JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.127.149

85.121.127.149 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 55%: ?

55%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.127.149

Whois 85.121.127.149

IP Abuse Reports for 85.121.127.149:

This IP address has been reported a total of 33 times from 8 distinct sources. 85.121.127.149 was first reported on June 5th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 07:17:59 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:17:51.398860 2026] [security2:error] [pid 20217:tid 20217] [client 85.121.127.149:37174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.worshipconcert.com"] [uri "/.git/config"] [unique_id "aiPJn5SImGak6dqbNbooMQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-06 06:55:07 (1 day ago)	Blocked by CSF 13 firewall - Rule: config-dotfile RO/Romania/-	Web App Attack
🇧🇪 voormedia	2026-06-06 05:46:03 (1 day ago)	Accessed trap at '/.git/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 04:37:29 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:37:22.227659 2026] [security2:error] [pid 24585:tid 24585] [client 85.121.127.149:39844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woosterclassof64.com"] [uri "/.git/config"] [unique_id "aiOkAudPzkeCDfK_24S90wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 03:54:07 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 23:54:02.767919 2026] [security2:error] [pid 8765:tid 8765] [client 85.121.127.149:42056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.woodburymeadows.org.sailyourkayak.com"] [uri "/.git/config"] [unique_id "aiOZ2t8r7WQTi_IPosNeJAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 02:32:47 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 22:32:41.667200 2026] [security2:error] [pid 7970:tid 7997] [client 85.121.127.149:49644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woadwellness.com"] [uri "/.git/config"] [unique_id "aiOGya-h8wE3e1X5c1cOYAAAAMo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 00:16:33 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 20:16:29.105098 2026] [security2:error] [pid 10000:tid 10000] [client 85.121.127.149:33366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greighhouse.com"] [uri "/.git/config"] [unique_id "aiNm3elb45Jj35v3mpREMQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 23:40:53 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 19:40:47.545925 2026] [security2:error] [pid 10867:tid 10867] [client 85.121.127.149:43792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wintercypher.com"] [uri "/.env.dev"] [unique_id "aiNef66Myemg-UC9ApZD0gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 21:11:34 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 17:11:30.639144 2026] [security2:error] [pid 4539:tid 4539] [client 85.121.127.149:38890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.willmarksynthetics.cosentient.com"] [uri "/.git/config"] [unique_id "aiM7gmBv6-OAXmfeAhbZuAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 21:07:56 (1 day ago)	Blocked: Reason='Suspicious traffic score=90 (review-based detection)'; Requests=55	Hacking
🇺🇸 TPI-Abuse	2026-06-05 20:12:00 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:11:55.098558 2026] [security2:error] [pid 26826:tid 26826] [client 85.121.127.149:49602] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|wildlifetaxidermy.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wildlifetaxidermy.com"] [uri "/storage/logs/laravel.log"] [unique_id "aiMti3IJqLyZJZoYOS-1PwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-05 20:05:46 (1 day ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 18:39:15 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 14:39:10.801590 2026] [security2:error] [pid 16255:tid 16262] [client 85.121.127.149:36892] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wigglebottomsnax.anthonydalessandro.com"] [uri "/.git/config"] [unique_id "aiMXzmfjnL1IJuGGHC0pMQAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 18:13:34 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 14:13:28.120617 2026] [security2:error] [pid 5048:tid 5048] [client 85.121.127.149:37142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wichita-massacre.com"] [uri "/.git/config"] [unique_id "aiMRyPmzz-bleWbmsUtIkwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 17:49:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 13:49:00.716515 2026] [security2:error] [pid 3528:tid 3528] [client 85.121.127.149:37172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whoore.com"] [uri "/.git/config"] [unique_id "aiMMDPaBwfdzEuGE2mbJvAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 123.245.85.2

🇱🇹 62.60.130.238

🇦🇺 4.197.75.18

🇮🇱 212.199.105.109

🇧🇴 181.188.176.242

🇻🇳 171.243.151.177

🇸🇪 155.4.245.222

🇵🇱 104.28.165.61

🇨🇳 101.201.233.222

🇷🇴 80.94.92.182

🇻🇳 14.224.213.222

🇰🇿 5.34.98.155

🇨🇳 163.53.168.23

🇺🇸 159.198.65.46

🇧🇬 91.191.209.118

🇩🇪 82.198.227.130

🇱🇹 81.30.98.144

🇱🇹 45.227.254.170

🇮🇳 223.181.24.82

🇨🇴 186.116.1.219