JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.87.48

149.22.87.48 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 54%: ?

54%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-87-48.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.87.48

Whois 149.22.87.48

IP Abuse Reports for 149.22.87.48:

This IP address has been reported a total of 68 times from 44 distinct sources. 149.22.87.48 was first reported on September 11th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 04:41:09 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:41:05.877331 2026] [security2:error] [pid 20798:tid 20798] [client 149.22.87.48:34385] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|intelligencer.us\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "intelligencer.us"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akCl4dxEVwgF9ypnSw0JpQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 18:18:01 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:17:53.970015 2026] [security2:error] [pid 28629:tid 28629] [client 149.22.87.48:32851] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.laboquimia.es\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.laboquimia.es"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAT0djjgqZ-m8N4niyTzAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:08:41 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:08:37.660289 2026] [security2:error] [pid 5032:tid 5032] [client 149.22.87.48:31269] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.method1.net\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.method1.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8-tQdUE9rFS4CXg0EffQAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:43:39 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:43:34.981542 2026] [security2:error] [pid 21341:tid 21341] [client 149.22.87.48:35753] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ketsuri.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ketsuri.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8qxugpAMGcXazpq3HIlwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:26:24 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:26:21.376698 2026] [security2:error] [pid 15503:tid 15503] [client 149.22.87.48:38597] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|verenacastle.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "verenacastle.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8mvUuzHY_X1LheJG_W9gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 00:14:39 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:14:34.599687 2026] [security2:error] [pid 18309:tid 18331] [client 149.22.87.48:39307] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.biblewriter.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.biblewriter.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8V6r4glw8qWy5ZZK4NWwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 Reaper	2026-06-24 22:10:55 (4 days ago)	GET /vendor/phpunit/phpunit/phpunit.xsd	Web App Attack
🇩🇪 abuse-detection	2026-06-24 22:00:22 (4 days ago)	Web security detection (http-sensitive-probe); path=/vendor/phpunit/phpunit/phpunit.xsd; status=404	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 18:50:54 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 14:50:51.083408 2026] [security2:error] [pid 28841:tid 28841] [client 149.22.87.48:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ard.global\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ard.global"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajwnC1EcrZNlIy66-O9R0wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-06-24 16:40:33 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /vendor/phpunit/phpunit/phpunit.xsd UA: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 YF	2026-06-24 08:05:23 (5 days ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 05:13:30 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:13:24.986984 2026] [security2:error] [pid 28182:tid 28182] [client 149.22.87.48:25269] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|novavistafoundation.org\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "novavistafoundation.org"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtndGLNAaJsph830BdM4wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 03:13:43 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:13:36.972388 2026] [security2:error] [pid 28222:tid 28222] [client 149.22.87.48:57091] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|justinrudd.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "justinrudd.com"] [uri "/pageants/index.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtLYPbmrWLe8P9vRpmIeQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 02:48:35 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:48:30.639518 2026] [security2:error] [pid 12414:tid 12414] [client 149.22.87.48:60817] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ichoosethelight.org\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ichoosethelight.org"] [uri "/isawthat.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtFfoLzmocz-XQVCvQanQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 00:51:53 (5 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.48 (unn-149-22-87-48.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 20:51:47.094502 2026] [security2:error] [pid 17360:tid 17360] [client 149.22.87.48:64093] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.voodooshop.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.voodooshop.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajsqIyOu-AdHy4XztJIUcgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.75.237.200

🇺🇸 45.79.114.248

🇨🇳 180.76.173.228

🇦🇫 149.54.62.62

🇦🇺 139.216.6.17

🇭🇰 139.198.113.29

🇸🇪 104.23.223.59

🇺🇸 95.164.158.138

🇺🇸 95.164.158.106

🇺🇸 95.164.158.55

🇺🇸 95.164.158.33

🇨🇳 82.156.116.86

🇮🇱 80.230.58.141

🇰🇷 61.111.18.137

🇮🇳 49.47.140.95

🇨🇳 47.98.170.47

🇺🇸 20.163.14.51

🇮🇳 223.235.103.74

🇰🇷 220.80.223.144

🇺🇸 216.218.206.110