JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.111.48.115

142.111.48.115 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 3%: ?

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS395954
Hostname(s)	142-111-48-115.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.111.48.115

Whois 142.111.48.115

IP Abuse Reports for 142.111.48.115:

This IP address has been reported a total of 11 times from 2 distinct sources. 142.111.48.115 was first reported on August 1st 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 02:18:26 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210730) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 22:18:20.463293 2026] [security2:error] [pid 12707:tid 12716] [client 142.111.48.115:35203] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.com"] [uri "/admin/error.log"] [unique_id "ahzr7Pr1zQOtbkd9viUrrQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:58:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:58:52.022090 2026] [security2:error] [pid 483:tid 651] [client 142.111.48.115:36115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.kettlehill.com"] [uri "/.env.www"] [unique_id "aX8__AMxl-cQ0UzvOvSRfQAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 05:41:07 (4 months ago)	(mod_security) mod_security (id:221260) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:221260) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 00:41:00.074222 2026] [security2:error] [pid 13663:tid 13663] [client 142.111.48.115:40479] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|192.64.150.63:443\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.63"] [uri "/cgi-bin/test-cgi"] [unique_id "aWnPbJQtqBgTunZ8A92nbgAAAAc"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:41:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:41:32.178591 2025] [security2:error] [pid 21565:tid 21565] [client 142.111.48.115:58593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.farmers123.com"] [uri "/sample.htaccess"] [unique_id "aS9rHEME8v8KDnZ83IW80wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 05:54:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 00:53:58.817458 2025] [security2:error] [pid 5083:tid 5092] [client 142.111.48.115:34659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aS0tdrlODMhtlQGnj5c47AAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 08:30:04 (6 months ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 03:25:35 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 23:25:31.354951 2025] [security2:error] [pid 27446:tid 27446] [client 142.111.48.115:35179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.env.dev"] [unique_id "aQGJK2nkbtoZGC21VsNo0gAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:59:20 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:59:12.435182 2025] [security2:error] [pid 31612:tid 31733] [client 142.111.48.115:46693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/wp-config.php.inc"] [unique_id "aN1BwPVYIT9TWn2lWzJp6QAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 20:26:21 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 16:26:15.899808 2025] [security2:error] [pid 28927:tid 28927] [client 142.111.48.115:44965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.deandobkin.com"] [uri "/example.htaccess"] [unique_id "aNGw54ooMEO4FTgkEeNneQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-05 19:27:25 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210730) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 15:27:19.236324 2025] [security2:error] [pid 8312:tid 8312] [client 142.111.48.115:47453] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\windows\\\\win.ini"] [unique_id "aJJbF9LUsExnDNPJoKtODQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 06:41:12 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacente ... show more (mod_security) mod_security (id:210492) triggered by 142.111.48.115 (142-111-48-115.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:40:46.933651 2025] [security2:error] [pid 3332372:tid 3332392] [client 142.111.48.115:50411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staging.kettlehill.com"] [uri "/wp-config.php.swp"] [unique_id "aIxhbh33aKcnOojmIbhR6QAAApI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 165.22.82.165

🇺🇸 147.185.132.151

🇺🇸 147.185.132.50

🇭🇰 125.59.145.72

🇱🇹 62.60.130.251

🇺🇸 216.218.206.112

🇺🇸 208.84.100.197

🇷🇺 194.85.235.99

🇺🇸 193.37.33.11

🇨🇷 186.177.81.28

🇧🇷 179.191.82.115

🇧🇷 179.48.4.14

🇧🇷 164.152.36.29

🇷🇴 162.158.19.69

🇧🇷 129.121.32.44

🇧🇷 45.205.1.70

🇸🇬 43.173.174.148

🇳🇱 20.229.115.183

🇺🇸 186.244.214.71

🇫🇷 185.250.36.11