JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.127.25

85.121.127.25 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 42%: ?

42%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.127.25

Whois 85.121.127.25

IP Abuse Reports for 85.121.127.25:

This IP address has been reported a total of 21 times from 11 distinct sources. 85.121.127.25 was first reported on May 29th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-01 01:57:41 (3 weeks ago)	"GET /.git/config HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 22:39:44 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 18:39:37.153707 2026] [security2:error] [pid 28364:tid 28364] [client 85.121.127.25:44864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "churchtop.com"] [uri "/.git/config"] [unique_id "ahtnKRN-dnELiQ68g6pupwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 20:51:30 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 16:51:27.068216 2026] [security2:error] [pid 27036:tid 27075] [client 85.121.127.25:49056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chronotar.maxelon.com"] [uri "/.git/config"] [unique_id "ahtNz8o-CrqTCnxCIzZf8QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-30 20:18:22 (3 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 20:02:28 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 16:02:20.718523 2026] [security2:error] [pid 26723:tid 26723] [client 85.121.127.25:56966] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mathewyoung.com"] [uri "/.git/config"] [unique_id "ahtCTNOrLJnT5VUlsSf42QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 19:09:46 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 15:09:40.861321 2026] [security2:error] [pid 26129:tid 26129] [client 85.121.127.25:49514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrismoratz.com"] [uri "/.git/config"] [unique_id "ahs19EDfreMy0VJNsigAKwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-30 19:07:29 (3 weeks ago)	108 requests with url.path *config.json	Brute-Force Bad Web Bot
🇺🇸 mnsf	2026-05-30 19:05:16 (3 weeks ago)	Abuse Detected (3)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 18:54:30 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 14:54:24.563468 2026] [security2:error] [pid 13570:tid 13570] [client 85.121.127.25:60972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrischamberlain.com"] [uri "/.git/config"] [unique_id "ahsyYDLWzLdB6SxkTAfymQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-30 17:34:32 (3 weeks ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 85.121.127.25 (-)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-30 16:48:59 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 12:48:52.297158 2026] [security2:error] [pid 22732:tid 22732] [client 85.121.127.25:44020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chiquy.com"] [uri "/.git/config"] [unique_id "ahsU9O2rlVk_2nVSSeCnYgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-05-30 13:55:04 (3 weeks ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 08:31:50 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 04:31:44.699633 2026] [security2:error] [pid 28186:tid 28186] [client 85.121.127.25:47388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chicagowca.com"] [uri "/.git/config"] [unique_id "ahqgcAeHWqil1G1u8wPeVwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 07:40:42 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.121.127.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 03:40:38.511417 2026] [security2:error] [pid 24711:tid 24711] [client 85.121.127.25:51972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cheynans.com"] [uri "/.env.old"] [unique_id "ahqUdqm830tKgdUCGWTJHAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 vincent_EUDIER	2026-05-30 06:40:02 (3 weeks ago)	SURICATA HTTP unable to match response to request	Hacking

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 200.10.29.236

🇺🇸 162.243.101.234

🇶🇦 78.101.181.74

🇵🇱 46.203.212.34

🇳🇱 45.148.10.141

🇧🇷 181.224.86.4

🇳🇱 91.92.40.5

🇺🇸 45.156.129.75

🇲🇾 175.142.86.154

🇩🇪 94.26.106.90

🇹🇷 92.45.72.152

🇹🇷 92.45.72.151

🇳🇱 91.92.40.124

🇳🇱 45.148.10.147

🇵🇭 27.110.166.67

🇲🇾 161.142.139.69

🇨🇦 149.56.150.16

🇻🇳 115.73.222.241

🇳🇱 45.148.10.121

🇸🇬 42.60.61.66