AbuseIPDB » 144.217.135.146

144.217.135.146 was found in our database!

This IP was reported 85 times. Confidence of Abuse is 21%: ?

21%

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-144-217-135-146.dataproviderbot.com
Domain Name	dataprovider.com
Country	Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 144.217.135.146

Whois 144.217.135.146

IP Abuse Reports for 144.217.135.146:

This IP address has been reported a total of 85 times from 23 distinct sources. 144.217.135.146 was first reported on July 3rd 2021, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Progetto1	2025-01-17 06:36:01 (3 weeks ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
librebit	2025-01-14 10:24:07 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2025-01-14 05:27:52 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-01-05 10:48:34 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-01-04 21:05:33 (1 month ago)	(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovid ... show more(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovider.com)] from 144.217.135.146 (NL/The Netherlands/crawl-144-217-135-146.dataproviderbot.com): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 144.217.135.146 - - [04/Jan/2025:22:05:16 +0100] "GET / HTTP/1.1" 301 485 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 144.217.135.146 - - [04/Jan/2025:22:05:16 +0100] "GET / HTTP/1.1" 301 3444 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 144.217.135.146 - - [04/Jan/2025:22:05:21 +0100] "GET / HTTP/1.1" 200 396387 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 144.217.135.146 - - [04/Jan/2025:22:05:26 +0100] "GET /robots.txt HTTP/1.1" 200 913 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 144.217.135.146 - - [04/Jan/2025:22:05:27 +0100] "GET /sitemap.xml HTTP/1.1" 302 897 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" show less	Port Scan
Anonymous	2024-12-20 06:53:04 (1 month ago)	Excessive crawling/scraping	Hacking Brute-Force
Anonymous	2024-12-12 03:35:39 (1 month ago)	Excessive crawling/scraping	Hacking Brute-Force
Anonymous	2024-12-10 11:20:39 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
rtbh.com.tr	2024-12-02 20:53:02 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
TPI-Abuse	2024-12-01 22:37:36 (2 months ago)	(mod_security) mod_security (id:243420) triggered by 144.217.135.146 (crawl-144-217-135-146.dataprov ... show more(mod_security) mod_security (id:243420) triggered by 144.217.135.146 (crawl-144-217-135-146.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 17:37:29.899058 2024] [security2:error] [pid 29964:tid 29968] [client 144.217.135.146:35851] [client 144.217.135.146] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.crowns.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.crowns.org"] [uri "/Hope_Chest"] [unique_id "Z0zlKX7tLtnvRc2nO-B-5wAAAQI"] show less	Brute-Force Bad Web Bot Web App Attack
ghostwarriors	2024-12-01 09:20:05 (2 months ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
Anonymous	2024-11-23 20:48:10 (2 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
TPI-Abuse	2024-10-14 06:22:19 (3 months ago)	(mod_security) mod_security (id:243420) triggered by 144.217.135.146 (crawl-144-217-135-146.dataprov ... show more(mod_security) mod_security (id:243420) triggered by 144.217.135.146 (crawl-144-217-135-146.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 02:22:11.569066 2024] [security2:error] [pid 19208:tid 19208] [client 144.217.135.146:36267] [client 144.217.135.146] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.serviciodepinturadecasas.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.serviciodepinturadecasas.com"] [uri "/contacto"] [unique_id "Zwy4kzPm3JPID8aeyG8vOwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2024-10-05 18:19:14 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 144.217.135.146 (crawl-144-217-135-146.dataprov ... show more(mod_security) mod_security (id:210730) triggered by 144.217.135.146 (crawl-144-217-135-146.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 05 14:19:09.049012 2024] [security2:error] [pid 864:tid 875] [client 144.217.135.146:33661] [client 144.217.135.146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.oldcarz.com\|F\|2"] [data ".daewoo.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.oldcarz.com"] [uri "/www.daewoo.com"] [unique_id "ZwGDHcCbrQk4MKP_aMOkzAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
MAGIC	2024-07-26 12:01:46 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot