JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.111.161.176

142.111.161.176 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 2%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27411
Hostname(s)	142-111-161-176.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.111.161.176

Whois 142.111.161.176

IP Abuse Reports for 142.111.161.176:

This IP address has been reported a total of 6 times from 1 distinct source. 142.111.161.176 was first reported on May 1st 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:10:44 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:09:03.736951 2026] [security2:error] [pid 7732:tid 7766] [client 142.111.161.176:59365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/wp-config.php.inc"] [unique_id "ahzpvyKq_i-FrRbJEDL7uAAAAVQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 21:45:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:45:38.386911 2025] [security2:error] [pid 16785:tid 16785] [client 142.111.161.176:41093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.farmers123.com"] [uri "/.env.production"] [unique_id "aS9eAnnScxlEDjE4ogVyswAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-05 23:17:11 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 19:17:06.230767 2025] [security2:error] [pid 10479:tid 10479] [client 142.111.161.176:40503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.git/config"] [unique_id "aJKQ8jq2BNYQ8tkEtARVgQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-01 07:34:45 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacen ... show more (mod_security) mod_security (id:210730) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 03:34:43.050238 2025] [security2:error] [pid 15240:tid 15259] [client 142.111.161.176:47411] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.staging.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.staging.kettlehill.com"] [uri "/MyErrors.log"] [unique_id "aGOPk1EMdJRstfLTz5SIHQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-28 20:58:09 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacen ... show more (mod_security) mod_security (id:210730) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 28 16:57:55.486035 2025] [security2:error] [pid 1902134:tid 1902134] [client 142.111.161.176:47449] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|farmers123.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "farmers123.com"] [uri "/application/logs/application.log"] [unique_id "aDd404nUMZftnMipo3C1YgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-01 03:11:55 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacen ... show more (mod_security) mod_security (id:225170) triggered by 142.111.161.176 (142-111-161-176.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 23:11:18.188971 2025] [security2:error] [pid 10930:tid 11153] [client 142.111.161.176:43575] [client 142.111.161.176] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.staging.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staging.kettlehill.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aBLmVn9d7Z86Td3fBuew5wAAAQI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 212.113.23.140

🇳🇱 185.223.235.42

🇮🇳 157.49.177.48

🇺🇸 153.66.28.132

🇨🇱 136.248.247.188

🇳🇱 93.123.72.183

🇳🇱 91.92.40.10

🇺🇸 66.132.172.136

🇳🇱 45.148.10.147

🇳🇱 37.97.185.98

🇺🇸 4.227.177.11

🇮🇩 202.73.27.109

🇺🇸 192.174.94.90

🇩🇪 138.201.123.232

🇮🇳 103.91.72.221

🇺🇸 91.230.168.137

🇩🇪 69.5.169.17

🇺🇸 20.106.206.47

🇲🇾 180.74.84.64

🇺🇸 143.42.164.204