JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.127.136

85.121.127.136 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 81%: ?

81%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.127.136

Whois 85.121.127.136

IP Abuse Reports for 85.121.127.136:

This IP address has been reported a total of 34 times from 14 distinct sources. 85.121.127.136 was first reported on June 5th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Matthew Ping	2026-06-06 08:00:01 (2 hours ago)	ModSecurity rule 949110 triggered on wp2. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-06 07:23:13 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:23:09.828565 2026] [security2:error] [pid 26314:tid 26314] [client 85.121.127.136:59260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nysinyd.com.greighhouse.com"] [uri "/.git/config"] [unique_id "aiPK3YUKrPfYrZ2ueX512AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 06:16:12 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 02:16:07.678682 2026] [security2:error] [pid 26202:tid 26202] [client 85.121.127.136:43988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n-vil.com"] [uri "/.git/config"] [unique_id "aiO7J_oGXKe5AcxhKuGaNwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 04:48:28 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:48:21.085276 2026] [security2:error] [pid 30511:tid 30511] [client 85.121.127.136:57744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nuevo.allcostaricarentals.com"] [uri "/.git/config"] [unique_id "aiOmlcGbPI1AdqNnl8xmBAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 04:05:29 (6 hours ago)	Blocked: Reason='Suspicious traffic score=70 (review-based detection)'; Requests=90	Hacking
Anonymous	2026-06-06 02:26:02 (7 hours ago)	Bot / scanning and/or hacking attempts: GET /application.properties HTTP/2.0, GET /.env.test HTTP/2. ... show more Bot / scanning and/or hacking attempts: GET /application.properties HTTP/2.0, GET /.env.test HTTP/2.0, GET /.env HTTP/2.0, GET /.env.local HTTP/2.0, GET /config.env HTTP/2.0 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 02:16:32 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 22:16:28.960730 2026] [security2:error] [pid 8532:tid 8532] [client 85.121.127.136:39162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.noviasaltovacio.com.mx.spyasociados.com"] [uri "/.git/config"] [unique_id "aiOC_ML3DI2uIZ0ov24nGgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-06 01:26:19 (8 hours ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 85.121.127.136 (NL/The Netherlands/-): 1 in th ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 85.121.127.136 (NL/The Netherlands/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-06 00:56:28 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 20:56:22.868437 2026] [security2:error] [pid 11451:tid 11451] [client 85.121.127.136:53684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.notforhirellc.com"] [uri "/.git/config"] [unique_id "aiNwNhEEsxnDxyb0HrUN-QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 23:35:59 (10 hours ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
🇫🇷 dynamix	2026-06-05 23:20:24 (10 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 22:19:03 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 18:18:56.515307 2026] [security2:error] [pid 1517:tid 1517] [client 85.121.127.136:60432] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.northfultonneurology.com"] [uri "/.git/config"] [unique_id "aiNLUIAsm5_FRuJ2BbMo2AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-05 21:42:28 (12 hours ago)	Web vulnerability probing: /storage/logs/laravel.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 21:25:25 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 17:25:21.255269 2026] [security2:error] [pid 8584:tid 8584] [client 85.121.127.136:44038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.norinpaco.com"] [uri "/.git/config"] [unique_id "aiM-wdbXhItn_4gODNRqPAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 joharikop	2026-06-05 20:41:12 (13 hours ago)	Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-cred ... show more Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-credential-probes jail. show less	Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.74.188.179

🇺🇸 172.96.172.91

🇺🇸 84.233.212.41

🇵🇱 82.41.44.126

🇩🇪 82.24.198.102

🇸🇬 54.254.30.196

🇮🇪 54.78.19.169

🇯🇵 52.69.111.248

🇺🇸 44.255.175.214

🇨🇦 16.54.231.44

🇮🇳 13.232.244.82

🇰🇷 13.124.147.39

🇫🇷 13.39.159.127

🇮🇪 3.250.169.183

🇺🇸 3.221.119.225

🇩🇪 167.94.146.42

🇵🇰 154.192.233.99

🇺🇸 134.209.125.71

🇨🇳 120.48.7.181

🇺🇸 107.173.238.116