JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.0.186.243

136.0.186.243 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 3%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396362
Hostname(s)	136-0-186-243.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.0.186.243

Whois 136.0.186.243

IP Abuse Reports for 136.0.186.243:

This IP address has been reported a total of 10 times from 4 distinct sources. 136.0.186.243 was first reported on May 30th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:25:56 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:25:49.989777 2026] [security2:error] [pid 12707:tid 12717] [client 136.0.186.243:37825] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.net"] [uri "/\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "ahztrfr1zQOtbkd9viUt7AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:37:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:36:03.597241 2026] [security2:error] [pid 16721:tid 16866] [client 136.0.186.243:36953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.wp-config.php.swp"] [unique_id "aX86o7ZSDMB2xJcUTnRc7gAAAoM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:48:21 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:48:15.290516 2025] [security2:error] [pid 28491:tid 28491] [client 136.0.186.243:48059] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.farmers123.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.farmers123.com"] [uri "/\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aS9sr1g5bse1ZZ8t-naHeQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 14:22:29 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 09:22:22.386096 2025] [security2:error] [pid 30487:tid 30487] [client 136.0.186.243:57299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "aRSYHguyM9PxH2KXqAT0ngAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-26 05:11:00 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 26 01:10:52.392634 2025] [security2:error] [pid 31241:tid 31241] [client 136.0.186.243:54799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.deandobkin.com"] [uri "/.env.www"] [unique_id "aNYgXAp5lUeivvnUnhQnfwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2025-08-30 23:20:03 (9 months ago)	IP was involved in L7 DDoS attack.	DDoS Attack
🇸🇬 raramos	2025-08-07 19:00:07 (10 months ago)	[SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed ... show more [SMB remote code execution attempt: port tcp/445] in blocklist.de:'listed [pop3]' in SpamCop:'listed' in sorbs:'listed [web], [spam]' in Unsubscore:'listed' *(RWIN=8192)(04:10) show less	Web Spam Email Spam Port Scan Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-07-01 06:00:27 (11 months ago)	(mod_security) mod_security (id:211190) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:211190) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 02:00:19.207663 2025] [security2:error] [pid 15415:tid 15474] [client 136.0.186.243:42511] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/wp-content/plugins/se-html5-album-audio-player/download_audio.php"] [unique_id "aGN5c60WqJtHmKpJnDr1XAAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-05 11:30:04 (1 year ago)	\| PHP CGI-bin vulnerability attempt.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 20:16:03 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 136.0.186.243 (136-0-186-243.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 16:15:58.553189 2025] [security2:error] [pid 627816:tid 627816] [client 136.0.186.243:49097] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/database.php.bak"] [unique_id "aDoR_kWd8gg1dlxukDFHNwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.65.195.121

🇭🇰 220.246.42.212

🇨🇳 220.197.85.26

🇨🇳 220.181.51.120

🇧🇷 205.210.31.150

🇬🇧 193.163.125.61

🇪🇨 186.101.129.113

🇭🇰 152.32.239.90

🇨🇳 124.88.113.23

🇳🇱 93.174.95.106

🇺🇸 66.132.186.168

🇸🇬 47.82.13.146

🇧🇪 35.240.100.133

🇨🇦 34.118.175.185

🇨🇳 1.24.16.166

🇩🇪 2a01:4f8:150:13a5::100:2e

🇺🇸 205.210.31.48

🇺🇸 199.127.62.250

🇸🇬 198.55.106.43

🇩🇪 172.69.151.147