JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.27.210.144

23.27.210.144 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 17%: ?

17%

ISP	Ace Data Centers II, L.L.C.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS40676
Hostname(s)	23-27-210-144.ips.acedatacenter.com
Domain Name	acedatacenter.com
Country	🇺🇸 United States of America
City	Centreville, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.27.210.144

Whois 23.27.210.144

IP Abuse Reports for 23.27.210.144:

This IP address has been reported a total of 11 times from 5 distinct sources. 23.27.210.144 was first reported on August 17th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-01 01:49:49 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:47:39.851165 2026] [security2:error] [pid 12115:tid 12240] [client 23.27.210.144:34993] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.com"] [uri "/default.php.bak"] [unique_id "ahzku7iPChCM0Z_m_ynf7QAAAVQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-22 12:04:58 (2 weeks ago)	LH-Watcher: FAKE_ID [Fake Googlebot]	Bad Web Bot
Anonymous	2026-05-01 09:40:05 (1 month ago)	\| Common web attack.	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-04-08 21:06:24 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:06:17.732458 2026] [security2:error] [pid 127382:tid 127382] [client 23.27.210.144:60215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/example.htaccess"] [unique_id "adbDSRkDWWTPGW2-jkUHtAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:21:32 (4 months ago)	(mod_security) mod_security (id:211190) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:211190) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:21:28.019619 2026] [security2:error] [pid 16721:tid 16885] [client 23.27.210.144:44769] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.kettlehill.com:80\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file:///etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.kettlehill.com"] [uri "/solr/solrdefault/debug/dump"] [unique_id "aX83OLZSDMB2xJcUTnRUFwAAApY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 21:40:33 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 16:40:26.684010 2026] [security2:error] [pid 23851:tid 23851] [client 23.27.210.144:42619] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/privatekey.key"] [unique_id "aWqwSp_rnYzQjeENLg9INQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-03 00:32:40 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 19:32:37.047304 2025] [security2:error] [pid 24397:tid 24397] [client 23.27.210.144:48375] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.farmers123.com\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.farmers123.com"] [uri "/privatekey.key"] [unique_id "aS-FJS4FZ9P0uQts72zOnQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-29 03:26:41 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:210492) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 23:26:34.240059 2025] [security2:error] [pid 28863:tid 28863] [client 23.27.210.144:33475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nbcnewsradio.com"] [uri "/.env.stage"] [unique_id "aQGJaih9i6rJ3Pwe2ebj7QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 sailor	2025-10-18 17:48:00 (7 months ago)	blocked by firewall for User Post Gallery - UPG <= 2.19 - Missing Authorization to Remote Command Ex ... show more blocked by firewall for User Post Gallery - UPG <= 2.19 - Missing Authorization to Remote Command Execution show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:49:10 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter. ... show more (mod_security) mod_security (id:210730) triggered by 23.27.210.144 (23-27-210-144.ips.acedatacenter.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:48:37.496308 2025] [security2:error] [pid 12475:tid 12502] [client 23.27.210.144:46377] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/log/error.log"] [unique_id "aN0_RWCKjmgjI9kURFKEhgAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-17 21:30:22 (9 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.105.231.21

🇩🇪 178.201.162.195

🇺🇸 66.132.195.22

🇺🇸 64.31.25.250

🇱🇹 45.227.254.170

🇳🇱 45.154.98.82

🇳🇱 45.148.10.141

🇸🇬 43.160.233.207

🇰🇷 39.115.195.164

🇺🇸 20.98.140.180

🇺🇸 20.64.105.252

🇨🇳 1.48.51.21

🇻🇳 221.132.29.17

🇺🇸 198.46.168.51

🇿🇦 196.192.181.202

🇳🇱 193.176.31.219

🇳🇱 193.176.31.209

🇺🇸 185.191.171.19

🇬🇧 161.12.35.165

🇺🇸 147.185.132.183