JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.87.27

149.22.87.27 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 31%: ?

31%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-87-27.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.87.27

Whois 149.22.87.27

IP Abuse Reports for 149.22.87.27:

This IP address has been reported a total of 58 times from 34 distinct sources. 149.22.87.27 was first reported on November 5th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 03:18:28 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:18:23.552439 2026] [security2:error] [pid 1624:tid 1624] [client 149.22.87.27:50439] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|emisoni.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "emisoni.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj9A__gDMs5FW_Bu_O04nwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 02:12:06 (4 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:11:59.051885 2026] [security2:error] [pid 18197:tid 18197] [client 149.22.87.27:20441] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lunarinfrastructure.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lunarinfrastructure.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8xb69msi7LVgllfT6VLgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:48:58 (5 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:48:51.524037 2026] [security2:error] [pid 18313:tid 18436] [client 149.22.87.27:50403] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.thetooheys.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.thetooheys.com"] [uri "/patzer/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8sAzuWpCZnsrQrGnthXQAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:31:15 (5 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:31:12.234040 2026] [security2:error] [pid 28055:tid 28055] [client 149.22.87.27:34493] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.wholesaleglassjars.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.wholesaleglassjars.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8n4EaMB7pLp8WzkDv9egAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 00:25:27 (6 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:25:21.344383 2026] [security2:error] [pid 8162:tid 8162] [client 149.22.87.27:65013] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.voodooshop.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.voodooshop.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8Ycc4bkCy6xFq7QjhxvAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 22:33:08 (8 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:33:02.231895 2026] [security2:error] [pid 16178:tid 16178] [client 149.22.87.27:50491] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.goglobex.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.goglobex.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj7-Hsk0-a9wwRU_S-ETCAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 rwgomes	2026-06-26 01:21:40 (1 day ago)	Automated report from Intelligence Finance Tools. IP probed malicious path: /vendor/phpunit/phpunit/ ... show more Automated report from Intelligence Finance Tools. IP probed malicious path: /vendor/phpunit/phpunit/phpunit.xsd. No such resource exists on this server. show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-24 22:35:03 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:35:00.179348 2026] [security2:error] [pid 30442:tid 30442] [client 149.22.87.27:33901] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.urlpick.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.urlpick.com"] [uri "/greenfriendly.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxblGyQgs3VzahMr0KU1wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 22:13:48 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:13:41.362877 2026] [security2:error] [pid 8399:tid 8399] [client 149.22.87.27:29427] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|frootloops.net\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "frootloops.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxWlRZRpvagA5oF5Db3_QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 21:40:10 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 17:40:07.604069 2026] [security2:error] [pid 6321:tid 6321] [client 149.22.87.27:62737] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|sagebrush.us\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sagebrush.us"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxOt-V_99QR5ykKtLroZgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 05:37:10 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:37:05.769657 2026] [security2:error] [pid 24442:tid 24442] [client 149.22.87.27:27101] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|eatcakecup.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eatcakecup.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajttASpgl6ezXlC1DXGzGAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 05:11:47 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:11:41.803285 2026] [security2:error] [pid 21278:tid 21278] [client 149.22.87.27:59415] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jmichaelpope.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jmichaelpope.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtnDRQ9BWkUX_kB4EweKAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 03:10:54 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:10:48.640322 2026] [security2:error] [pid 31309:tid 31309] [client 149.22.87.27:63193] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.exhaustthelimits.org\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.exhaustthelimits.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtKuHwH5-cb1v2_9TUOCwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 02:42:55 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:42:49.417086 2026] [security2:error] [pid 15310:tid 15368] [client 149.22.87.27:60145] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.driftwoodblue.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.driftwoodblue.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtEKSHJBCtkATXBGY54xQAAAcE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 02:20:45 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.27 (unn-149-22-87-27.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:20:38.373909 2026] [security2:error] [pid 18037:tid 18052] [client 149.22.87.27:29363] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.rubenluis.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.rubenluis.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajs-9olKlkEvkqrNjMH7HgAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 138.84.59.198

🇮🇳 116.193.134.183

🇲🇿 197.219.228.246

🇬🇧 195.206.182.198

🇺🇸 192.210.194.2

🇸🇪 185.189.44.153

🇮🇩 180.241.161.13

🇳🇱 176.65.139.114

🇺🇸 162.216.150.191

🇫🇷 85.217.140.29

🇺🇸 66.132.224.233

🇮🇳 64.227.160.35

🇩🇪 63.179.97.169

🇹🇷 37.202.48.229

🇧🇷 20.226.50.160

🇩🇪 3.79.19.212

🇰🇷 1.214.197.163

🇹🇷 178.251.41.125

🇵🇹 176.223.55.225

🇸🇬 161.118.226.130