JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.90.99.124

45.90.99.124 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 93%: ?

93%

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58087
Hostname(s)	124.99.90.45.in-addr.arpa
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.90.99.124

Whois 45.90.99.124

IP Abuse Reports for 45.90.99.124:

This IP address has been reported a total of 48 times from 39 distinct sources. 45.90.99.124 was first reported on February 9th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-28 03:31:59 (14 hours ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇬🇧 consul.to	2026-06-28 01:36:43 (16 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 00:53:01 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.90.99.124 (124.99.90.45.in-addr.arpa): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 45.90.99.124 (124.99.90.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 20:52:56.187977 2026] [security2:error] [pid 10901:tid 10901] [client 45.90.99.124:43606] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.i4software.com"] [uri "/.env.production"] [unique_id "akBwaK4HRnepyoN56-bM5wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-27 23:22:21 (18 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
Anonymous	2026-06-27 23:06:21 (19 hours ago)	(caddyscan) Scanner path probe from 45.90.99.124 (DE/Germany/124.99.90.45.in-addr.arpa): 5 in the la ... show more (caddyscan) Scanner path probe from 45.90.99.124 (DE/Germany/124.99.90.45.in-addr.arpa): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 0 45.90.99.124 - - [27/Jun/2026:23:06:19 +0000] "HEAD /.git/HEAD HTTP/1.1" [REDACTED] 200 0 45.90.99.124 - - [27/Jun/2026:23:06:19 +0000] "HEAD /wp-config.php HTTP/1.1" [REDACTED] 200 0 45.90.99.124 - - [27/Jun/2026:23:06:19 +0000] "HEAD /.aws/credentials HTTP/1.1" [REDACTED] 200 0 45.90.99.124 - - [27/Jun/2026:23:06:19 +0000] "HEAD /.git/config HTTP/1.1" [REDACTED] 200 0 45.90.99.124 - - [27/Jun/2026:23:06:19 +0000] "HEAD /.env HTTP/1.1" show less	Port Scan
Anonymous	2026-06-27 17:30:04 (1 day ago)	Bot / scanning and/or hacking attempts: HEAD /.env.sample HTTP/1.1, HEAD /.docker/config.json HTTP/1 ... show more Bot / scanning and/or hacking attempts: HEAD /.env.sample HTTP/1.1, HEAD /.docker/config.json HTTP/1.1, HEAD /.env.bak HTTP/1.1, HEAD /.pypirc HTTP/1.1, HEAD /.continue/config.json HTTP/1.1, HEAD /secrets.yaml HTTP/1.1, HEAD /config.yml HTTP/1.1, HEAD /.env.save HTTP/1.1, HEAD /.dev.vars HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 Lee Daniel	2026-06-27 16:42:33 (1 day ago)	45.90.99.124 - - [27/Jun/2026:12:42:32 -0400] "HEAD /.env HTTP/1.1" 403 5455 "https://www.google.com ... show more 45.90.99.124 - - [27/Jun/2026:12:42:32 -0400] "HEAD /.env HTTP/1.1" 403 5455 "https://www.google.com/search?q=stoutescar.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0" ... show less	DDoS Attack Web Spam Email Spam Port Scan Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 05:22:18 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
🇮🇳 dineshskt4all	2026-06-27 00:44:45 (1 day ago)	[Sat Jun 27 00:44:42.315798 2026] [proxy_fcgi:error] [pid 196829:tid 138342742079168] [client 45.90. ... show more [Sat Jun 27 00:44:42.315798 2026] [proxy_fcgi:error] [pid 196829:tid 138342742079168] [client 45.90.99.124:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇫🇷 dynamix	2026-06-27 00:22:38 (1 day ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-06-27 00:06:09 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Matthew Ping	2026-06-27 00:01:06 (1 day ago)	ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-26 22:53:32 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 45.90.99.124 (124.99.90.45.in-addr.arpa): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 45.90.99.124 (124.99.90.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:53:24.918137 2026] [security2:error] [pid 14883:tid 14883] [client 45.90.99.124:54412] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cae2.larryyang.net\|F\|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cae2.larryyang.net"] [uri "/.env.backup"] [unique_id "aj8C5PZ_TxFlEVgqEYvN9AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 22:30:22 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 45.90.99.124 (124.99.90.45.in-addr.arpa): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 45.90.99.124 (124.99.90.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:30:16.503897 2026] [security2:error] [pid 24248:tid 24248] [client 45.90.99.124:36432] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrgutierrezshow.com"] [uri "/.env.production"] [unique_id "aj79eEY7Kcs0nIcqDCEYfwAAAAc"], referer: https://www.google.com/search?q=mrgutierrezshow.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 19:35:10 (1 day ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 174.35.25.178

🇨🇳 61.136.246.87

🇺🇸 47.251.250.101

🇰🇷 211.186.79.173

🇺🇸 172.253.9.209

🇸🇨 45.194.67.26

🇲🇽 38.58.38.25

🇨🇳 27.16.195.28

🇺🇸 2a09:bac5:9447:4e6::7d:4f

🇮🇳 209.38.120.71

🇳🇱 185.223.235.2

🇺🇿 185.213.229.41

🇫🇮 172.253.83.215

🇰🇷 125.244.114.221

🇯🇵 72.63.213.206

🇰🇷 61.43.121.132

🇭🇰 47.243.201.196

🇳🇱 45.148.10.151

🇺🇸 20.39.62.227

🇺🇸 205.210.31.111