JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.127.139

85.121.127.139 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.127.139

Whois 85.121.127.139

IP Abuse Reports for 85.121.127.139:

This IP address has been reported a total of 70 times from 42 distinct sources. 85.121.127.139 was first reported on June 5th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Mendip_Defender	2026-06-08 21:43:49 (1 week ago)	85.121.127.139 - - [08/Jun/2026:22:43:45 +0100] "GET /api/v1/settings HTTP/1.1" 404 4929 "-" "Mozill ... show more 85.121.127.139 - - [08/Jun/2026:22:43:45 +0100] "GET /api/v1/settings HTTP/1.1" 404 4929 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
🇳🇱 debestelapp	2026-06-08 21:30:07 (1 week ago)		Web App Attack
Anonymous	2026-06-08 19:55:31 (1 week ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇩🇪 sdos.es	2026-06-08 18:05:52 (1 week ago)	"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"	Web App Attack
🇬🇧 venus.launch.bz	2026-06-08 15:02:16 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 85.121.127.139 (-)	SQL Injection
🇨🇭 Sophie Nina	2026-06-08 15:00:01 (1 week ago)	Automatically blocked by server	Fraud Orders
🇲🇾 Rizzy	2026-06-08 13:45:05 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-08 11:44:07 (1 week ago)	BAD BOT, BAD BOT, WHAT YA GONNA DO - Detected and Blocked.. Matched phrase "Bytespider" at REQUEST_H ... show more BAD BOT, BAD BOT, WHAT YA GONNA DO - Detected and Blocked.. Matched phrase "Bytespider" at REQUEST_HEADERS:User-Agent. (1100000-mnz6-1) show less	Bad Web Bot
🇦🇺 aranguren.org	2026-06-08 11:11:47 (1 week ago)	85.121.127.139 - - [08/Jun/2026:21:11:29 +1000] "GET /debug/pprof/cmdline HTTP/1.1" 404 989 "-" "CCB ... show more 85.121.127.139 - - [08/Jun/2026:21:11:29 +1000] "GET /debug/pprof/cmdline HTTP/1.1" 404 989 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 85.121.127.139 - - [08/Jun/2026:21:11:29 +1000] "GET /.git/config HTTP/1.1" 404 989 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" 85.121.127.139 - - [08/Jun/2026:21:11:30 +1000] "GET /secrets.json HTTP/1.1" 404 989 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" 85.121.127.139 - - [08/Jun/2026:21:11:32 +1000] "GET /.aws/credentials HTTP/1.1" 404 989 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user" 85.121.127.139 - - [08/Jun/2026:21:11:32 +1000] "GET /application.yml HTTP/1.1" 404 989 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" 85.121.127.139 - - [08/Jun/2026:21:11:47 +1000] "GET /functions.js.map HTTP/1.1" 404 9 ... show less	Bad Web Bot
🇺🇸 kosada.com	2026-06-08 09:59:50 (1 week ago)	Web vulnerability probing: /.env.backup (bogus vhost/SNI)	Web App Attack
Anonymous	2026-06-08 09:14:13 (1 week ago)	(caddyscan) Scanner path probe from 85.121.127.139 (NL/The Netherlands/-): 5 in the last 3600 secs; ... show more (caddyscan) Scanner path probe from 85.121.127.139 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.121.127.139 - - [08/Jun/2026:09:14:01 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 85.121.127.139 - - [08/Jun/2026:09:14:02 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 85.121.127.139 - - [08/Jun/2026:09:14:09 +0000] "GET /.env.example HTTP/1.1" [REDACTED] 200 2627 85.121.127.139 - - [08/Jun/2026:09:14:10 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 85.121.127.139 - - [08/Jun/2026:09:14:11 +0000] "GET /.env.local HTTP/1.1" show less	Port Scan
🇳🇱 e.fierstra	2026-06-08 09:06:04 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 raph	2026-06-08 08:21:38 (1 week ago)	[PROTECTED PATHS] crawler credentials.ini, aws.ini, aws.yml, etc.	Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-08 07:40:07 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after harassing activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇸🇰 Eurofluid	2026-06-08 07:02:42 (1 week ago)	You shall not pass ! Abusive behavior blocked by EF firewall.	Port Scan Hacking Brute-Force

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 2400:cb00:1032:1000:8d8:c264:8c14:cdcb

🇲🇾 202.165.29.123

🇨🇳 175.2.34.46

🇺🇸 103.143.238.100

🇫🇷 80.15.223.148

🇺🇸 74.7.244.52

🇪🇸 149.91.97.132

🇺🇸 147.185.132.72

🇻🇳 118.69.226.76

🇰🇷 116.123.150.231

🇲🇦 105.154.187.179

🇺🇸 104.232.79.58

🇵🇪 38.25.65.200

🇷🇺 109.200.111.164

🇺🇸 45.130.83.241

🇻🇳 45.119.212.99

🇩🇪 3.75.135.91

🇺🇸 205.210.31.36

🇬🇧 193.176.29.8

🇮🇳 175.101.131.169