JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.87.56

149.22.87.56 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 34%: ?

34%

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-87-56.datapacket.com
Domain Name	datacamp.co.uk
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.87.56

Whois 149.22.87.56

IP Abuse Reports for 149.22.87.56:

This IP address has been reported a total of 23 times from 19 distinct sources. 149.22.87.56 was first reported on December 5th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 jasperedv.de	2026-06-14 15:25:35 (3 hours ago)	Apache Login - Brutforcing	Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-06-14 09:14:49 (9 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 20:22:39 (22 hours ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:22:35.019682 2026] [security2:error] [pid 3343:tid 3343] [client 149.22.87.56:60803] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.wavecomputers.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.wavecomputers.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "ai28CxI3bWi363bPNZAnHgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 08:04:59 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 04:04:53.227789 2026] [security2:error] [pid 15226:tid 15226] [client 149.22.87.56:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|webfrog.ws\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "webfrog.ws"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aiKDJUyXagz4jnUQh4JBlQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 00:58:10 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): ... show more (mod_security) mod_security (id:210730) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 20:58:07.285579 2026] [security2:error] [pid 4523:tid 4523] [client 149.22.87.56:56137] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|stbms.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stbms.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aiIfH4peqeIUDdZXvFefwAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 SentinalX by uzumaru	2026-06-01 07:26:28 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: cloudflare.com:443 show less	Open Proxy Port Scan
🇱🇻 garmtech.com	2026-05-11 14:39:57 (1 month ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇮🇩 David Koswari	2026-04-22 05:13:00 (1 month ago)	REQ_BLOCKED_SECURITY	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇺🇸 TPI-Abuse	2026-04-16 13:44:46 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): ... show more (mod_security) mod_security (id:210492) triggered by 149.22.87.56 (unn-149-22-87-56.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 09:44:42.891931 2026] [security2:error] [pid 1207668:tid 1207668] [client 149.22.87.56:52261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perverseconsequences.org"] [uri "/wp-config.php"] [unique_id "aeDnykqDhSLPQRAmv498mQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-25 08:30:56 (3 months ago)	recidive - IP: 149.22.87.56 - 2026-02-25 04:10:11,603 fail2ban.actions [245081]: NOTICE [plesk-word ... show more recidive - IP: 149.22.87.56 - 2026-02-25 04:10:11,603 fail2ban.actions [245081]: NOTICE [plesk-wordpress] Ban 149.22.87.56 2026-02-25 08:31:59,394 fail2ban.actions [245081]: NOTICE [plesk-wordpress] Ban 149.22.87.56 2026-02-25 09:30:55,575 fail2ban.actions [245081]: NOTICE [plesk-wordpress] Ban 149.22.87.56 show less	Web App Attack
Anonymous	2026-02-25 05:37:52 (3 months ago)	Excessive request and web scraping	Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-02-24 23:28:45 (3 months ago)	1.519 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇮🇹 VHosting	2026-02-24 22:00:08 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇬🇧 stom	2025-06-16 05:49:29 (11 months ago)	2025-06-16T05:49:26.135211ls2.tom2.co.uk postfix/smtpd[18538]: warning: unknown[149.22.87.56]: SASL ... show more 2025-06-16T05:49:26.135211ls2.tom2.co.uk postfix/smtpd[18538]: warning: unknown[149.22.87.56]: SASL LOGIN authentication failed: authentication failure ... show less	Email Spam Brute-Force
🇺🇸 hostseries	2025-04-04 21:59:54 (1 year ago)	Brute-force cPanel Services	Brute-Force

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 176.62.84.105

🇵🇰 153.117.34.151

🇹🇼 128.14.239.38

🇨🇳 112.10.138.69

🇮🇩 103.93.162.220

🇱🇹 84.15.176.13

🇺🇸 66.132.186.135

🇫🇷 51.68.34.131

🇭🇰 46.8.78.131

🇩🇪 45.135.141.12

🇺🇸 20.65.193.189

🇧🇬 5.188.206.46

🇨🇳 219.128.75.174

🇺🇸 208.84.100.145

🇳🇱 170.168.30.148

🇨🇳 117.179.171.100

🇬🇵 37.8.161.48

🇬🇧 35.203.211.191

🇬🇧 5.226.140.83

🇰🇷 1.212.225.99