JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.56.150.245

149.56.150.245 was found in our database!

This IP was reported 93 times. Confidence of Abuse is 14%: ?

14%

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-149-56-150-245.dataproviderbot.com
Domain Name	dataprovider.com
Country	🇨🇦 Canada
City	Beauharnois, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.56.150.245

Whois 149.56.150.245

IP Abuse Reports for 149.56.150.245:

This IP address has been reported a total of 93 times from 29 distinct sources. 149.56.150.245 was first reported on March 27th 2022, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 mjmouse	2026-06-04 17:23:52 (12 hours ago)	Visited honeypot banned in robots.txt 149.56.150.245 darbybible.app - [04/Jun/2026:17:23:52 +0000] " ... show more Visited honeypot banned in robots.txt 149.56.150.245 darbybible.app - [04/Jun/2026:17:23:52 +0000] "GET /[honeypot]/?from=/Job/ HTTP/1.0" 403 158 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-16 00:11:43 (1 month ago)	(mod_security) mod_security (id:243420) triggered by 149.56.150.245 (crawl-149-56-150-245.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.245 (crawl-149-56-150-245.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 20:11:35.504074 2026] [security2:error] [pid 2108936:tid 2108936] [client 149.56.150.245:48479] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.billdavidow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.billdavidow.com"] [uri "/previous.html"] [unique_id "aeApN12U6QsemhuKkEeOqQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-04-13 00:20:09 (1 month ago)	Brute force	Brute-Force
🇬🇧 Mendip_Defender	2026-04-02 12:53:00 (2 months ago)	149.56.150.245 - - [02/Apr/2026:13:52:55 +0100] "GET /ads.txt HTTP/1.0" 404 49000 "-" "Mozilla/5.0 ( ... show more 149.56.150.245 - - [02/Apr/2026:13:52:55 +0100] "GET /ads.txt HTTP/1.0" 404 49000 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.245 - - [02/Apr/2026:13:52:56 +0100] "GET /security.txt HTTP/1.0" 404 49000 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.245 - - [02/Apr/2026:13:52:56 +0100] "GET /.well-known/security.txt HTTP/1.0" 404 49000 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-03-30 14:09:46 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 149.56.150.245 (crawl-149-56-150-245.dataprovid ... show more (mod_security) mod_security (id:210730) triggered by 149.56.150.245 (crawl-149-56-150-245.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 10:09:40.187181 2026] [security2:error] [pid 11109:tid 11109] [client 149.56.150.245:46505] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.keystroke.info\|F\|2"] [data ".php.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.keystroke.info"] [uri "/LocalSettings.php.backup"] [unique_id "acqEJFiNv1eeqSlnc8swpQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-03-25 05:28:58 (2 months ago)	Brute force	Brute-Force
🇬🇧 SilverZippo	2025-12-02 08:38:56 (6 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 23:02:13 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 149.56.150.245 (crawl-149-56-150-245.dataprovid ... show more (mod_security) mod_security (id:210730) triggered by 149.56.150.245 (crawl-149-56-150-245.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 18:02:07.185432 2025] [security2:error] [pid 6373:tid 6373] [client 149.56.150.245:35671] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.accordionstars.com\|F\|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com"] [uri "/www.accordionfactory.com"] [unique_id "aRUR78X2YJP8-7-sri7t5wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 nzhost.co.nz	2025-10-25 22:11:34 (7 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-20 15:13:08 (7 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.150.245 (crawl-149-56-150-245.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.245 (crawl-149-56-150-245.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 20 11:13:05.643443 2025] [security2:error] [pid 32677:tid 32677] [client 149.56.150.245:44387] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.gensou.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.gensou.net"] [uri "/contact.html"] [unique_id "aPZRgRI9Fu-83a9tVFKrlgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 huginet	2025-10-06 01:31:23 (7 months ago)	149.56.150.245 - - [06/Oct/2025:03:31:21 +0200] "GET /security.txt HTTP/1.1" 404 82687 "-" "Mozilla/ ... show more 149.56.150.245 - - [06/Oct/2025:03:31:21 +0200] "GET /security.txt HTTP/1.1" 404 82687 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.245 - - [06/Oct/2025:03:31:22 +0200] "GET /.well-known/security.txt HTTP/1.1" 404 82700 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" ... show less	DDoS Attack FTP Brute-Force Ping of Death Phishing Web Spam Blog Spam Spoofing Brute-Force Web App Attack SSH
🇨🇭 backslash	2025-08-19 18:35:07 (9 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇺🇸 TPI-Abuse	2025-08-12 22:35:42 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 149.56.150.245 (crawl-149-56-150-245.dataprovid ... show more (mod_security) mod_security (id:210730) triggered by 149.56.150.245 (crawl-149-56-150-245.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 12 18:35:37.630734 2025] [security2:error] [pid 20808:tid 20808] [client 149.56.150.245:58227] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.borzoi-pedigree.info\|F\|2"] [data ".webped.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.borzoi-pedigree.info"] [uri "/www.webped.com"] [unique_id "aJvBuTZ0D1_Efyd1q7CeNQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-29 09:28:51 (10 months ago)	Excessive crawling/scraping	Hacking Brute-Force
🇩🇪 iNetWorker	2025-07-13 18:30:18 (10 months ago)	trolling for resource vulnerabilities	Web App Attack

Showing 1 to 15 of 93 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.14

🇳🇬 152.32.143.189

🇳🇱 89.248.167.131

🇩🇪 87.106.171.85

🇩🇪 194.88.98.115

🇬🇧 193.32.209.228

🇬🇹 186.151.115.32

🇬🇧 185.247.137.163

🇮🇳 182.76.66.186

🇺🇸 98.86.106.124

🇸🇦 87.109.255.12

🇨🇭 85.5.148.125

🇳🇱 45.198.224.18

🇱🇾 38.50.1.109

🇬🇧 5.226.140.42

🇩🇪 2.27.20.28

🇵🇰 223.123.125.8

🇬🇧 188.240.59.8

🇺🇸 173.211.69.68

🇺🇸 165.154.163.107