain Name	datacamp.co.uk
Country	🇵🇹 Portugal
City	Lisbon, Lisbon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.88.20.6

Whois 149.88.20.6

IP Abuse Reports for 149.88.20.6:

This IP address has been reported a total of 7 times from 6 distinct sources. 149.88.20.6 was first reported on June 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 boxed-it	2026-06-15 07:58:53 (1 day ago)	GET /.env (Tarpitted for 2m10s, wasted 7.73kB)	Web App Attack
🇺🇸 aks4226	2026-06-15 06:37:19 (1 day ago)	Bot search, attacking common web applications.	Web App Attack
🇧🇾 lns.bz	2026-06-15 05:05:54 (1 day ago)	.env scanning [BY]	Web App Attack
🇺🇸 MPL	2026-06-15 02:36:13 (1 day ago)	tcp ports: 443,80 (4 or more attempts)	Port Scan
🇧🇷 diego	2026-06-15 02:30:50 (1 day ago)	[probe-68-69] 2026-06-15 02:11:43, Client: 149.88.20.6, Protocol: 6, Unauthorized activity to HTTP: ... show more [probe-68-69] 2026-06-15 02:11:43, Client: 149.88.20.6, Protocol: 6, Unauthorized activity to HTTP: GET /.env show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:40:54 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 149.88.20.6 (unn-149-88-20-6.datapacket.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 149.88.20.6 (unn-149-88-20-6.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:40:50.276185 2026] [security2:error] [pid 31019:tid 31040] [client 149.88.20.6:49473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.124"] [uri "/.env"] [unique_id "ai9KErHkKShrBaxWMMY1-QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 23:49:15 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 149.88.20.6 (unn-149-88-20-6.datapacket.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 149.88.20.6 (unn-149-88-20-6.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:49:09.659307 2026] [security2:error] [pid 25928:tid 26022] [client 149.88.20.6:52538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.18"] [uri "/.env"] [unique_id "ai899bDSwgM5fCKMUU4ZgQAAAgE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 196.251.222.205

🇸🇬 185.111.159.216

🇫🇮 147.185.133.60

🇮🇩 223.25.100.42

🇸🇬 217.142.185.237

🇳🇱 204.76.203.213

🇨🇳 180.168.24.186

🇲🇳 180.149.125.174

🇮🇩 163.227.52.50

🇺🇸 162.216.150.125

🇺🇸 151.101.193.229

🇳🇱 142.250.180.3

🇻🇳 116.99.173.97

🇷🇺 95.83.65.254

🇫🇷 85.217.140.7

🇷🇺 62.182.50.183

🇨🇳 36.34.20.252

🇨🇳 27.128.185.198

🇫🇷 2a10:4646:190::aea5:c389

🇬🇧 195.206.182.196