JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.0.182.101

136.0.182.101 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 10%: ?

10%

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS395954
Hostname(s)	136-0-182-101.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.0.182.101

Whois 136.0.182.101

IP Abuse Reports for 136.0.182.101:

This IP address has been reported a total of 12 times from 3 distinct sources. 136.0.182.101 was first reported on January 17th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-28 22:00:13 (3 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-28 00:17:08 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:16:51.955991 2026] [security2:error] [pid 14725:tid 14725] [client 136.0.182.101:47287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "virttee.com"] [uri "/.env.backup"] [unique_id "aheJc_PrtYYx8OQDX5PRRAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 15:42:28 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 11:42:20.566802 2026] [security2:error] [pid 15440:tid 15440] [client 136.0.182.101:53905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fritsknuf.com"] [uri "/.env"] [unique_id "ahcQ3De2S4EFqQqu5IBIHwAAAEU"], referer: https://www.google.com/search?q=fritsknuf.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 11:48:36 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 07:48:31.484191 2026] [security2:error] [pid 25369:tid 25369] [client 136.0.182.101:35725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nsightsound.com"] [uri "/wp-config.php.save"] [unique_id "ahbaD5gBKnIL5Q2Tctbz5wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:57:14 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:57:11.049876 2026] [security2:error] [pid 16058:tid 16058] [client 136.0.182.101:55833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robcruickshank.com"] [uri "/.env.production"] [unique_id "ahZBZ_9xG2c_ECDNDJ1K2QAAAAk"], referer: https://www.google.com/search?q=robcruickshank.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 18:16:08 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:14:28.844944 2026] [security2:error] [pid 10743:tid 10743] [client 136.0.182.101:57207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "progresstraining.info"] [uri "/.env.development"] [unique_id "ahXjBNWD4wgQwscIlpYb9QAAAAY"], referer: https://www.google.com/search?q=progresstraining.info show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-27 04:12:56 (4 months ago)	(mod_security) mod_security (id:210350) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210350) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 23:12:49.578778 2026] [security2:error] [pid 8339:tid 8450] [client 136.0.182.101:52795] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mail.kettlehill.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.kettlehill.com"] [uri "/mdm/checkin"] [unique_id "aXg7QYD2pNfqivIyv8qI5wAAAlg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:10:26 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:221260) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:08:24.150915 2025] [security2:error] [pid 28940:tid 28963] [client 136.0.182.101:53463] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.staging.kettlehill.com"] [uri "/debug.cgi"] [unique_id "aIVf6BkWs7qQTYmgnsCgaAAAAAw"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 23:50:39 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 19:50:34.954285 2025] [security2:error] [pid 3791966:tid 3791966] [client 136.0.182.101:34257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.farmers123.com"] [uri "/.env.www"] [unique_id "aDjyypunq6Hw3FinymhtgAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 03:11:06 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 23:10:18.750343 2025] [security2:error] [pid 21920:tid 22057] [client 136.0.182.101:44415] [client 136.0.182.101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/.svn/entries"] [unique_id "aAMUGhuYowtSVCxTM-GycAAAAhc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-27 14:50:38 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.182.101 (136-0-182-101.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 09:50:31.426671 2025] [security2:error] [pid 27065:tid 27242] [client 136.0.182.101:41089] [client 136.0.182.101] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/wp-content/mysql.sql"] [unique_id "Z8B7tydqMyQKEHyZyujGTgAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 15:20:33 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.81.6.36

🇧🇷 205.210.31.231

🇺🇸 165.232.144.228

🇩🇪 45.135.194.113

🇧🇪 207.175.96.215

🇲🇽 177.229.197.38

🇺🇸 172.66.162.109

🇺🇸 136.111.79.167

🇫🇷 51.68.111.243

🇷🇺 31.173.80.56

🇺🇸 23.94.23.226

🇺🇸 20.171.127.66

🇺🇸 3.21.163.185

🇹🇼 198.235.24.65

🇹🇭 184.22.115.169

🇰🇷 121.132.27.238

🇮🇩 103.97.101.25

🇸🇬 97.74.86.176

🇫🇷 91.231.89.175

🇱🇹 81.30.98.49