JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.111.161.185

142.111.161.185 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS27411
Hostname(s)	142-111-161-185.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.111.161.185

Whois 142.111.161.185

IP Abuse Reports for 142.111.161.185:

This IP address has been reported a total of 5 times from 2 distinct sources. 142.111.161.185 was first reported on February 2nd 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-17 10:43:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 05:43:22.288747 2026] [security2:error] [pid 18571:tid 18571] [client 142.111.161.185:43277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/lib../.git/config"] [unique_id "aWtnyq8PJTm7uR1JNyISWwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 18:56:51 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacen ... show more (mod_security) mod_security (id:225170) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 13:56:45.749833 2025] [security2:error] [pid 22841:tid 23015] [client 142.111.161.185:33295] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.kettlehill.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "aVLO7bvqJPp5jxktaSGEbwAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 04:40:27 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacen ... show more (mod_security) mod_security (id:211190) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 23:37:44.773921 2025] [security2:error] [pid 27011:tid 27011] [client 142.111.161.185:33745] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nbcnewsradio.com"] [uri "/components/com_ionfiles/download.php"] [unique_id "aRQPGGwe_LaahyCyXNpcIgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 03:17:53 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacen ... show more (mod_security) mod_security (id:210492) triggered by 142.111.161.185 (142-111-161-185.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 23:17:47.599294 2025] [security2:error] [pid 4018879:tid 4018879] [client 142.111.161.185:39749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.farmers123.com"] [uri "/.env.backup"] [unique_id "aDkjWwIOVBm2LCrgfjPNIAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-02 03:50:02 (1 year ago)	\| Shellshock attack attempt	Hacking SQL Injection Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 115.135.234.221

🇳🇱 91.92.42.64

🇺🇸 2600:3c02::2000:eeff:fed4:53f5

🇳🇱 138.226.239.12

🇮🇳 117.218.75.251

🇮🇳 103.82.157.45

🇺🇸 2a13:dcc7:4314:8b1d:e297:6e7:d983:d96a

🇩🇪 213.209.159.228

🇹🇼 211.20.14.156

🇪🇸 185.176.8.77

🇸🇬 178.128.81.146

🇫🇮 147.185.133.101

🇺🇸 43.130.74.193

🇺🇸 38.141.62.238

🇷🇺 31.130.35.29

🇮🇳 27.0.221.174

🇺🇸 146.75.154.67

🇳🇱 144.31.54.15

🇰🇷 112.168.38.78

🇺🇸 91.230.168.86