JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.127.61

85.121.127.61 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.127.61

Whois 85.121.127.61

IP Abuse Reports for 85.121.127.61:

This IP address has been reported a total of 48 times from 39 distinct sources. 85.121.127.61 was first reported on June 12th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-14 20:02:28 (1 hour ago)	85.121.127.61 - - [14/Jun/2026:23:02:27 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 AppleWe ... show more 85.121.127.61 - - [14/Jun/2026:23:02:27 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" ... show less	Web App Attack
🇩🇪 FeG Deutschland	2026-06-14 18:55:05 (2 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇺🇦 URAN Publishing Service	2026-06-14 17:33:40 (3 hours ago)	85.121.127.61 - - [14/Jun/2026:20:33:39 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compat ... show more 85.121.127.61 - - [14/Jun/2026:20:33:39 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" ... show less	Web App Attack
🇸🇪 KIDOS	2026-06-14 16:59:57 (4 hours ago)	CrowdSec detected malicious activity	DDoS Attack
🇸🇪 KIDOS	2026-06-14 16:44:47 (4 hours ago)	IIS malicious activity: high_400_error_rate (80% of requests are 400 errors)	Web App Attack
🇫🇷 Catalin Negru	2026-06-14 11:16:58 (10 hours ago)	Recidive ban by fail2ban on server.blackbit.ro	Brute-Force
Anonymous	2026-06-14 09:27:13 (12 hours ago)	(caddyscan) Scanner path probe from 85.121.127.61 (NL/The Netherlands/-): 5 in the last 3600 secs; P ... show more (caddyscan) Scanner path probe from 85.121.127.61 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.121.127.61 - - [14/Jun/2026:09:26:58 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 85.121.127.61 - - [14/Jun/2026:09:27:02 +0000] "GET /.env.example HTTP/1.1" [REDACTED] 200 2627 85.121.127.61 - - [14/Jun/2026:09:27:02 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 85.121.127.61 - - [14/Jun/2026:09:27:08 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 85.121.127.61 - - [14/Jun/2026:09:27:08 +0000] "GET /api/.env HTTP/1.1" show less	Port Scan
🇺🇦 URAN Publishing Service	2026-06-14 09:26:06 (12 hours ago)	85.121.127.61 - - [14/Jun/2026:12:26:04 +0300] "GET /.env HTTP/1.1" 404 3211 "-" "Mozilla/5.0 (compa ... show more 85.121.127.61 - - [14/Jun/2026:12:26:04 +0300] "GET /.env HTTP/1.1" 404 3211 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" 85.121.127.61 - - [14/Jun/2026:12:26:05 +0300] "GET /backend/.env HTTP/1.1" 404 3210 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" ... show less	Web App Attack
🇩🇪 ecs.ge	2026-06-14 08:23:15 (13 hours ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇸🇬 Cloudkul Cloudkul	2026-06-14 08:09:15 (13 hours ago)	Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show more Attempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less	Brute-Force Web App Attack
🇬🇧 Aetherweb Ark	2026-06-14 05:38:21 (15 hours ago)	(mod_security) mod_security (id:949110) triggered by 85.121.127.61 (-): N in the last X secs	Web App Attack
🇧🇷 SOC PR	2026-06-14 01:05:03 (20 hours ago)	IPS: Web Server Enforcement Violation.	Hacking
🇫🇮 Ba-Yu	2026-06-13 23:50:42 (21 hours ago)	General hacking/exploits/scanning	Port Scan Exploited Host Web App Attack
🇲🇾 Rizzy	2026-06-13 20:09:06 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 DEV-DNS	2026-06-13 18:17:12 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 38.137.11.14

🇺🇸 34.31.88.250

🇧🇯 154.72.112.79

🇵🇰 103.57.224.219

🇫🇷 85.217.140.26

🇺🇸 66.132.186.241

🇳🇱 45.148.10.157

🇺🇸 34.22.45.138

🇨🇳 14.116.156.100

🇮🇱 2.55.75.176

🇧🇷 2804:7840:1101:7200:a5cc:d620:3be:bd55

🇺🇸 172.70.176.72

🇮🇳 139.59.36.109

🇮🇳 135.13.28.35

🇨🇳 101.126.55.95

🇫🇷 51.68.236.71

🇺🇸 45.140.206.158

🇰🇪 41.215.125.250

🇩🇪 34.107.115.217

🇺🇸 8.230.104.4