JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.215.245

85.121.215.245 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.215.245

Whois 85.121.215.245

IP Abuse Reports for 85.121.215.245:

This IP address has been reported a total of 155 times from 108 distinct sources. 85.121.215.245 was first reported on May 23rd 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-06 12:04:26 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-06 11:51:55 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇹🇷 baku.hosting	2026-06-06 11:26:00 (2 weeks ago)	CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 85.121.215.245 (RO/Romania/-): ... show more CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 85.121.215.245 (RO/Romania/-): 5 in the last 3600 secs show less	Brute-Force Web App Attack
🇦🇺 [email protected]	2026-06-06 11:18:37 (2 weeks ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /v1/graphql	Web App Attack
Anonymous	2026-06-06 10:32:05 (2 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 85.121.215.245 (RO/Romania/-)	SQL Injection
🇬🇧 consul.to	2026-06-06 09:45:28 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 FeG Deutschland	2026-06-06 09:38:13 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇬🇧 andypiper	2026-06-06 01:03:09 (2 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-05 16:39:07 (2 weeks ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 12:06:25 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.121.215.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.215.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 08:06:21.699406 2026] [security2:error] [pid 1146:tid 1146] [client 85.121.215.245:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "camera.365soft.top"] [uri "/.git/config"] [unique_id "aiK7va_Sct6Uzv-WNPpuBAAAAAQ"], referer: http://camera.365soft.top/.git/config show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 WMK965	2026-06-05 10:58:22 (2 weeks ago)	85.121.215.245 - - [05/Jun/2026:18:57:36 +0800] "GET /application.yml HTTP/2.0" 404 1424 "-" "Mozill ... show more 85.121.215.245 - - [05/Jun/2026:18:57:36 +0800] "GET /application.yml HTTP/2.0" 404 1424 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "-" 85.121.215.245 - - [05/Jun/2026:18:57:36 +0800] "GET /secrets.yml HTTP/2.0" 404 1424 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" "-" 85.121.215.245 - - [05/Jun/2026:18:57:36 +0800] "GET /secrets.json HTTP/2.0" 404 1424 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" "-" 85.121.215.245 - - [05/Jun/2026:18:58:21 +0800] "GET /v1/graphql HTTP/2.0" 404 1424 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" "-" 85.121.215.245 - - [05/Jun/2026:18:58:21 +0800] "GET /__/firebase/init.json HTTP/2.0" 404 1424 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" "-" show less	Port Scan Web App Attack
🇨🇭 TheCoon	2026-06-05 09:30:01 (2 weeks ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇵🇱 rafamiga	2026-06-05 04:07:00 (2 weeks ago)	2026/06/05 06:07:48 [error] 24371#24371: 3755422 access forbidden by rule, client: 85.121.215.245, ... show more 2026/06/05 06:07:48 [error] 24371#24371: 3755422 access forbidden by rule, client: 85.121.215.245, server: .pl, request: "GET /.npmrc HTTP/1.1", host: "www..pl" 2026/06/05 06:07:48 [error] 24368#24368: 3755414 access forbidden by rule, client: 85.121.215.245, server: .pl, request: "GET /service-account.json HTTP/1.1", host: "www..pl" 2026/06/05 06:07:49 [error] 24371#24371: 3755422 access forbidden by rule, client: 85.121.215.245, server: .pl, request: "GET /settings.py HTTP/1.1", host: "www..pl" 2026/06/05 06:07:58 [error] 24368#24368: 3755414 access forbidden by rule, client: 85.121.215.245, server: .pl, request: "GET /v1/graphql HTTP/1.1", host: "www..pl" 2026/06/05 06:07:58 [error] 24371#24371: 3755416 access forbidden by rule, client: 85.121.215.245, server: .pl, request: "GET /__/firebase/init.json HTTP/1.1", host: "www..pl" show less	Port Scan
🇵🇱 ketovoila.pl	2026-06-05 01:57:30 (2 weeks ago)	ketovoila.pl web app secret/repository scan: hits=23; unique_paths=23; sample_paths=/.aws/credential ... show more ketovoila.pl web app secret/repository scan: hits=23; unique_paths=23; sample_paths=/.aws/credentials,/.git/config,/secrets.json; UA="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot"; window=2026-06-05T01:57:30Z..2026-06-05T01:58:25Z show less	Bad Web Bot Web App Attack
🇵🇱 dzpk	2026-06-04 20:15:44 (2 weeks ago)	[04/Jun/2026:22:15:43 +0200] 178060414337.691331 85.121.215.245 48172 HOST 443 [04/Jun/2026:22:15:43 ... show more [04/Jun/2026:22:15:43 +0200] 178060414337.691331 85.121.215.245 48172 HOST 443 [04/Jun/2026:22:15:43 +0200] 178060414378.277568 85.121.215.245 48172 HOST 443 [04/Jun/2026:22:15:44 +0200] 178060414416.852300 85.121.215.245 48172 HOST 443 show less	Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 142.252.6.67

🇺🇸 137.184.113.247

🇸🇬 118.139.167.102

🇮🇩 103.59.161.159

🇺🇸 71.6.199.23

🇨🇳 58.247.139.54

🇳🇱 45.148.10.200

🇺🇸 20.9.28.111

🇧🇷 177.192.20.135

🇻🇳 160.191.242.222

🇪🇨 157.100.69.64

🇨🇳 110.73.45.31

🇬🇧 81.19.219.223

🇳🇱 45.155.90.234

🇺🇸 35.236.224.176

🇩🇪 213.209.159.175

🇵🇱 194.180.49.216

🇨🇳 182.123.46.222

🇧🇷 45.170.179.230

🇳🇱 45.156.87.254