JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.126.211

85.121.126.211 was found in our database!

This IP was reported 172 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.126.211

Whois 85.121.126.211

IP Abuse Reports for 85.121.126.211:

This IP address has been reported a total of 172 times from 109 distinct sources. 85.121.126.211 was first reported on March 20th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-05-17 21:03:17 (2 weeks ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇪🇸 Gem	2026-05-15 22:09:23 (3 weeks ago)	Unauthorized web scan.	Web App Attack
🇩🇪 Holger	2026-05-14 16:58:15 (3 weeks ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇮🇳 evicky2002	2026-05-13 07:18:32 (3 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 Jakub Sikora	2026-05-13 06:00:58 (3 weeks ago)	PHP webshell scanner detected by honeytrap. Threat score: 166, total requests: 19. Probed paths: /ro ... show more PHP webshell scanner detected by honeytrap. Threat score: 166, total requests: 19. Probed paths: /robots.txt, /.env, /.env.staging. Triggered honeypots: robots, canary_env. show less	Hacking Bad Web Bot Web App Attack
🇭🇺 DumaNet	2026-05-13 03:18:00 (3 weeks ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 May 11. 18:15:42 Source IP: 85.121 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 May 11. 18:15:42 Source IP: 85.121.126.211 Portion of the log(s): 85.121.126.211 - - [11/May/2026:18:15:41 +0200] "GET /.astro/manifest.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CohereBot/1.0; +https://cohere.com/bot)" 85.121.126.211 - - [11/May/2026:18:15:39 +0200] "GET /_nuxt/builds/latest.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)" 85.121.126.211 - - [11/May/2026:18:15:37 +0200] "GET /_nuxt/manifest.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CohereBot/1.0; +https://cohere.com/bot)" 85.121.126.211 - - [11/May/2026:18:15:33 +0200] "GET /dist/.vite/manifest.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Meta-ExternalAgent/1.1; +https://developers.facebook.com/docs/sharing/webmasters/crawler)" 85.121.126.211 - - [11/May/2026:18:15:31 +0200] "GET /dist/manifest.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KH show less	Web App Attack
🇫🇷 SpaceHost-Server	2026-05-12 22:34:40 (3 weeks ago)		Brute-Force Web App Attack
🇺🇸 alecj.com	2026-05-12 12:08:09 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 WellSpring	2026-05-12 11:16:45 (3 weeks ago)	env leak on 802.today/admin/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇩🇪 Viveronese	2026-05-12 11:15:19 (3 weeks ago)	HTTP vulnerability scanning	Web App Attack
Anonymous	2026-05-12 10:10:02 (3 weeks ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇱🇻 garmtech.com	2026-05-12 09:40:19 (3 weeks ago)	Attempted access to sensitive endpoint (/.git/config) detected. Automated scan or unauthorized probi ... show more Attempted access to sensitive endpoint (/.git/config) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇩🇪 AbuseBaer	2026-05-12 09:18:42 (3 weeks ago)	access attempt detected by IDS script (B)	Web App Attack
🇩🇪 gadix	2026-05-12 08:46:13 (3 weeks ago)	[12/May/2026:10:46:09.244989 +0200] agLo0dh-Np3Tf0BqlBeI_QAAAAc 85.121.126.211 33964 127.0.0.1 7081 ... show more [12/May/2026:10:46:09.244989 +0200] agLo0dh-Np3Tf0BqlBeI_QAAAAc 85.121.126.211 33964 127.0.0.1 7081 [12/May/2026:10:46:09.246759 +0200] agLo0QLTcenCnTvk4X_EtQAAAAQ 85.121.126.211 33968 127.0.0.1 7081 [12/May/2026:10:46:09.249694 +0200] agLo0Qr8gCJ0kQDjQPq4TwAAAAY 85.121.126.211 33974 127.0.0.1 7081 ... show less	Web App Attack
🇩🇪 itsolon	2026-05-12 08:45:52 (3 weeks ago)	[12/May/2026:10:45:51 +0200] 177857555122.014544 85.121.126.211 33058 217.154.7.177 443 [12/May/2026 ... show more [12/May/2026:10:45:51 +0200] 177857555122.014544 85.121.126.211 33058 217.154.7.177 443 [12/May/2026:10:45:51 +0200] 177857555196.602875 85.121.126.211 33250 217.154.7.177 443 [12/May/2026:10:45:51 +0200] 177857555124.057613 85.121.126.211 33106 217.154.7.177 443 [12/May/2026:10:45:51 +0200] 177857555132.736659 85.121.126.211 33168 217.154.7.177 443 [12/May/2026:10:45:51 +0200] 177857555199.157322 85.121.126.211 33152 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack

Showing 1 to 15 of 172 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.226.197.15

🇩🇪 167.94.146.47

🇭🇰 152.32.135.217

🇫🇮 147.185.133.230

🇬🇧 35.203.210.16

🇩🇪 172.86.92.75

🇺🇸 162.216.149.63

🇩🇰 158.173.74.40

🇺🇸 152.32.235.107

🇺🇸 147.185.132.209

🇧🇩 103.171.69.74

🇩🇪 54.37.74.179

🇳🇱 213.152.161.54

🇳🇱 195.178.110.30

🇸🇬 161.118.200.99

🇺🇸 152.53.81.25

🇺🇸 139.144.239.98

🇰🇷 211.221.2.119

🇮🇷 188.213.197.169

🇷🇴 92.118.39.236