JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.56.160.191

149.56.160.191 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 18%: ?

18%

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-149-56-160-191.dataproviderbot.com
Domain Name	dataprovider.com
Country	🇨🇦 Canada
City	Beauharnois, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.56.160.191

Whois 149.56.160.191

IP Abuse Reports for 149.56.160.191:

This IP address has been reported a total of 92 times from 27 distinct sources. 149.56.160.191 was first reported on August 16th 2021, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 AvonleaConsulting	2026-06-05 11:18:49 (2 weeks ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇺🇸 lavnet.net	2026-05-24 07:36:39 (4 weeks ago)	[Sun May 24 07:36:39.083136 2026] [authz_core:error] [pid 1641669:tid 1641718] [client 149.56.160.19 ... show more [Sun May 24 07:36:39.083136 2026] [authz_core:error] [pid 1641669:tid 1641718] [client 149.56.160.191:54005] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php [Sun May 24 07:36:39.083454 2026] [authz_core:error] [pid 1641669:tid 1641718] [client 149.56.160.191:54005] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php [Sun May 24 07:36:39.477168 2026] [authz_core:error] [pid 1641669:tid 1641708] [client 149.56.160.191:36685] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-23 17:27:17 (4 weeks ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 13:27:14.452798 2026] [security2:error] [pid 22785:tid 22785] [client 149.56.160.191:59611] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.bordalo-es.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bordalo-es.com"] [uri "/index.html"] [unique_id "ahHjcpmAocD5IlA8bfDavgAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 gurnip	2026-04-07 12:50:17 (2 months ago)	Vulnerability probe of page /.well-known/security.txt, not found on server.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 13:45:48 (3 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 09:45:41.444010 2026] [security2:error] [pid 17345:tid 17345] [client 149.56.160.191:54515] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.radionicships.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.radionicships.com"] [uri "/review.shtml"] [unique_id "abAghS5-k1EY43hx4P9l-QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 20:42:52 (5 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 18 15:42:46.342839 2026] [security2:error] [pid 30458:tid 30458] [client 149.56.160.191:43657] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.crochetdoilies.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.crochetdoilies.com"] [uri "/index.html"] [unique_id "aW1FxlOCsgAMci7-ucTEZAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Didier Lagaert	2026-01-03 12:01:08 (5 months ago)	lie-88 : Bloc AI bots=>/consultations-psychanalytiques-gratuites(Dataprovider)	Hacking
Anonymous	2025-11-08 06:44:32 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-10-15 13:30:14 (8 months ago)	Excessive crawling/scraping	Hacking Brute-Force
Anonymous	2025-10-05 05:32:00 (8 months ago)	Unauthorized connection attempt	Brute-Force
🇫🇷 tr1n	2025-09-21 14:56:07 (9 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /_next/static/chunks/main-app-1eda2b9122ec5170.js UA: Mozilla/5.0 (compatible; Dataprovider.com) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-09-14 05:28:19 (9 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.191 (crawl-149-56-160-191.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 01:28:16.210578 2025] [security2:error] [pid 6344:tid 6344] [client 149.56.160.191:42307] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.sunnygolfvillas.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.sunnygolfvillas.com"] [uri "/location%20page.htm"] [unique_id "aMZScLz5CVgtwa1SzUM_OAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 mypatricks	2025-09-01 18:05:56 (9 months ago)	149.56.160.191 \| Port: 12990 \| DNS: crawl-149-56-160-191.dataproviderbot.com 2025-09-02T02:05:54+08: ... show more 149.56.160.191 \| Port: 12990 \| DNS: crawl-149-56-160-191.dataproviderbot.com 2025-09-02T02:05:54+08:00 America/Toronto \| Bad Behavior Activity \| UA: Mozilla/5.0 (compatible; Dataprovider.com) HTTP/1.1 443 GET \| URL: / \| Ref: - \| Country: CA/Canada/-06:00 IP City: Montréal 9786b2c87d1eac63-YYZ/Toronto, ON, Canada 1 hits/0 secs Robots 0 show less	Web Spam Blog Spam Brute-Force Exploited Host Web App Attack
Anonymous	2025-08-20 06:11:18 (10 months ago)	few-Joomla User : try to access forms...	Hacking
🇨🇭 backslash	2025-08-03 09:50:13 (10 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇷 83.235.16.111

🇬🇧 5.226.140.70

🇨🇳 223.244.82.217

🇩🇪 209.50.180.234

🇳🇱 72.56.66.71

🇮🇳 69.62.76.187

🇩🇪 69.5.169.190

🇬🇧 31.14.254.89

🇺🇸 3.83.217.19

🇰🇷 211.223.107.86

🇵🇭 180.190.171.117

🇭🇰 139.198.113.29

🇨🇳 122.244.215.252

🇨🇳 115.52.77.1

🇺🇸 107.155.88.70

🇳🇱 91.92.40.237

🇷🇴 80.94.92.171

🇩🇪 69.5.169.217

🇺🇸 65.49.1.167

🇳🇱 62.60.247.194