JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.2.236.142

185.2.236.142 was found in our database!

This IP was reported 115 times. Confidence of Abuse is 100%: ?

100%

ISP	ICUK Computing Services Limited
Usage Type	Fixed Line ISP
ASN	AS51561
Hostname(s)	default-185-2-236-142.interdsl.co.uk
Domain Name	icuk.net
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.2.236.142

Whois 185.2.236.142

IP Abuse Reports for 185.2.236.142:

This IP address has been reported a total of 115 times from 74 distinct sources. 185.2.236.142 was first reported on May 28th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-28 18:20:02 (1 week ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 18:15:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.c ... show more (mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.co.uk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 14:15:53.586186 2026] [security2:error] [pid 21426:tid 21426] [client 185.2.236.142:15694] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isol-8.kemela.com"] [uri "/.env.bak"] [unique_id "ahiGWST_dZpb_yot3bNo3QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 17:49:16 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.c ... show more (mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.co.uk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 13:49:10.759107 2026] [security2:error] [pid 24209:tid 24209] [client 185.2.236.142:59264] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.assheton.com"] [uri "/.git/HEAD"] [unique_id "ahiAFvqfS4xEOknuJjrzIQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 17:32:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.c ... show more (mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.co.uk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 13:32:53.038694 2026] [security2:error] [pid 19376:tid 19376] [client 185.2.236.142:10070] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.adamfogel.com"] [uri "/.env.old"] [unique_id "ahh8RTfjlgxLnBPuWaZXCQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-05-28 17:30:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 17:15:12 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.c ... show more (mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.co.uk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 13:15:09.414808 2026] [security2:error] [pid 26876:tid 26876] [client 185.2.236.142:38976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "assholesanonymous.onlyincanada-eh.com"] [uri "/.env.production"] [unique_id "ahh4HRupXqFlSj4jbgavdQAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 16:57:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.c ... show more (mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.co.uk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 12:57:18.773831 2026] [security2:error] [pid 17735:tid 17760] [client 185.2.236.142:37981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3stepreviewforyou.docdalton.com"] [uri "/.env.prod"] [unique_id "ahhz7mHqeQfDvS8p_Ip1VgAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2026-05-28 16:30:04 (1 week ago)	Web App Attack	Web App Attack
🇬🇧 Aetherweb Ark	2026-05-28 16:27:03 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 185.2.236.142 (GB/United Kingdom/default-185-2- ... show more (mod_security) mod_security (id:949110) triggered by 185.2.236.142 (GB/United Kingdom/default-185-2-236-142.interdsl.co.uk): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 16:17:19 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.c ... show more (mod_security) mod_security (id:210492) triggered by 185.2.236.142 (default-185-2-236-142.interdsl.co.uk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 12:17:13.534840 2026] [security2:error] [pid 5273:tid 5273] [client 185.2.236.142:42631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kritaka.ai"] [uri "/.env.bak"] [unique_id "ahhqidINbEkqQGHMO6ZeVwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 106 to 115 of 115 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.38

🇬🇧 89.37.172.136

🇬🇧 213.166.84.37

🇩🇪 172.70.250.38

🇫🇮 147.185.133.170

🇨🇳 58.19.80.63

🇷🇴 2.57.122.238

🇩🇪 157.230.18.133

🇮🇩 115.85.80.12

🇨🇳 110.177.183.185

🇺🇸 52.25.203.109

🇺🇸 44.208.223.68

🇺🇸 44.190.250.112

🇧🇪 198.235.24.204

🇲🇽 186.96.145.241

🇺🇸 184.154.157.176

🇺🇸 107.167.34.125

🇷🇺 89.23.113.208

🇲🇾 47.254.238.61

🇺🇸 31.57.63.242