JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.56.160.171

149.56.160.171 was found in our database!

This IP was reported 106 times. Confidence of Abuse is 12%: ?

12%

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-149-56-160-171.dataproviderbot.com
Domain Name	dataprovider.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.56.160.171

Whois 149.56.160.171

IP Abuse Reports for 149.56.160.171:

This IP address has been reported a total of 106 times from 34 distinct sources. 149.56.160.171 was first reported on August 24th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 10:05:43 (2 days ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.171 (crawl-149-56-160-171.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.171 (crawl-149-56-160-171.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:05:36.293929 2026] [security2:error] [pid 19468:tid 19468] [client 149.56.160.171:60577] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.mywheatgrass.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.mywheatgrass.com"] [uri "/wheatgrass-nutrient-analysis.shtml"] [unique_id "aiaT8DkUEsm6GxuWIljkggAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 19:04:58 (3 weeks ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.171 (crawl-149-56-160-171.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.171 (crawl-149-56-160-171.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 15:04:53.219157 2026] [security2:error] [pid 6803:tid 6803] [client 149.56.160.171:34023] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.perthdps.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.perthdps.com"] [uri "/default.html"] [unique_id "agy0VUxMBNki6A8A7Y3l-AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 webgobe	2026-05-09 04:16:03 (1 month ago)	wew-(rsform) : try to access forms...	Hacking
🇩🇪 Didier Lagaert	2026-04-10 13:15:29 (2 months ago)	lie-88 : Bloc AI bots=>/(Dataprovider)	Hacking
🇺🇸 TPI-Abuse	2026-04-08 02:24:55 (2 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.171 (crawl-149-56-160-171.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.171 (crawl-149-56-160-171.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 22:24:48.673929 2026] [security2:error] [pid 2700728:tid 2700728] [client 149.56.160.171:55655] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.firstlovedevotions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.firstlovedevotions.com"] [uri "/Patrick_McIntyre.html"] [unique_id "adW8cBV0Fj-PhY4FbNsA3gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-07 19:47:29 (2 months ago)	Triggered by FP Score: 4 (UA missing any known browser brand or engine; navigator.webdriver=true (au ... show more Triggered by FP Score: 4 (UA missing any known browser brand or engine; navigator.webdriver=true (automation); High automation but good network reputation - reduced penalty; Some Sec-CH-UA headers missing for non-in-app browser; UA: Mozilla/5.0 (compatible; Dataprovider.com)) / Scraper: Score: 3.7 (Avg Interval: 2.33s, Repetition: 50%, UA Score: 0.3, Confidence: high (100%) [Fingerprint Analysis (High Risk)]) / reCAPTCHA challenge timed out show less	Bad Web Bot
🇪🇸 librebit	2026-04-03 06:43:34 (2 months ago)	Brute force	Brute-Force
🇩🇪 Skyrider	2026-03-03 01:52:20 (3 months ago)	149.56.160.171 - - [03/Mar/2026:02:52:06 +0100] "GET /faq/ HTTP/2.0" 403 12173 "-" "Mozilla/5.0 (com ... show more 149.56.160.171 - - [03/Mar/2026:02:52:06 +0100] "GET /faq/ HTTP/2.0" 403 12173 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.171 - - [03/Mar/2026:02:52:18 +0100] "GET /ads.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.171 - - [03/Mar/2026:02:52:18 +0100] "GET /security.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.171 - - [03/Mar/2026:02:52:19 +0100] "GET /.well-known/security.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.171 - - [03/Mar/2026:02:52:19 +0100] "GET /llms.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" show less	Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-02-21 01:06:32 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-01-02 02:01:52 (5 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇱🇹 juozaspo	2025-12-17 00:43:57 (5 months ago)	Automatic Report: Too much requests to non-existing pages in a very short time, auto-banned	Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2025-12-02 12:05:18 (6 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-10-16 20:38:18 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 149.56.160.171 (crawl-149-56-160-171.dataprovid ... show more (mod_security) mod_security (id:210730) triggered by 149.56.160.171 (crawl-149-56-160-171.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 16:38:10.335785 2025] [security2:error] [pid 11098:tid 11098] [client 149.56.160.171:36539] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.qualityelevatorcabs.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.qualityelevatorcabs.com"] [uri "/[email protected]"] [unique_id "aPFXsgmX0GUr_B9aIjFQHQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2025-10-11 07:35:08 (7 months ago)	149.56.160.171 - - [11/Oct/2025:08:34:58 +0100] "GET /llms.txt HTTP/1.0" 404 73124 "-" "Mozilla/5.0 ... show more 149.56.160.171 - - [11/Oct/2025:08:34:58 +0100] "GET /llms.txt HTTP/1.0" 404 73124 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.171 - - [11/Oct/2025:08:34:59 +0100] "GET /humans.txt HTTP/1.0" 404 73124 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.171 - - [11/Oct/2025:08:35:00 +0100] "GET /ads.txt HTTP/1.0" 404 73124 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" ... show less	Hacking Web App Attack
Anonymous	2025-09-30 23:41:00 (8 months ago)	Unauthorized connection attempt	Brute-Force

Showing 1 to 15 of 106 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.221.38.226

🇺🇸 206.223.228.197

🇳🇱 195.178.110.30

🇺🇸 172.245.232.237

🇺🇸 170.106.167.214

🇺🇸 162.216.149.61

🇺🇸 147.185.132.31

🇧🇷 131.161.225.12

🇩🇪 46.101.135.25

🇳🇱 204.76.203.219

🇺🇸 192.210.203.201

🇧🇷 177.61.137.26

🇦🇪 145.241.123.102

🇨🇳 113.249.108.138

🇱🇹 82.135.242.146

🇷🇺 46.160.165.239

🇳🇱 45.142.193.8

🇯🇵 43.165.174.224

🇺🇸 40.76.238.183

🇨🇱 34.176.37.61