JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.248.80.222

142.248.80.222 was found in our database!

This IP was reported 670 times. Confidence of Abuse is 100%: ?

100%

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.248.80.222

Whois 142.248.80.222

IP Abuse Reports for 142.248.80.222:

This IP address has been reported a total of 670 times from 258 distinct sources. 142.248.80.222 was first reported on March 24th 2026, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 WebNiraj	2026-05-11 08:04:11 (3 weeks ago)	(mod_security) mod_security (id:949110) triggered by 142.248.80.222 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:949110) triggered by 142.248.80.222 (US/United States/-): 5 in the last 3600 secs [SIGMA] show less	Brute-Force
🇩🇪 bescared	2026-05-11 07:28:23 (3 weeks ago)	F2B - Malicious activity detected. URL Probing. -8ff06ede-	Hacking Bad Web Bot Web App Attack
🇨🇦 Roper123	2026-05-11 06:58:24 (3 weeks ago)	Web exploits	Hacking Web App Attack
🇩🇪 todix	2026-05-11 06:20:40 (3 weeks ago)	WebAttack or semilar from 142.248.80.222	Web App Attack
🇩🇪 edena	2026-05-11 05:24:04 (3 weeks ago)	142.248.80.222 - - [11/May/2026:07:24:03 +0200] "GET /secrets.json HTTP/1.1" 403 325 "-" "Mozilla/5. ... show more 142.248.80.222 - - [11/May/2026:07:24:03 +0200] "GET /secrets.json HTTP/1.1" 403 325 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:149.0) Gecko/20100101 Firefox/149.0" 142.248.80.222 - - [11/May/2026:07:24:03 +0200] "GET /.env HTTP/1.1" 403 325 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" 142.248.80.222 - - [11/May/2026:07:24:03 +0200] "GET /.env.local HTTP/1.1" 403 1811 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0" ... show less	Web App Attack Bad Web Bot
Anonymous	2026-05-11 04:59:02 (3 weeks ago)	(PERMBLOCK) 142.248.80.222 (US/United States/-) has had more than 4 temp blocks in the last 86400 se ... show more (PERMBLOCK) 142.248.80.222 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
🇹🇭 Sawasdee	2026-05-11 04:48:07 (3 weeks ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇮🇳 Genhost	2026-05-11 04:46:16 (3 weeks ago)	SCANNING OF PHP SHELL FILES	Brute-Force SSH
🇩🇪 paissangroup	2026-05-11 04:37:53 (3 weeks ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-05-11 03:18:56 (3 weeks ago)	(caddyscan) Scanner path probe from 142.248.80.222 (US/United States/-): 5 in the last 3600 secs; Po ... show more (caddyscan) Scanner path probe from 142.248.80.222 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 142.248.80.222 - - [11/May/2026:03:18:53 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 142.248.80.222 - - [11/May/2026:03:18:54 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 142.248.80.222 - - [11/May/2026:03:18:54 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 142.248.80.222 - - [11/May/2026:03:18:54 +0000] "GET /backend/.env HTTP/1.1" [REDACTED] 200 2627 142.248.80.222 - - [11/May/2026:03:18:54 +0000] "GET /app/.env HTTP/1.1" show less	Port Scan
🇩🇪 FeG Deutschland	2026-05-11 02:58:55 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇱🇻 garmtech.com	2026-05-11 02:31:03 (3 weeks ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇲🇾 Rizzy	2026-05-11 02:09:38 (3 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-05-11 01:35:05 (3 weeks ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇩🇪 piticu iuli	2026-05-11 01:13:56 (3 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 142.248.80.222 (US/United States/-)	SQL Injection

Showing 556 to 570 of 670 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇹🇭 184.22.166.99

🇳🇱 178.16.54.237

🇮🇳 157.48.169.141

🇸🇴 154.118.240.182

🇸🇬 45.78.206.111

🇸🇦 188.50.183.72

🇲🇽 187.190.35.163

🇧🇷 163.198.215.33

🇺🇸 159.89.236.95

🇨🇳 124.174.44.175

🇮🇳 117.251.22.198

🇺🇸 107.167.34.125

🇷🇺 85.142.40.75

🇺🇸 74.82.47.5

🇺🇸 43.166.242.149

🇻🇳 14.164.7.35

🇲🇰 188.44.20.33

🇮🇳 182.76.66.186

🇺🇸 162.216.150.188