JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.0.194.99

136.0.194.99 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27411
Hostname(s)	136-0-194-99.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.0.194.99

Whois 136.0.194.99

IP Abuse Reports for 136.0.194.99:

This IP address has been reported a total of 7 times from 3 distinct sources. 136.0.194.99 was first reported on March 28th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 08:14:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 03:14:43.154549 2026] [security2:error] [pid 9908:tid 9908] [client 136.0.194.99:49603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.live"] [unique_id "aWtE84Mcr_YY2KmqFU85eAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 19:14:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 14:13:51.492840 2025] [security2:error] [pid 22839:tid 22978] [client 136.0.194.99:48197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kettlehill.net"] [uri "/.htaccess"] [unique_id "aVLS76hQT-NrkrxX7z3LJQAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:12:08 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:12:02.886699 2025] [security2:error] [pid 404369:tid 404488] [client 136.0.194.99:42651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kettlehill.com"] [uri "/.env.bak"] [unique_id "aIV84o1ApCwrT9-Kn8W_DwAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 20:40:39 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.co ... show more (mod_security) mod_security (id:210492) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 16:40:34.770617 2025] [security2:error] [pid 3469624:tid 3469624] [client 136.0.194.99:33679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.env.local"] [unique_id "aDjGQkTHzTRdAbnBDQ6GmgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Vincent Helmus	2025-05-16 17:40:18 (1 year ago)	ALL	DNS Compromise DNS Poisoning Fraud Orders DDoS Attack FTP Brute-Force Ping of Death Phishing Fraud VoIP Open Proxy Web Spam Email Spam Blog Spam VPN IP Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇺🇸 TPI-Abuse	2025-04-19 05:18:24 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.co ... show more (mod_security) mod_security (id:221260) triggered by 136.0.194.99 (136-0-194-99.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 01:18:07.321422 2025] [security2:error] [pid 9688:tid 9709] [client 136.0.194.99:33951] [client 136.0.194.99] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|www.blog.spinningdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/cgi-bin/status/status.cgi"] [unique_id "aAMyDxOaBIFZmDz3zNXt0gAAANM"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-28 14:50:02 (1 year ago)	\| PHPMyAdmin scans (looking for setup.php).	Hacking SQL Injection Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.232

🇨🇳 111.173.159.215

🇨🇳 101.126.54.245

🇺🇸 67.233.159.235

🇳🇱 64.89.162.103

🇷🇴 2.57.121.112

🇺🇸 204.111.226.252

🇹🇿 196.46.97.129

🇳🇱 195.178.110.26

🇮🇳 122.168.123.73

🇨🇳 119.3.214.90

🇱🇻 80.89.77.61

🇯🇵 47.91.16.59

🇪🇸 46.6.124.216

🇬🇧 45.137.126.6

🇧🇪 198.235.24.164

🇺🇸 170.106.15.3

🇺🇸 162.216.149.42

🇺🇸 147.185.132.143

🇨🇳 123.145.23.231