JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.248.80.120

142.248.80.120 was found in our database!

This IP was reported 166 times. Confidence of Abuse is 100%: ?

100%

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.248.80.120

Whois 142.248.80.120

IP Abuse Reports for 142.248.80.120:

This IP address has been reported a total of 166 times from 108 distinct sources. 142.248.80.120 was first reported on April 9th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Tha_14	2026-06-19 09:45:43 (6 hours ago)	Multiple erroneous requests	Web App Attack
🇨🇦 Dunham Support	2026-06-19 08:24:55 (8 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 142.248.80.120 (US/United States/-)	SQL Injection
🇺🇸 daveoctober	2026-06-19 08:10:52 (8 hours ago)	October Sentinel: honeypot triggered	Bad Web Bot Web App Attack
Anonymous	2026-06-19 06:56:43 (9 hours ago)	Honey Pot Hit / Attack Vector found!	Port Scan Hacking Web App Attack
🇩🇪 Vegascosmetics	2026-06-19 06:40:41 (9 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇺🇸 TAY	2026-06-19 03:19:19 (13 hours ago)	142.248.80.120 - - [19/Jun/2026:11:19:17 +0800] "GET /.wp-config.php.swp HTTP/1.1" 301 338 "-" "Mozi ... show more 142.248.80.120 - - [19/Jun/2026:11:19:17 +0800] "GET /.wp-config.php.swp HTTP/1.1" 301 338 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 142.248.80.120 - - [19/Jun/2026:11:19:18 +0800] "GET /wp-config.php HTTP/1.1" 200 153 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.120 - - [19/Jun/2026:11:19:18 +0800] "GET /.wp-config.php.swp HTTP/1.1" 404 50167 "https://www.aceflora.com/.wp-config.php.swp" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Brute-Force
Anonymous	2026-06-19 03:18:48 (13 hours ago)	142.248.80.120 - - [19/Jun/2026:05:18:41 +0200] "GET /wp-content/debug.log HTTP/1.1" 403 481 "-" "Mo ... show more 142.248.80.120 - - [19/Jun/2026:05:18:41 +0200] "GET /wp-content/debug.log HTTP/1.1" 403 481 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.120 - - [19/Jun/2026:05:18:42 +0200] "GET /service-account-key.json HTTP/1.1" 404 478 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.120 - - [19/Jun/2026:05:18:42 +0200] "GET /.env.test HTTP/1.1" 403 481 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 142.248.80.120 - - [19/Jun/2026:05:18:42 +0200] "GET /api/.env HTTP/1.1" 403 481 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.120 - - [19/Jun/2026:05:18:42 +0200] "GET /web/.env HTTP/1.1" 403 481 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" 142.248.80.120 - - [19/Jun/2026:05:18:42 +0200] "GET /serviceAccountKey.jso ... show less	DDoS Attack
🇫🇷 masterguru	2026-06-19 02:59:15 (13 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 142.248.80.120 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 142.248.80.120 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 WellSpring	2026-06-19 02:39:44 (13 hours ago)	env leak on palletdrop.org/public/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇧🇪 voormedia	2026-06-19 01:11:56 (15 hours ago)	Accessed trap at '/.env'	Web App Attack
🇩🇪 Nerdscave Hosting	2026-06-19 01:01:02 (15 hours ago)	Apache web server attack detected by Fail2Ban in plesk-apache jail	Web App Attack
🇨🇦 electronico	2026-06-18 23:11:39 (17 hours ago)	142.248.80.120 - - [19/Jun/2026:10:11:36 +1100] "GET /wp-content/debug.log HTTP/1.1" 404 65458 "-" " ... show more 142.248.80.120 - - [19/Jun/2026:10:11:36 +1100] "GET /wp-content/debug.log HTTP/1.1" 404 65458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 142.248.80.120 - - [19/Jun/2026:10:11:36 +1100] "GET /.env HTTP/1.1" 404 65458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.120 - - [19/Jun/2026:10:11:36 +1100] "GET /backend/.env HTTP/1.1" 404 65458 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Edg/146.0.0.0" 142.248.80.120 - - [19/Jun/2026:10:11:36 +1100] "GET /.anthropic/config.json HTTP/1.1" 404 65458 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.120 - - [19/Jun/2026:10:11:36 +1100] "GET /.env.old HTTP/1.1" 404 65458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 1 ... show less	Brute-Force Web App Attack
🇺🇸 jcbriar	2026-06-18 20:16:54 (20 hours ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇮🇩 Burayot	2026-06-18 20:05:58 (20 hours ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 142.248.80.120 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 142.248.80.120 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇬🇧 Apache	2026-06-18 19:12:47 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 142.248.80.120 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:210492) triggered by 142.248.80.120 (US/United States/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack

Showing 1 to 15 of 166 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 186.240.174.49

🇮🇳 182.18.180.44

🇲🇦 105.156.129.13

🇵🇰 103.19.252.30

🇳🇱 91.92.243.207

🇺🇸 52.180.137.70

🇲🇲 37.111.53.110

🇿🇦 196.192.181.202

🇱🇹 185.169.4.123

🇨🇴 181.49.207.198

🇺🇸 141.11.88.15

🇨🇳 114.251.216.72

🇳🇱 107.189.24.77

🇱🇹 45.227.254.170

🇺🇸 5.56.24.71

🇺🇸 216.244.66.239

🇺🇸 192.241.146.103

🇲🇽 187.191.48.4

🇺🇸 162.216.150.119

🇺🇸 152.32.183.236