JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.22.91.77

149.22.91.77 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	DataCamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-149-22-91-77.datapacket.com
Domain Name	datacamp.co.uk
Country	🇮🇹 Italy
City	Palermo, Sicily

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.22.91.77

Whois 149.22.91.77

IP Abuse Reports for 149.22.91.77:

This IP address has been reported a total of 18 times from 16 distinct sources. 149.22.91.77 was first reported on October 1st 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-04-30 05:24:05 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 MPL	2026-03-16 05:02:16 (2 months ago)	tcp/80 (2 or more attempts)	Port Scan
Anonymous	2026-03-14 16:50:19 (2 months ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇳🇱 Savvii	2026-03-08 16:28:32 (3 months ago)	20 attempts against mh-misbehave-ban on solar	Brute-Force Bad Web Bot Web App Attack
🇳🇱 EGP Abuse Dept	2026-03-08 16:27:43 (3 months ago)	Scanning for web/db/file exploits on www.arnoldeyeworks.nl	SQL Injection Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-03-08 16:27:33 (3 months ago)	Modsecurity: probe or injection attempt	SQL Injection Web App Attack
Anonymous	2026-03-05 06:50:09 (3 months ago)	149.22.91.77 - - [05/Mar/2026:06:50:08 +0000] "GET /bothole/stinkwell.php?t=%27nvOpzp;%20AND%201=1%2 ... show more 149.22.91.77 - - [05/Mar/2026:06:50:08 +0000] "GET /bothole/stinkwell.php?t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), HTTP/1.1" 307 709 "https://www.atari-forum.com/viewtopic.php?t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO))," "-" ... show less	SQL Injection
Anonymous	2026-02-28 18:55:39 (3 months ago)	149.22.91.77 - - [28/Feb/2026:18:55:38 +0000] "GET /bothole/stinkwell.php?t=%27nvOpzp;%20AND%201=1%2 ... show more 149.22.91.77 - - [28/Feb/2026:18:55:38 +0000] "GET /bothole/stinkwell.php?t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), HTTP/1.1" 307 709 "https://www.atari-forum.com/viewtopic.php?t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO))," "-" ... show less	SQL Injection
🇪🇸 el-brujo	2026-02-27 02:59:16 (3 months ago)	Cloudflare WAF: Request Path: /whois.html Request Query: ?domain=ukimmigrationattorneymassachusetts. ... show more Cloudflare WAF: Request Path: /whois.html Request Query: ?domain=ukimmigrationattorneymassachusetts.us%2C%28SELECT%2F%2A%2A%2FUPPER%28XMLType%28CHR%2860%29%7C%7CCHR%2858%29%7C%7C%27~%27%7C%7C%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%281609%3D1609%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FELSE%2F%2A%2A%2F0%2F%2A%2A%2FEND%29%2F%2A%2A%2FFROM%2F%2A%2A%2FDUAL%29%7C%7C%27~%27%7C%7CCHR%2862%29%29%29%2F%2A%2A%2FFROM%2F%2A%2A%2FDUAL%29%23 Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: log Source: firewallManaged ASN Description: CDNEXT Country: IT Method: GET Timestamp: 2026-02-27T02:59:16Z ruleId: 63e03eecddfc4b3fb0cad587d32b798c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇳🇱 Mangelot Hosting	2026-02-25 09:05:38 (3 months ago)	(modsecurity) srv102 ModSecurity 149.22.91.77 (IT/Italy/unn-149-22-91-77.datapacket.com): 10 in the ... show more (modsecurity) srv102 ModSecurity 149.22.91.77 (IT/Italy/unn-149-22-91-77.datapacket.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-25 07:47:00 (3 months ago)	(mod_security) mod_security (id:218580) triggered by 149.22.91.77 (unn-149-22-91-77.datapacket.com): ... show more (mod_security) mod_security (id:218580) triggered by 149.22.91.77 (unn-149-22-91-77.datapacket.com): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 02:46:57.019250 2026] [security2:error] [pid 25774:tid 25794] [client 149.22.91.77:54400] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:edition_id. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|coloradomountaineer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "coloradomountaineer.com"] [uri "/"] [unique_id "aZ6o8V1T6h-tTNRXVXYKYQAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 magefix	2026-02-14 10:03:00 (3 months ago)		Web Spam
Anonymous	2026-02-08 15:18:31 (4 months ago)	[08/Feb/2026:15:18:21 +0000] - 406 406 - GET https secnews.physaphae.fr "/index.php?Page=175&Tag=Mal ... show more [08/Feb/2026:15:18:21 +0000] - 406 406 - GET https secnews.physaphae.fr "/index.php?Page=175&Tag=Malware%25%21%28EXTRA%2F%2A%2A%2Fstring%3DAND%2F%2A%2A%2F6538%27%3D%276538%27%29%29%2C%2F%2A%2A%2Fstring%3DNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2C%28CHAR%2879%29%2BCHAR%2887%29%2BCHAR%2883%29%2BCHAR%2883%29%2B%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%288919%3D8919%29%2F%2A%2A%2FTHEN%2F%2A%2A%2FCHAR%2849%29%2F%2A%2A%2FELSE%2F%2A%2A%2FCHAR%2848%29%2F%2A%2A%2FEND%29%29%2BCHAR%2889%29%2BCHAR%2887%29%2BCHAR%28111%29%2BCHAR%28113%29%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2C%2F%2A%2A%2Fstring%3D%2C%2F%2A%2A%2Fstring%3D%2F%2A%2A%2FAND%2F%2A%2A%2F%28%28%276538%27%3D%276538%29" [Client 149.22.91.77] [Length 114207] [Gzip -] [Sent-to 192.168.1.192] "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537. ... show less	Web App Attack
🇵🇱 b4un0	2026-01-11 00:04:36 (4 months ago)	Auto-report from pfSense: Detected suspicious activity.	Brute-Force SSH
🇺🇸 xmission.com	2026-01-10 07:49:49 (4 months ago)	Blocked by UFW (TCP on 51413) Source port: 50879 TTL: 118 Packet length: 52 TOS: 0x00 This report ( ... show more Blocked by UFW (TCP on 51413) Source port: 50879 TTL: 118 Packet length: 52 TOS: 0x00 This report (for 149.22.91.77) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 175.107.3.111

🇸🇦 168.149.4.177

🇳🇬 165.154.11.202

🇨🇳 113.138.242.19

🇧🇩 103.153.66.91

🇫🇷 91.231.89.173

🇹🇭 47.81.39.232

🇺🇸 45.148.233.199

🇷🇴 2.57.121.25

🇭🇰 219.77.23.171

🇲🇾 195.86.192.66

🇬🇧 185.170.110.181

🇫🇮 170.168.175.140

🇳🇱 160.119.69.16

🇺🇸 138.113.23.170

🇳🇱 77.83.39.241

🇱🇹 62.60.130.59

🇺🇸 35.193.172.140

🇺🇸 20.124.84.235

🇧🇷 200.108.174.4