JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.0.118.227

136.0.118.227 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 3%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27411
Hostname(s)	136-0-118-227.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.0.118.227

Whois 136.0.118.227

IP Abuse Reports for 136.0.118.227:

This IP address has been reported a total of 11 times from 6 distinct sources. 136.0.118.227 was first reported on November 12th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:54:28 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:54:07.973671 2026] [security2:error] [pid 15557:tid 15563] [client 136.0.118.227:51699] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/settings.php.bak"] [unique_id "ahzmP35hzq3cB4Zb4JrJ1wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 21:22:45 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:22:38.818493 2026] [security2:error] [pid 155847:tid 155847] [client 136.0.118.227:32821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "adbHHgiZ7wUSbvJ6Z3qj2QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇬 Stoyko Stoykov	2026-03-17 00:02:51 (2 months ago)	136.0.118.227 - - [17/Mar/2026:02:02:47 +0200] "GET /.htaccess HTTP/1.1" 404 0 "http://213.91.237.20 ... show more 136.0.118.227 - - [17/Mar/2026:02:02:47 +0200] "GET /.htaccess HTTP/1.1" 404 0 "http://213.91.237.205/.htaccess" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇮🇹 Pengu	2026-03-06 19:17:30 (3 months ago)	Web application attack blocked by WAF	Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:30:12 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:29:59.570575 2026] [security2:error] [pid 16721:tid 16873] [client 136.0.118.227:44433] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "staging.kettlehill.com"] [uri "/ui/gradio_api/file=https:/example.com"] [unique_id "aX85N7ZSDMB2xJcUTnRZdgAAAoo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 12:45:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 07:45:05.222282 2026] [security2:error] [pid 12249:tid 12249] [client 136.0.118.227:49837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.nbcnewsradio.com"] [uri "/api/.env"] [unique_id "aWoy0XEqVAoHmr32RsdasgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 raspi4	2025-12-31 07:55:54 (5 months ago)	Fail2Ban Ban Triggered	Brute-Force Web App Attack
Anonymous	2025-12-01 21:40:05 (6 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:41:57 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:41:48.311823 2025] [security2:error] [pid 26090:tid 26462] [client 136.0.118.227:56357] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/my.key"] [unique_id "aS0qnAqR0geke5MRGl776wAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 22:12:00 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 04:14:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.118.227 (136-0-118-227.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 23:14:34.664326 2025] [security2:error] [pid 17136:tid 17136] [client 136.0.118.227:32919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.nbcnewsradio.com"] [uri "/.env.prod"] [unique_id "aRQJqmdO27PmH3nCBaEUfQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 128.199.231.249

🇮🇳 103.91.246.101

🇫🇮 95.217.117.189

🇵🇾 190.52.136.123

🇧🇷 186.226.56.134

🇨🇳 183.6.72.120

🇩🇪 162.19.221.192

🇮🇩 103.49.239.217

🇨🇳 61.179.73.179

🇺🇸 47.77.225.225

🇧🇼 41.216.215.133

🇨🇱 34.176.240.26

🇧🇪 34.156.90.220

🇧🇪 34.34.171.65

🇷🇴 2.57.121.112

🇺🇸 212.46.142.168

🇮🇩 210.79.142.221

🇭🇰 199.45.155.68

🇪🇹 196.190.64.249

🇬🇾 190.80.51.96