JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.248.80.16

142.248.80.16 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 100%: ?

100%

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.248.80.16

Whois 142.248.80.16

IP Abuse Reports for 142.248.80.16:

This IP address has been reported a total of 38 times from 30 distinct sources. 142.248.80.16 was first reported on June 15th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-17 10:02:10 (13 hours ago)	142.248.80.16 - - [17/Jun/2026:13:02:10 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 727 "-" "Moz ... show more 142.248.80.16 - - [17/Jun/2026:13:02:10 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 727 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Edg/146.0.0.0" ... show less	Web App Attack
🇸🇪 Per-Erik Runebert	2026-06-17 08:39:43 (15 hours ago)	Excessive unauthorized requests	Hacking
🇩🇪 LRob.fr	2026-06-17 08:15:10 (15 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇫🇷 masterguru	2026-06-17 08:03:56 (15 hours ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-197) show less	Hacking
🇩🇪 Alfafoxtrot	2026-06-17 07:09:16 (16 hours ago)	Reason: mass scanner \| src-ip: 142.248.80.16 \| dport=80 \| Protoc.=TCP \| Inc. 2d: 5	Port Scan
🇺🇸 xmission.com	2026-06-17 05:35:56 (18 hours ago)	Blocked by UFW (TCP on 80) Source port: 7460 TTL: 55 Packet length: 60 TOS: 0x08 This report (for 1 ... show more Blocked by UFW (TCP on 80) Source port: 7460 TTL: 55 Packet length: 60 TOS: 0x08 This report (for 142.248.80.16) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 [email protected]	2026-06-17 04:52:11 (19 hours ago)	Brute force 69 attempts	DDoS Attack SQL Injection Brute-Force SSH
🇧🇪 voormedia	2026-06-16 19:36:33 (1 day ago)	Accessed trap at '/.aws/credentials'	Web App Attack
🇺🇸 WellSpring	2026-06-16 18:59:20 (1 day ago)	env leak on strangertable.org/server/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
Anonymous	2026-06-16 17:43:13 (1 day ago)	142.248.80.16 - - [16/Jun/2026:12:43:01 -0500] "GET /.env.save HTTP/1.1" 403 199 "-" "Mozilla/5.0 (M ... show more 142.248.80.16 - - [16/Jun/2026:12:43:01 -0500] "GET /.env.save HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15" 142.248.80.16 142.248.80.16 - - [16/Jun/2026:12:43:01 -0500] "GET /.env.development HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 142.248.80.16 142.248.80.16 - - [16/Jun/2026:12:43:01 -0500] "GET /.env.staging HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:150.0) Gecko/20100101 Firefox/150.0" 142.248.80.16 142.248.80.16 - - [16/Jun/2026:12:43:01 -0500] "GET /.env.test HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 142.248.80.16 142.248.80.16 - - [16/Jun/2026:12:43:01 -0500] "GET /.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 142.248.80.16 142.248 ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 14:09:37 (1 day ago)	Aggressive web scan	Web App Attack
Anonymous	2026-06-16 13:58:12 (1 day ago)	SOHODE WEBEXPLOIT 142.248.80.16 (142.248.80.16)	Web App Attack
🇫🇷 masterguru	2026-06-16 13:26:08 (1 day ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-06-16 12:27:04 (1 day ago)	142.248.80.16 - - [16/Jun/2026:15:26:59 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 733 "-" "Moz ... show more 142.248.80.16 - - [16/Jun/2026:15:26:59 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 733 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" 142.248.80.16 - - [16/Jun/2026:15:27:03 +0300] "GET /laravel/.env HTTP/1.1" 404 4660 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 09:55:27 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 142.248.80.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 142.248.80.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 05:55:22.456685 2026] [security2:error] [pid 13853:tid 13853] [client 142.248.80.16:28844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.coolcustomweddingproducts.benshermanguitar.com"] [uri "/.env.production.copy"] [unique_id "ajEdiiWLuBLAIjYHTd-KngAAAFo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.2

🇧🇪 198.235.24.186

🇨🇳 175.30.48.196

🇩🇪 167.94.146.66

🇩🇪 156.236.31.85

🇳🇱 91.92.40.8

🇲🇦 81.192.46.29

🇬🇧 35.203.210.3

🇸🇬 188.166.251.103

🇹🇷 185.255.95.139

🇩🇪 185.14.92.28

🇳🇱 176.65.139.85

🇺🇸 162.216.149.33

🇳🇿 121.73.163.143

🇺🇸 91.230.168.200

🇱🇹 46.29.234.126

🇮🇪 34.250.42.81

🇯🇵 8.211.157.94

🇧🇬 91.191.209.74

🇺🇸 35.196.224.84