JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.199.201.142

104.199.201.142 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 83%: ?

83%

ISP	Google LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS396982
Hostname(s)	142.201.199.104.bc.googleusercontent.com
Domain Name	google.com
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.199.201.142

Whois 104.199.201.142

IP Abuse Reports for 104.199.201.142:

This IP address has been reported a total of 17 times from 15 distinct sources. 104.199.201.142 was first reported on May 3rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 22:00:17 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-15	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-15 07:12:00 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 104.199.201.142 (142.201.199.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.199.201.142 (142.201.199.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:11:54.284016 2026] [security2:error] [pid 23175:tid 23175] [client 104.199.201.142:44934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trompelart.com"] [uri "/.env.txt"] [unique_id "ai-luv_hPTkPHp0s0AlRUgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 06:21:50 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:16:12 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 104.199.201.142 (142.201.199.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.199.201.142 (142.201.199.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:16:08.242334 2026] [security2:error] [pid 4066:tid 4066] [client 104.199.201.142:32818] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dorismitchell.com.billymitchell.com"] [uri "/test/.env"] [unique_id "ai98iNm9eJDtYtwd1yEz6wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-15 02:48:54 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:44:27 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 104.199.201.142 (142.201.199.104.bc.googleuserc ... show more (mod_security) mod_security (id:210492) triggered by 104.199.201.142 (142.201.199.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:44:22.404206 2026] [security2:error] [pid 9876:tid 9876] [client 104.199.201.142:41198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jwphotodesign.jonathanwilson.me"] [uri "/.env.local.bak"] [unique_id "ai9nBiDahPP1q28KrtxhHgAAAFo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-15 00:19:34 (2 days ago)	Scanning/Probing (91)	Brute-Force Web App Attack
🇮🇩 Burayot	2026-06-14 23:16:36 (2 days ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.199.201.142 (TW/Taiwan/142.201.1 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.199.201.142 (TW/Taiwan/142.201.199.104.bc.googleusercontent.com): 2 in the last 3600 secs show less	Web App Attack
🇩🇪 updown.io	2026-06-14 22:29:21 (2 days ago)	{"level":"info","ts":1781476159.007266,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781476159.007266,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.199.201.142","remote_port":"57168","client_ip":"104.199.201.142","proto":"HTTP/1.1","method":"GET","host":"status.musicwithamission.com","uri":"/config/sendgrid.env","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/4.0 (compatible; MSIE 5.0; Series80/2.0 Nokia9500/4.51 Profile/MIDP-2.0 Configuration/CLDC-1.1)"],"Accept-Charset":["utf-8"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.musicwithamission.com","ech":false}},"bytes_read":0,"user_id":"","duration":0.000070375,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1781476159.012011,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"104.199.201.142","remote_port":"57122","client_ip":"104.199.201.142","proto":"HTTP/1.1" ... show less	DDoS Attack Web App Attack
Anonymous	2026-06-14 21:20:02 (2 days ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇺🇸 jormaster3k	2026-06-14 16:02:38 (3 days ago)	Attack against Apache (too many 404s)	Web App Attack
🇳🇱 Site.eu	2026-06-14 05:01:54 (3 days ago)	Excessive 404/403 errors	Brute-Force
🇮🇹 VHosting	2026-06-14 02:25:04 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-06-14 02:11:10 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-13 23:59:37 (3 days ago)	Aggressive web scan	Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 201.186.40.250

🇵🇱 194.113.39.2

🇩🇪 194.88.98.119

🇵🇱 193.239.125.148

🇯🇵 168.138.46.207

🇹🇼 101.13.5.26

🇪🇸 84.126.67.6

🇵🇪 38.210.104.236

🇺🇸 2a04:c300:400::1e6

🇨🇳 221.239.6.44

🇺🇸 172.173.67.22

🇻🇳 113.190.252.33

🇿🇦 105.233.67.36

🇹🇳 102.110.7.34

🇩🇪 47.254.172.114

🇩🇪 46.101.173.8

🇵🇰 39.61.146.240

🇧🇷 205.210.31.144

🇵🇦 190.141.121.101

🇦🇷 181.47.223.232