JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.56.160.225

149.56.160.225 was found in our database!

This IP was reported 114 times. Confidence of Abuse is 6%: ?

ISP	B.V., Dataprovider
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	crawl-149-56-160-225.dataproviderbot.com
Domain Name	dataprovider.com
Country	🇨🇦 Canada
City	Beauharnois, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.56.160.225

Whois 149.56.160.225

IP Abuse Reports for 149.56.160.225:

This IP address has been reported a total of 114 times from 35 distinct sources. 149.56.160.225 was first reported on August 18th 2021, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-21 03:04:58 (7 hours ago)	(mod_security) mod_security (id:11000011) triggered by 149.56.160.225 (NL/The Netherlands/Groningen/ ... show more (mod_security) mod_security (id:11000011) triggered by 149.56.160.225 (NL/The Netherlands/Groningen/Groningen (Oosterpoortwijk)/-/[AS16276 OVH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 21 06:04:55.654542 2026] [security2:error] [pid 785068:tid 785097] [client 149.56.160.225:45025] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "dataproviderbot.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: crawl-149-56-160-225.dataproviderbot.com"] [severity "CRITICAL"] [hostname "www.asteriassantorini.com"] [uri "/"] [unique_id "ajdU1xGXBK2iHtemAo8HzwAAAQI"] show less	Port Scan
🇨🇭 backslash	2026-04-27 03:51:01 (1 month ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇺🇸 LSPCCU	2026-04-11 13:30:46 (2 months ago)	TSEC Honeypot Network report. Threat score: 85/100. Categories: DDoS Attack, Hacking, Brute-Force, W ... show more TSEC Honeypot Network report. Threat score: 85/100. Categories: DDoS Attack, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: Attacker IP 149. show less	DDoS Attack Hacking Brute-Force Web App Attack SSH
🇩🇪 Kreapptivo	2026-04-06 03:39:28 (2 months ago)	[06/Apr/2026:05:39:24 +0200] Web-Request: "GET /.well-known/security.txt", User-Agent: "Mozilla/5.0 ... show more [06/Apr/2026:05:39:24 +0200] Web-Request: "GET /.well-known/security.txt", User-Agent: "Mozilla/5.0 (compatible; Dataprovider.com)" show less	Bad Web Bot Web App Attack
🇪🇸 librebit	2026-04-05 10:35:46 (2 months ago)	Brute force	Brute-Force
🇬🇧 Mendip_Defender	2026-04-04 04:47:51 (2 months ago)	149.56.160.225 - - [04/Apr/2026:05:47:46 +0100] "GET /robots.txt HTTP/1.0" 404 4936 "-" "Mozilla/5.0 ... show more 149.56.160.225 - - [04/Apr/2026:05:47:46 +0100] "GET /robots.txt HTTP/1.0" 404 4936 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.225 - - [04/Apr/2026:05:47:47 +0100] "GET /ads.txt HTTP/1.0" 404 4936 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.160.225 - - [04/Apr/2026:05:47:47 +0100] "GET /security.txt HTTP/1.0" 404 4936 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" ... show less	Hacking Web App Attack
🇩🇪 bogdanv	2026-03-29 13:44:26 (2 months ago)	$f2bV_matches	DDoS Attack Web Spam SQL Injection Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-02-20 00:01:49 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-14 21:29:25 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 149.56.160.225 (crawl-149-56-160-225.dataprovid ... show more (mod_security) mod_security (id:210730) triggered by 149.56.160.225 (crawl-149-56-160-225.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:29:18.384551 2026] [security2:error] [pid 14173:tid 14173] [client 149.56.160.225:57757] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bayareamustangs.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bayareamustangs.com"] [uri "/links/fordofwesleychapel.com"] [unique_id "aZDpLnmnXA1j1qS-pb6ntgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-01-05 12:04:09 (5 months ago)	Brute force	Brute-Force
🇨🇭 backslash	2026-01-02 11:05:07 (5 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇩🇪 bogdanv	2025-12-29 17:15:06 (5 months ago)	$f2bV_matches	DDoS Attack Web Spam SQL Injection Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hary74656	2025-12-21 04:33:14 (6 months ago)	[Sun Dec 21 05:33:03.970768 2025] [core:info] [pid 20293:tid 20321] [client 149.56.160.225:35073] AH ... show more [Sun Dec 21 05:33:03.970768 2025] [core:info] [pid 20293:tid 20321] [client 149.56.160.225:35073] AH00128: File does not exist: /home/harald/www/ads.txt ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-15 06:13:05 (6 months ago)	(mod_security) mod_security (id:243420) triggered by 149.56.160.225 (crawl-149-56-160-225.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.160.225 (crawl-149-56-160-225.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 15 01:13:00.402798 2025] [security2:error] [pid 15501:tid 15501] [client 149.56.160.225:47685] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.liftreading.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.liftreading.com"] [uri "/Emma.html"] [unique_id "aT-m7JRo7ko2_a3ZSkHq5wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 soverin	2025-12-09 04:26:49 (6 months ago)	Network scan on port 80	Email Spam

Showing 1 to 15 of 114 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 196.196.150.4

🇺🇦 194.242.103.87

🇮🇳 182.95.186.66

🇺🇸 172.238.188.122

🇨🇳 117.173.154.224

🇷🇺 83.167.79.234

🇱🇹 81.30.98.144

🇲🇾 47.250.120.63

🇸🇬 47.84.114.18

🇦🇷 23.175.41.234

🇬🇹 190.151.130.5

🇵🇭 180.190.5.46

🇨🇳 180.76.234.73

🇺🇸 162.216.149.168

🇮🇹 151.19.124.250

🇺🇸 137.184.46.218

🇩🇪 84.55.0.190

🇺🇸 47.201.158.91

🇳🇱 45.156.87.204

🇳🇱 45.156.87.13