JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.87.54

149.22.87.54 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 48%: ?

48%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-87-54.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.87.54

Whois 149.22.87.54

IP Abuse Reports for 149.22.87.54:

This IP address has been reported a total of 49 times from 26 distinct sources. 149.22.87.54 was first reported on October 12th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 SiliSoftware	2026-06-28 17:08:56 (2 days ago)	/vendor/phpunit/phpunit/phpunit.xsd	Web App Attack
🇧🇷 Francisco Carlos	2026-06-28 12:11:26 (2 days ago)	Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: recon. Sample: GET /vendor ... show more Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: recon. Sample: GET /vendor/phpunit/phpunit/phpunit.xsd show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 21:07:54 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:07:48.087596 2026] [security2:error] [pid 3957:tid 3957] [client 149.22.87.54:33899] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nue18.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nue18.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akA7pC7IaXNPa3tdxY4zhAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 20:04:52 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:04:46.325288 2026] [security2:error] [pid 25968:tid 25968] [client 149.22.87.54:65143] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ichoosethelight.org\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ichoosethelight.org"] [uri "/isawthat.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "akAs3pgVDwaJ0kR_uMP9owAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 15:25:58 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 11:25:55.745804 2026] [security2:error] [pid 31019:tid 31019] [client 149.22.87.54:22009] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.urlpick.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.urlpick.com"] [uri "/reusableconstructionmaterials.html/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj_rg_OAHgL0rqDQVz0S9wAAAD8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:24:07 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:24:02.620138 2026] [security2:error] [pid 17145:tid 17145] [client 149.22.87.54:40241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pknucklejones.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pknucklejones.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj9CUvmvXo5R3MeSeLDWJgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 02:21:03 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:20:56.292724 2026] [security2:error] [pid 14391:tid 14391] [client 149.22.87.54:32527] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.sawtoothstudios.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sawtoothstudios.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8ziEZaSl2AGG4HAMcg7wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:57:05 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:57:00.164591 2026] [security2:error] [pid 27979:tid 27998] [client 149.22.87.54:59341] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|killasgarage.bike\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "killasgarage.bike"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8t7DLscLP-J_K_WqHR-wAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 00:53:39 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:53:35.755920 2026] [security2:error] [pid 8276:tid 8276] [client 149.22.87.54:29961] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.mitchellart.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mitchellart.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8fD3yDYV5cn1greXTRpgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 00:28:47 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 20:28:42.506615 2026] [security2:error] [pid 5232:tid 5232] [client 149.22.87.54:56409] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.artbytracyjane.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.artbytracyjane.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8ZOvO4DDuVcIyyMlGOAQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 23:41:13 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:41:08.032588 2026] [security2:error] [pid 6824:tid 6824] [client 149.22.87.54:64039] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.thebeeplace.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.thebeeplace.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aj8OFCwnIeVXcJ_GI9Z4IwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 20:54:47 (4 days ago)	[Firewall Canary] Temporary ban due to firewall rule match [URI:/vendor/]	Bad Web Bot Web App Attack
Anonymous	2026-06-26 11:01:01 (4 days ago)	149.22.87.54 - - [26/Jun/2026:11:00:58 +0000] "GET /vendor/phpunit/phpunit/phpunit.xsd HTTP/2.0" 404 ... show more 149.22.87.54 - - [26/Jun/2026:11:00:58 +0000] "GET /vendor/phpunit/phpunit/phpunit.xsd HTTP/2.0" 404 122 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-24 12:24:49 (6 days ago)	[Firewall Canary] Temporary ban due to firewall rule match [URI:/vendor/]	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 05:46:01 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.54 (unn-149-22-87-54.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:45:57.542428 2026] [security2:error] [pid 16595:tid 16607] [client 149.22.87.54:56891] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.biblewriter.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.biblewriter.com"] [uri "/transform.htm/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ajtvFQYBEpM9volKDoat4gAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 152.32.197.159

🇸🇬 140.245.103.140

🇸🇬 136.110.36.80

🇸🇬 68.183.180.155

🇺🇸 68.98.227.226

🇭🇰 34.96.195.103

🇸🇬 34.87.4.79

🇮🇳 20.198.65.177

🇺🇸 8.229.129.14

🇨🇦 2600:1f11:961:1600:3f17:f9cf:a7a7:db4b

🇦🇲 212.73.75.82

🇹🇼 198.235.24.84

🇩🇪 138.68.70.45

🇦🇪 94.205.156.221

🇫🇷 92.205.210.56

🇧🇷 45.174.239.47

🇨🇳 39.171.42.206

🇵🇰 39.35.192.121

🇺🇸 34.169.91.89

🇮🇩 34.128.64.189