JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.248.80.104

142.248.80.104 was found in our database!

This IP was reported 4,134 times. Confidence of Abuse is 100%: ?

100%

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.248.80.104

Whois 142.248.80.104

IP Abuse Reports for 142.248.80.104:

This IP address has been reported a total of 4,134 times from 392 distinct sources. 142.248.80.104 was first reported on April 4th 2026, and the most recent report was 7 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-06-13 22:48:01 (7 minutes ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 Petros Stefanakis	2026-06-13 22:32:15 (23 minutes ago)	(mod_security) mod_security triggered on hostname [redacted] 142.248.80.104 (US/United States/-)	SQL Injection
Anonymous	2026-06-13 20:19:59 (2 hours ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 alecj.com	2026-06-13 19:51:40 (3 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇫🇷 dynamix	2026-06-13 19:43:17 (3 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 15:28:03 (7 hours ago)	142.248.80.104 - - [13/Jun/2026:18:28:03 +0300] "GET /backend/.env HTTP/1.1" 404 485 "-" "Mozilla/5. ... show more 142.248.80.104 - - [13/Jun/2026:18:28:03 +0300] "GET /backend/.env HTTP/1.1" 404 485 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Edg/146.0.0.0" 142.248.80.104 - - [13/Jun/2026:18:28:03 +0300] "GET /api/.env HTTP/1.1" 404 485 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" ... show less	Web App Attack
Anonymous	2026-06-13 11:18:56 (11 hours ago)	142.248.80.104 - - [13/Jun/2026:13:18:27 +0200] "GET /wp-content/debug.log HTTP/1.1" 403 501 "-" "Mo ... show more 142.248.80.104 - - [13/Jun/2026:13:18:27 +0200] "GET /wp-content/debug.log HTTP/1.1" 403 501 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.104 - - [13/Jun/2026:13:18:29 +0200] "GET /.env.test HTTP/1.1" 403 501 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.104 - - [13/Jun/2026:13:18:29 +0200] "GET /.env.backup HTTP/1.1" 403 501 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" 142.248.80.104 - - [13/Jun/2026:13:18:29 +0200] "GET /.env.save HTTP/1.1" 403 501 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:149.0) Gecko/20100101 Firefox/149.0" 142.248.80.104 - - [13/Jun/2026:13:18:29 +0200] "GET /.env.development HTTP/1.1" 403 501 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.104 - - [13/Jun/2026:13:18:29 +0200] "GET /google-credentials.json HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Window ... show less	DDoS Attack
Anonymous	2026-06-13 10:50:39 (12 hours ago)	142.248.80.104 - - [13/Jun/2026:12:50:34 +0200] "GET /wp-content/debug.log HTTP/1.1" 404 447 "-" "Mo ... show more 142.248.80.104 - - [13/Jun/2026:12:50:34 +0200] "GET /wp-content/debug.log HTTP/1.1" 404 447 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 142.248.80.104 - - [13/Jun/2026:12:50:34 +0200] "GET /wp-content/debug.log HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 142.248.80.104 - - [13/Jun/2026:12:50:36 +0200] "GET /public/.env HTTP/1.1" 404 447 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" 142.248.80.104 - - [13/Jun/2026:12:50:36 +0200] "GET /public/.env HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" 142.248.80.104 - - [13/Jun/2026:12:50:36 +0200] "GET /.env.test HTTP/1.1" 404 447 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.3 ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-13 09:29:37 (13 hours ago)	Aggressive web scan	Web App Attack
Anonymous	2026-06-13 03:08:17 (19 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 142.248.80.104 (US/United States/-)	SQL Injection
🇧🇪 voormedia	2026-06-12 23:29:57 (23 hours ago)	Accessed trap at '/.aws/credentials'	Web App Attack
🇫🇷 masterguru	2026-06-12 16:29:11 (1 day ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 142.248.80.104 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 142.248.80.104 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇵🇱 Roper123	2026-06-12 05:45:27 (1 day ago)	Web app exploits	Web App Attack
🇫🇮 Ba-Yu	2026-06-12 05:07:43 (1 day ago)	General hacking/exploits/scanning	Port Scan Exploited Host Web App Attack
Anonymous	2026-06-12 05:04:37 (1 day ago)	Aggressive web scan	Web App Attack

Showing 1 to 15 of 4134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 209.42.18.223

🇩🇪 213.209.159.56

🇫🇮 204.168.240.142

🇸🇬 194.5.82.41

🇺🇸 104.168.40.37

🇳🇱 91.92.40.13

🇳🇱 91.92.40.8

🇺🇸 72.63.20.133

🇺🇸 198.11.178.150

🇩🇪 158.94.208.36

🇰🇷 118.193.69.67

🇹🇼 101.13.5.50

🇩🇪 94.26.106.252

🇺🇸 66.249.89.15

🇪🇨 45.224.97.241

🇬🇧 35.203.210.121

🇳🇱 20.123.146.93

🇺🇸 216.24.210.190

🇲🇾 211.25.241.153

🇳🇱 195.178.110.30