JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.56.160.211

149.56.160.211 was found in our database!

This IP was reported 110 times. Confidence of Abuse is 22%: ?

22%

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-149-56-160-211.dataproviderbot.com
Domain Name	dataprovider.com
Country	🇨🇦 Canada
City	Beauharnois, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.56.160.211

Whois 149.56.160.211

IP Abuse Reports for 149.56.160.211:

This IP address has been reported a total of 110 times from 37 distinct sources. 149.56.160.211 was first reported on August 29th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 YF	2026-06-22 13:05:21 (2 days ago)	Attaque distribuée subnet	DDoS Attack Web App Attack
🇪🇸 librebit	2026-06-09 15:00:13 (2 weeks ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 04:18:24 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 149.56.160.211 (crawl-149-56-160-211.dataprovid ... show more (mod_security) mod_security (id:210730) triggered by 149.56.160.211 (crawl-149-56-160-211.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 00:18:20.369319 2026] [security2:error] [pid 12236:tid 12236] [client 149.56.160.211:57239] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.tecnoconce.cl\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.tecnoconce.cl"] [uri "/p-php.ini"] [unique_id "aiD8jFucJBHgNitCjX5UXwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-05-22 04:07:38 (1 month ago)	Brute force	Brute-Force
🇵🇹 SubnetShadowSpecter	2026-05-10 07:52:18 (1 month ago)	[Security Alert] Unauthorized malicious activity detected; IP address has been automatically blocked ... show more [Security Alert] Unauthorized malicious activity detected; IP address has been automatically blocked and banned. [Method]: GET. [Request]: => / [User-Agent]: Mozilla/5.0 (compatible; Dataprovider.com). [OS]: unknown. [IP Address]: 149.56.160.211. [RPS] 25+ overshoot requests per second (RPS). [Date]: 2026-05-10 04:46:25 UTC. show less	Bad Web Bot Hacking Web App Attack
🇫🇮 diego021	2026-03-24 02:24:02 (3 months ago)	149.56.160.211 pythonpirate.tech - [23/Mar/2026:21:24:00 -0500] "GET /ads.txt HTTP/1.1" 404 341 "-" ... show more 149.56.160.211 pythonpirate.tech - [23/Mar/2026:21:24:00 -0500] "GET /ads.txt HTTP/1.1" 404 341 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.211 pythonpirate.tech - [23/Mar/2026:21:24:00 -0500] "GET /security.txt HTTP/1.1" 404 341 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.211 pythonpirate.tech - [23/Mar/2026:21:24:00 -0500] "GET /.well-known/security.txt HTTP/1.1" 404 341 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.211 pythonpirate.tech - [23/Mar/2026:21:24:02 -0500] "GET /llms.txt HTTP/1.1" 404 341 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" ... show less	Web App Attack
🇦🇺 MAGIC	2026-03-20 01:45:55 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-18 21:07:56 (3 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.211 (crawl-149-56-160-211.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.211 (crawl-149-56-160-211.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 17:07:48.972909 2026] [security2:error] [pid 15111:tid 15111] [client 149.56.160.211:49283] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.crochetdoilies.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.crochetdoilies.com"] [uri "/index.html"] [unique_id "absUJO0ZIIerwwaYsWcGcQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 20:25:21 (3 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.211 (crawl-149-56-160-211.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.211 (crawl-149-56-160-211.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 16:25:14.136666 2026] [security2:error] [pid 30056:tid 30056] [client 149.56.160.211:40861] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.eaglesnestfuelfarm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.eaglesnestfuelfarm.com"] [uri "/contact/contact.php"] [unique_id "abXEKmYmAqpwT0rGNgFbIwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2026-03-14 03:20:08 (3 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2026-02-14 22:16:45 (4 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.211 (crawl-149-56-160-211.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.211 (crawl-149-56-160-211.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:16:42.462365 2026] [security2:error] [pid 26130:tid 26130] [client 149.56.160.211:52417] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.wisconsinstatehuntingexpo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.wisconsinstatehuntingexpo.com"] [uri "/contact.html"] [unique_id "aZD0Ss9pWbWTMUqa9uh1GgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-01-25 21:00:11 (4 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇩🇰 SaltySoftworks	2026-01-10 23:14:16 (5 months ago)	User agent spoofing	Spoofing
🇦🇺 MAGIC	2025-12-24 02:00:22 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-20 11:51:22 (6 months ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /.well-known/security.txt	Web App Attack

Showing 1 to 15 of 110 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.228.218.47

🇨🇳 222.219.232.57

🇭🇰 199.45.154.189

🇺🇸 151.241.122.108

🇨🇳 112.86.225.113

🇰🇷 59.24.133.197

🇰🇷 13.124.199.8

🇻🇳 2402:800:6d6a:9113:9d86:109c:a818:8309

🇧🇩 103.77.218.38

🇩🇪 45.135.141.13

🇧🇪 34.38.163.17

🇩🇪 8.209.80.8

🇷🇴 2.57.121.25

🇫🇷 185.202.238.8

🇺🇸 172.208.48.177

🇨🇳 112.86.225.173

🇱🇻 62.60.234.140

🇩🇪 46.101.213.236

🇳🇱 45.148.10.152

🇮🇶 37.239.57.17