JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.56.150.145

149.56.150.145 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 10%: ?

10%

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-149-56-150-145.dataproviderbot.com
Domain Name	dataprovider.com
Country	🇨🇦 Canada
City	Beauharnois, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.56.150.145

Whois 149.56.150.145

IP Abuse Reports for 149.56.150.145:

This IP address has been reported a total of 95 times from 36 distinct sources. 149.56.150.145 was first reported on August 30th 2021, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇾 armandosaucedo.me	2026-06-24 07:26:07 (4 days ago)	Threat Intelligence via ARMTI, Web Attack: GET /sitemap.xml	Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 11:15:13 (1 month ago)	(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 07:15:05.710218 2026] [security2:error] [pid 26060:tid 26060] [client 149.56.150.145:45551] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.lakewoodranchhairsalon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.lakewoodranchhairsalon.com"] [uri "/team.php"] [unique_id "aghRuc0m77R1eKeTT1f-YQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-30 18:24:05 (4 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 13:24:02.205049 2026] [security2:error] [pid 10775:tid 10775] [client 149.56.150.145:48971] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.captainquirks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.captainquirks.com"] [uri "/contact/contact.php"] [unique_id "aXz3Qur1taWIUHQBZBFZ0wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-01-26 02:35:06 (5 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-14 15:47:44 (5 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 10:47:39.356679 2026] [security2:error] [pid 10586:tid 10586] [client 149.56.150.145:34253] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.fatlandtheplay.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fatlandtheplay.com"] [uri "/guestbook.htm"] [unique_id "aWe6m9w3Qq3ESWthY11_igAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 AvonleaConsulting	2026-01-01 20:57:04 (5 months ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
Anonymous	2025-12-30 14:12:23 (5 months ago)	(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovid ... show more (apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovider.com)] from 149.56.150.145 (NL/The Netherlands/crawl-149-56-150-145.dataproviderbot.com): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 149.56.150.145 - - [30/Dec/2025:15:12:01 +0100] "GET / HTTP/1.1" 301 535 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [30/Dec/2025:15:12:02 +0100] "GET / HTTP/1.1" 200 442584 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [30/Dec/2025:15:12:08 +0100] "GET /robots.txt HTTP/1.1" 200 929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [30/Dec/2025:15:12:11 +0100] "GET /sitemap.xml HTTP/1.1" 200 2721 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [30/Dec/2025:15:12:15 +0100] "GET / HTTP/1.1" 200 439348 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" show less	Port Scan
🇺🇸 TPI-Abuse	2025-12-29 07:30:19 (5 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 02:30:15.292233 2025] [security2:error] [pid 25504:tid 25504] [client 149.56.150.145:45249] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.sangalgano.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.sangalgano.info"] [uri "/privacy_utilizzo_cookie_it.html"] [unique_id "aVIuB-fj0HmF0Inio4LnTQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-28 18:20:13 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇳🇱 i-turnradio.nl	2025-12-07 08:51:52 (6 months ago)	2025-12-07 @ 09:51:52 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
Anonymous	2025-11-24 19:35:43 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 Rocky Mountain Bioengineering Symposium	2025-11-20 13:24:20 (7 months ago)	[Thu Nov 20 06:24:20.105545 2025] [authz_core:error] [pid 1436165:tid 140332821902912] [client 149.5 ... show more [Thu Nov 20 06:24:20.105545 2025] [authz_core:error] [pid 1436165:tid 140332821902912] [client 149.56.150.145:48641] AH01630: client denied by server configuration: /var/www/public_html/symposium/ [Thu Nov 20 06:24:20.108709 2025] [authz_core:error] [pid 1436165:tid 140332821902912] [client 149.56.150.145:48641] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html [Thu Nov 20 06:24:20.339512 2025] [authz_core:error] [pid 1436165:tid 140333920712256] [client 149.56.150.145:47621] AH01630: client denied by server configuration: /var/www/public_html/symposium/ ... show less	Bad Web Bot
Anonymous	2025-09-04 11:14:28 (9 months ago)	149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compa ... show more 149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compatible; Dataprovider.com)" ... show less	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2025-08-27 22:25:56 (10 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/149.56.150.145 2025-08 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/149.56.150.145 2025-08-27 01:14:37 /bg-button.png 2025-08-27 01:14:36 /asf-logo-wide.svg 2025-08-27 01:14:37 /bg-upper.png 2025-08-27 01:14:37 /bg-middle.png show less	Web App Attack
Anonymous	2025-08-11 10:37:55 (10 months ago)	(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovid ... show more (apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovider.com)] from 149.56.150.145 (NL/The Netherlands/crawl-149-56-150-145.dataproviderbot.com): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 149.56.150.145 - - [11/Aug/2025:12:37:26 +0200] "GET / HTTP/1.1" 301 350 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [11/Aug/2025:12:37:29 +0200] "GET / HTTP/1.1" 200 413708 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [11/Aug/2025:12:37:34 +0200] "GET /robots.txt HTTP/1.1" 200 929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [11/Aug/2025:12:37:43 +0200] "GET / HTTP/1.1" 200 411149 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.145 - - [11/Aug/2025:12:37:48 +0200] "GET /sitemap.xml HTTP/1.1" 302 922 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" show less	Port Scan

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.230

🇧🇷 191.5.31.61

🇳🇱 185.226.197.9

🇺🇸 178.156.203.2

🇨🇦 172.69.214.194

🇨🇳 122.115.224.56

🇺🇸 104.244.124.135

🇳🇱 45.142.193.164

🇹🇼 35.221.190.136

🇺🇸 152.32.235.160

🇺🇸 152.32.234.39

🇺🇸 138.197.24.249

🇸🇬 128.199.118.234

🇺🇸 109.105.210.52

🇰🇷 43.155.140.157

🇯🇵 35.200.50.195

🇭🇰 154.198.162.75

🇨🇳 119.53.253.2

🇨🇳 111.26.6.111

🇺🇸 104.22.101.10