JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.87.50

149.22.87.50 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 22%: ?

22%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-87-50.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.87.50

Whois 149.22.87.50

IP Abuse Reports for 149.22.87.50:

This IP address has been reported a total of 32 times from 19 distinct sources. 149.22.87.50 was first reported on October 4th 2024, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇾 armandosaucedo.me	2026-06-25 17:49:05 (14 hours ago)	Threat Intelligence via ARMTI, Web Attack: GET /vendor/phpunit/phpunit/phpunit.xsd	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 22:42:52 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:42:47.714508 2026] [security2:error] [pid 1804:tid 1804] [client 149.22.87.50:60043] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|karyaenigma.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "karyaenigma.com"] [uri "/trabye-frames.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajxdZ5-ds0vU3CwKHk0M5wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 05:39:50 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:39:44.991893 2026] [security2:error] [pid 17336:tid 17336] [client 149.22.87.50:44581] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pointandshootfilm.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pointandshootfilm.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajttoIqBeJsQs2hoaWUPswAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 01:59:46 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:59:41.337544 2026] [security2:error] [pid 10321:tid 10329] [client 149.22.87.50:23815] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.geoception.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.geoception.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajs6DSA3y2SrO4300bwhqQAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 01:38:25 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:38:20.529285 2026] [security2:error] [pid 22222:tid 22222] [client 149.22.87.50:21507] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mitchellamazing.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mitchellamazing.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajs1DL0k7ntSavkCAbC7YgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 01:01:08 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:01:04.237797 2026] [security2:error] [pid 23708:tid 23708] [client 149.22.87.50:33585] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|konahawaii.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "konahawaii.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajssUDOcuZmA0lgUJKVo7QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 00:19:07 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 20:19:03.958484 2026] [security2:error] [pid 2805:tid 2805] [client 149.22.87.50:31681] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.ixd.net\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ixd.net"] [uri "/portfolio/projectables/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajsid2DekgvIqZmze6pUmwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 07:19:12 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:19:09.493864 2026] [security2:error] [pid 11000:tid 11000] [client 149.22.87.50:36455] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bigfootofmaine.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bigfootofmaine.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajD47YkcAR49Q9PxqSnXlwAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 02:56:04 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-22 15:50:15 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 149.22.87.50 (unn-149-22-87-50.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 11:50:11.492635 2026] [security2:error] [pid 14709:tid 14709] [client 149.22.87.50:55167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "earlyeditionbooks.com"] [uri "/wp-config.php"] [unique_id "aejuM-SSmT2MalN1A6HDYQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-04-10 03:18:00 (2 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2026-03-16 23:04:59 (3 months ago)	Web attack	Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-25 06:07:29 (4 months ago)	recidive - IP: 149.22.87.50 - 2026-02-25 04:13:21,483 fail2ban.actions [245081]: NOTICE [plesk-word ... show more recidive - IP: 149.22.87.50 - 2026-02-25 04:13:21,483 fail2ban.actions [245081]: NOTICE [plesk-wordpress] Ban 149.22.87.50 2026-02-25 05:38:12,557 fail2ban.actions [245081]: NOTICE [plesk-wordpress] Ban 149.22.87.50 2026-02-25 07:07:29,051 fail2ban.actions [245081]: NOTICE [plesk-wordpress] Ban 149.22.87.50 show less	Web App Attack
🇸🇬 pusathosting.com	2026-02-25 05:45:03 (4 months ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-02-25 02:35:37 (4 months ago)	2.485 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.24.210.143

🇺🇸 167.99.148.102

🇺🇸 162.144.88.94

🇺🇸 145.132.100.74

🇩🇪 94.130.136.126

🇮🇱 80.179.17.52

🇺🇸 74.125.75.84

🇵🇰 72.255.19.174

🇹🇼 61.219.232.138

🇺🇸 50.62.22.47

🇺🇸 44.77.191.254

🇺🇸 3.91.190.152

🇷🇴 2.57.121.25

🇷🇺 155.212.17.174

🇷🇺 95.188.91.101

🇫🇷 94.183.188.148

🇩🇪 44.144.230.128

🇰🇷 221.151.84.6

🇨🇱 200.126.105.149

🇨🇳 117.158.103.72