JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.215.239

85.121.215.239 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.215.239

Whois 85.121.215.239

IP Abuse Reports for 85.121.215.239:

This IP address has been reported a total of 120 times from 94 distinct sources. 85.121.215.239 was first reported on May 23rd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-30 21:59:13 (4 days ago)	Auto-ban: >3000 req/min op 2026-05-30	Web App Attack SSH Hacking
🇺🇸 Epimetheus	2026-05-30 21:52:43 (4 days ago)	Zombie network / Bot scanner detected: [GET] /wp-json/ [GET] /wp-json/wp/v2/ [GET] /service-worker. ... show more Zombie network / Bot scanner detected: [GET] /wp-json/ [GET] /wp-json/wp/v2/ [GET] /service-worker.js [GET] /redoc [GET] /api/openapi.json [GET] /api/docs [GET] /v3/api-docs [GET] /api/swagger.json [GET] /api-docs [GET] /v2/api-docs [GET] /openapi.json [GET] /.well-known/oauth-authorization-server [GET] /security.txt [GET] /oauth2/.well-known/openid-configuration [GET] /swagger/v1/swagger.json [GET] /.well-known/openid-configuration [GET] /swagger.json [GET] /__/firebase/init.json [GET] /api/v1/settings [GET] /config.js [GET] /config.json [GET] /api/v1/env [GET] /api/settings [GET] /api/config [GET] /webpack-stats.json [GET] /.git/config [GET] /vault.env [GET] /sitemap.xml UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot show less	Bad Web Bot Exploited Host Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-05-30 21:40:21 (4 days ago)	2026/05/30 22:40:17 [error] 1725765#1725765: 498915 access forbidden by rule, client: 85.121.215.23 ... show more 2026/05/30 22:40:17 [error] 1725765#1725765: 498915 access forbidden by rule, client: 85.121.215.239, server: webapp.gwynethllewelyn.net, request: "GET /.env HTTP/2.0", host: "webapp.gwynethllewelyn.net" 85.121.215.239 - - [30/May/2026:22:40:17 +0100] "GET /.env HTTP/2.0" 403 1166 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot" 2026/05/30 22:40:19 [error] 1725765#1725765: *498915 access forbidden by rule, client: 85.121.215.239, server: webapp.gwynethllewelyn.net, request: "GET /admin/.env HTTP/2.0", host: "webapp.gwynethllewelyn.net" show less	Brute-Force Web App Attack
🇩🇪 IloGus	2026-05-30 20:45:12 (4 days ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 Charlesiv	2026-05-30 20:01:07 (4 days ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 9009 (M247 Europe SRL) ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 9009 (M247 Europe SRL) Protocol: HTTP/2 (GET method) Endpoint: /redoc Timestamp: 2026-05-30T18:27:01Z Ray ID: a03fca5ccea439b4 UA: Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com) show less	Bad Web Bot
Anonymous	2026-05-30 19:28:00 (4 days ago)	attempting file access to forbidden files	Brute-Force Web App Attack Hacking
🇺🇸 infra-monitor	2026-05-30 19:00:05 (4 days ago)	Automated ban via infra-monitor: suspicious-probe, crowdsecurity/http-sensitive-files, crowdsecurity ... show more Automated ban via infra-monitor: suspicious-probe, crowdsecurity/http-sensitive-files, crowdsecurity/http-probing show less	Port Scan Web App Attack
🇩🇪 Ba-Yu	2026-05-30 17:09:19 (4 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇬🇧 consul.to	2026-05-30 16:33:02 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-05-30 12:48:01 (4 days ago)	Malicious activity detected	Hacking Web App Attack
🇫🇷 Kimax	2026-05-30 12:39:57 (4 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇦 URAN Publishing Service	2026-05-30 12:26:16 (4 days ago)	85.121.215.239 - - [30/May/2026:15:26:13 +0300] "GET /vault.env HTTP/1.1" 404 729 "-" "Mozilla/5.0 ( ... show more 85.121.215.239 - - [30/May/2026:15:26:13 +0300] "GET /vault.env HTTP/1.1" 404 729 "-" "Mozilla/5.0 (Linux; Android 14; V2309A) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36" 85.121.215.239 - - [30/May/2026:15:26:16 +0300] "GET /public/.env HTTP/1.1" 404 3275 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 YaBrowser/24.10.0.0 Safari/537.36" ... show less	Web App Attack
🇦🇺 aranguren.org	2026-05-30 04:18:32 (5 days ago)	85.121.215.239 - - [30/May/2026:14:18:31 +1000] "GET /cgi-bin/dsc-grapher.pl HTTP/1.1" 401 1235 "-" ... show more 85.121.215.239 - - [30/May/2026:14:18:31 +1000] "GET /cgi-bin/dsc-grapher.pl HTTP/1.1" 401 1235 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 85.121.215.239 - - [30/May/2026:14:18:31 +1000] "GET /ipv6 HTTP/1.1" 404 986 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 85.121.215.239 - - [30/May/2026:14:18:31 +1000] "GET /rutorrent/ HTTP/1.1" 403 990 "-" "Mozilla/5.0 (iPad; CPU OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Mobile/15E148 Safari/604.1" 85.121.215.239 - - [30/May/2026:14:18:31 +1000] "GET /cgi-bin/nph-proxy.cgi HTTP/1.1" 404 986 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" 85.121.215.239 - - [30/May/2026:14:18:31 +1000] "GET /nagios/ HTTP/1.1" 401 1220 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safa ... show less	Bad Web Bot
🇺🇸 MPL	2026-05-30 03:31:50 (5 days ago)	tcp ports: 443,80 (4 or more attempts)	Port Scan
🇳🇱 Site.eu	2026-05-30 00:47:09 (5 days ago)	Excessive multi-domain requests	Brute-Force

Showing 31 to 45 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.181.164.232

🇨🇳 180.143.166.97

🇨🇳 120.227.137.100

🇨🇳 116.149.251.15

🇨🇳 116.22.31.142

🇮🇳 103.123.53.88

🇨🇳 14.212.216.15

🇬🇧 193.163.125.135

🇧🇷 191.243.242.2

🇨🇳 183.7.15.52

🇭🇰 156.245.246.50

🇭🇰 152.32.251.182

🇺🇸 152.32.205.153

🇨🇳 112.103.94.101

🇧🇩 103.42.5.132

🇺🇸 66.240.223.208

🇯🇵 35.78.242.100

🇮🇳 2409:40f2:101a:7969:bc9b:b4df:3502:b82

🇨🇳 220.187.15.84

🇨🇳 183.7.131.152