JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.0.103.7

136.0.103.7 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 23%: ?

23%

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396362
Hostname(s)	136-0-103-7.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.0.103.7

Whois 136.0.103.7

IP Abuse Reports for 136.0.103.7:

This IP address has been reported a total of 13 times from 7 distinct sources. 136.0.103.7 was first reported on December 27th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-28 00:42:45 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:42:37.937701 2026] [security2:error] [pid 20542:tid 20542] [client 136.0.103.7:43225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "enselme.com"] [uri "/.env.development.local"] [unique_id "ahePffvZPaCt-3Q0vJopsAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 23:39:51 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 19:39:44.406689 2026] [security2:error] [pid 20465:tid 20465] [client 136.0.103.7:34433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lookatpriscoolwebsite.click"] [uri "/.env.bak"] [unique_id "aheAwBliv1KTxDzIT1zFbgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-27 22:01:02 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-26. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-27 21:50:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 17:50:18.047707 2026] [security2:error] [pid 19833:tid 19833] [client 136.0.103.7:48597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.badwaterclaims.helpkccare.org"] [uri "/.env.local"] [unique_id "ahdnGp2XbKqXJxblzai3MgAAAAA"], referer: https://www.google.com/search?q=www.badwaterclaims.helpkccare.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:58:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:58:12.913323 2026] [security2:error] [pid 9021:tid 9021] [client 136.0.103.7:59597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partybusesflint.com"] [uri "/.env.save"] [unique_id "ahZBpGG7b-zYstn97kSJNQAAAAA"], referer: https://www.google.com/search?q=partybusesflint.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:22:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:22:46.810163 2026] [security2:error] [pid 3904:tid 3904] [client 136.0.103.7:50203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ev.alitcogroup.com"] [uri "/.env.vercel"] [unique_id "ahY5VqFo4l49TVqjP3fF3AAAAAc"], referer: https://www.google.com/search?q=ev.alitcogroup.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 17:55:13 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com) ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (136-0-103-7.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 13:55:07.010044 2026] [security2:error] [pid 19566:tid 19566] [client 136.0.103.7:46961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "foundintranslation.net"] [uri "/wp-config.old"] [unique_id "ahXee6PKadnUU6HEkqwYEQAAAAs"], referer: https://www.google.com/search?q=foundintranslation.net show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-26 16:49:04 (1 week ago)	IM360 WAF: Information Disclosure Attempt in WordPress MV:/wp-config.php.save	Web App Attack
🇫🇷 service Informatique	2026-05-10 04:00:37 (4 weeks ago)	GET /robots.txt	Web App Attack
🇩🇪 HandyTreff.de	2026-01-11 10:06:38 (4 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -46.771 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -46.771 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Sa show less	Bad Web Bot Web App Attack
Anonymous	2025-08-05 07:30:22 (10 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
Anonymous	2024-12-27 07:20:04 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-12-27 06:38:17 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 136.0.103.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 136.0.103.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 27 01:37:32.258450 2024] [security2:error] [pid 30040:tid 30055] [client 136.0.103.7:53275] [client 136.0.103.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.com"] [uri "/wp-content/plugins/wpsite-background-takeover/exports/download.php"] [unique_id "Z25LLFPknNVrOJxzrw5stwAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 125.209.97.230

🇳🇱 45.153.34.114

🇭🇰 45.142.154.98

🇺🇸 205.210.31.89

🇨🇱 200.89.69.247

🇺🇸 193.36.222.12

🇺🇸 173.54.169.61

🇻🇳 171.231.194.14

🇩🇪 148.251.85.212

🇨🇳 101.76.248.214

🇮🇹 95.110.230.43

🇺🇸 74.235.185.111

🇩🇪 69.5.169.136

🇺🇸 64.62.197.90

🇺🇸 57.141.20.53

🇺🇸 43.153.12.68

🇨🇳 36.33.167.165

🇺🇸 205.210.31.56

🇺🇸 205.210.31.36

🇧🇪 198.235.24.163