JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.127.124

85.121.127.124 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.127.124

Whois 85.121.127.124

IP Abuse Reports for 85.121.127.124:

This IP address has been reported a total of 42 times from 36 distinct sources. 85.121.127.124 was first reported on June 1st 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-04 04:16:47 (1 hour ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇬🇧 Yosi	2026-06-03 22:36:33 (7 hours ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇦 URAN Publishing Service	2026-06-03 22:33:20 (7 hours ago)	85.121.127.124 - - [04/Jun/2026:01:33:19 +0300] "GET /.env HTTP/1.1" 404 726 "https://vd.zntu.edu.ua ... show more 85.121.127.124 - - [04/Jun/2026:01:33:19 +0300] "GET /.env HTTP/1.1" 404 726 "https://vd.zntu.edu.ua/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" ... show less	Web App Attack
🇩🇪 club77	2026-06-03 21:41:57 (8 hours ago)	85.121.127.124 - - [04/Jun/2026:05:41:53 +0800] "GET /.git/HEAD HTTP/1.1" 404 102754 "https://vicini ... show more 85.121.127.124 - - [04/Jun/2026:05:41:53 +0800] "GET /.git/HEAD HTTP/1.1" 404 102754 "https://vicinity.life/.git/HEAD" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 85.121.127.124 - - [04/Jun/2026:05:41:56 +0800] "GET /.git/config HTTP/1.1" 404 106762 "https://vicinity.life/.git/config" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 85.121.127.124 - - [04/Jun/2026:05:41:57 +0800] "GET /.env.development HTTP/1.1" 404 102817 "https://vicinity.life/.env.development" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 Joop	2026-06-03 21:29:55 (8 hours ago)	2026-06-03 23:29:52 +0200 s4 /.git/config	Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-03 20:24:38 (9 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-03 20:08:44 (9 hours ago)	85.121.127.124 - - [03/Jun/2026:23:08:43 +0300] "GET /api/.env HTTP/1.1" 404 3349 "-" "Mozilla/5.0 ( ... show more 85.121.127.124 - - [03/Jun/2026:23:08:43 +0300] "GET /api/.env HTTP/1.1" 404 3349 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 85.121.127.124 - - [03/Jun/2026:23:08:43 +0300] "GET /backend/.env HTTP/1.1" 404 3297 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" ... show less	Web App Attack
🇩🇪 Dominik Lysiak	2026-06-03 18:50:44 (11 hours ago)	85.121.127.124 - - [03/Jun/2026:20:50:42 +0200] "GET /.git/HEAD HTTP/1.1" 422 496 "-" "Mozilla/5.0 ( ... show more 85.121.127.124 - - [03/Jun/2026:20:50:42 +0200] "GET /.git/HEAD HTTP/1.1" 422 496 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 85.121.127.124 - - [03/Jun/2026:20:50:42 +0200] "GET /.env HTTP/1.1" 422 496 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 85.121.127.124 - - [03/Jun/2026:20:50:43 +0200] "GET /.env.local HTTP/1.1" 422 496 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" ... show less	Web App Attack
🇦🇱 router.al	2026-06-03 17:41:37 (12 hours ago)	06/03/2026-17:41:37.185598 85.121.127.124 Protocol: 6 GPL WEB_SERVER 403 Forbidden	Port Scan
🇩🇪 FeG Deutschland	2026-06-03 13:20:42 (16 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇺🇸 kosada.com	2026-06-03 12:59:36 (16 hours ago)	Web vulnerability probing: /.git/config	Web App Attack
🇮🇹 madaello	2026-06-03 12:47:48 (17 hours ago)	85.121.127.124 - - [03/Jun/2026:14:47:43 +0200] "GET /.env?password-protected=login&redirect_to=http ... show more 85.121.127.124 - - [03/Jun/2026:14:47:43 +0200] "GET /.env?password-protected=login&redirect_to=https%3A%2F%2Ftest.nwp.to.it%2F.env HTTP/1.1" 404 5203 "https://test.nwp.to.it/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" 85.121.127.124 - - [03/Jun/2026:14:47:44 +0200] "GET /.git/HEAD?password-protected=login&redirect_to=https%3A%2F%2Ftest.nwp.to.it%2F.git%2FHEAD HTTP/1.1" 404 9179 "https://test.nwp.to.it/.git/HEAD" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" 85.121.127.124 - - [03/Jun/2026:14:47:44 +0200] "GET /.env.production?password-protected=login&redirect_to=https%3A%2F%2Ftest.nwp.to.it%2F.env.production HTTP/1.1" 404 5236 "https://test.nwp.to.it/.env.production" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" 85.121.127.124 - - [03/Jun/2026:14:47:45 +0200] "GET /e ... show less	Web App Attack
Anonymous	2026-06-03 09:45:16 (20 hours ago)	85.121.127.124 - - [03/Jun/2026:11:45:11 +0200] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 ... show more 85.121.127.124 - - [03/Jun/2026:11:45:11 +0200] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Web App Attack
🇩🇪 FeG Deutschland	2026-06-02 21:53:23 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇧🇷 Halux	2026-06-02 21:03:14 (1 day ago)	85.121.127.124 Probing protected path or service	Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 192.109.200.78

🇺🇸 172.217.36.85

🇺🇸 162.240.12.204

🇺🇸 162.216.150.172

🇺🇸 135.237.122.43

🇮🇹 91.80.152.183

🇺🇸 69.73.187.130

🇨🇳 36.106.167.11

🇺🇸 15.204.132.78

🇳🇱 188.166.24.130

🇫🇷 91.231.89.229

🇵🇱 87.251.64.156

🇬🇧 81.19.219.213

🇷🇺 72.56.238.74

🇬🇧 51.195.215.16

🇺🇸 50.116.2.219

🇮🇳 43.229.90.49

🇬🇧 35.203.211.130

🇬🇧 193.163.125.215

🇬🇧 193.163.125.154