JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.111.113.185

142.111.113.185 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS393886
Hostname(s)	142-111-113-185.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Miami, Florida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.111.113.185

Whois 142.111.113.185

IP Abuse Reports for 142.111.113.185:

This IP address has been reported a total of 6 times from 3 distinct sources. 142.111.113.185 was first reported on August 31st 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-03-05 17:34:29 (3 months ago)	Blocked by UFW (TCP on 443) Source port: 55983 TTL: 52 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 443) Source port: 55983 TTL: 52 Packet length: 60 TOS: 0x08 This report (for 142.111.113.185) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 23:30:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 18:30:00.251711 2026] [security2:error] [pid 1086:tid 1086] [client 142.111.113.185:54999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.env.prod.local"] [unique_id "aWwbeNnj-EQ-gFqhY7CPqAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:37:36 (5 months ago)	(mod_security) mod_security (id:240950) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacen ... show more (mod_security) mod_security (id:240950) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:37:27.441213 2025] [security2:error] [pid 21770:tid 21776] [client 142.111.113.185:36997] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)\|\|webmail.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "webmail.kettlehill.net"] [uri "/_users/org.couchdb.user:poc"] [unique_id "aVLmh-1IUNfWG5lsn0GabwAAAYM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 12:14:45 (6 months ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 13:26:42 (6 months ago)	(mod_security) mod_security (id:211190) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacen ... show more (mod_security) mod_security (id:211190) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 08:26:34.928164 2025] [security2:error] [pid 14481:tid 14481] [client 142.111.113.185:48705] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /LetsEncrypt/Index?fileName=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/LetsEncrypt/Index"] [unique_id "aRXcirzCum24TIoY-RZ_fQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-31 03:54:30 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.113.185 (142-111-113-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 23:54:24.557172 2025] [security2:error] [pid 2657396:tid 2657416] [client 142.111.113.185:38933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.net"] [uri "/.env.prod.local"] [unique_id "aLPHcLki_fAFGxnxwOP0ogAAANI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.181.108.169

🇵🇰 202.165.249.187

🇰🇷 118.194.249.8

🇫🇷 91.231.89.222

🇮🇹 83.229.8.197

🇳🇱 45.198.224.13

🇹🇼 198.235.24.55

🇧🇷 177.61.176.110

🇯🇵 165.154.231.236

🇺🇸 147.185.132.229

🇨🇳 124.114.79.154

🇨🇳 111.9.22.102

🇦🇹 91.113.22.70

🇨🇦 85.217.149.65

🇱🇹 81.30.98.44

🇫🇷 77.237.239.101

🇺🇸 69.49.246.176

🇬🇧 45.82.76.124

🇺🇸 17.253.9.195

🇹🇭 8.213.229.126