JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.240.133

85.121.240.133 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 44%: ?

44%

ISP	1GSERVERS, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14315
Domain Name	1gservers.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.240.133

Whois 85.121.240.133

IP Abuse Reports for 85.121.240.133:

This IP address has been reported a total of 8 times from 6 distinct sources. 85.121.240.133 was first reported on June 15th 2026, and the most recent report was 12 seconds ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 dzpk	2026-06-15 17:33:26 (12 seconds ago)	[15/Jun/2026:19:33:26 +0200] 178154480675.426515 85.121.240.133 39478 HOST 443 [15/Jun/2026:19:33:26 ... show more [15/Jun/2026:19:33:26 +0200] 178154480675.426515 85.121.240.133 39478 HOST 443 [15/Jun/2026:19:33:26 +0200] 178154480630.596783 85.121.240.133 39478 HOST 443 [15/Jun/2026:19:33:26 +0200] 178154480669.252387 85.121.240.133 39478 HOST 443 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:11:48 (21 minutes ago)	(mod_security) mod_security (id:210492) triggered by 85.121.240.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.240.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:11:40.667710 2026] [security2:error] [pid 18502:tid 18502] [client 85.121.240.133:46396] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scoutinsignia.com"] [uri "/.env"] [unique_id "ajAyTOY1A9ql5MAqHJWNNgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 13:18:36 (4 hours ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 12:32:44 (5 hours ago)	85.121.240.133 - - [15/Jun/2026:15:32:32 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5.0 (c ... show more 85.121.240.133 - - [15/Jun/2026:15:32:32 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" 85.121.240.133 - - [15/Jun/2026:15:32:44 +0300] "GET /app/.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:56:43 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.240.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.240.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:56:40.176549 2026] [security2:error] [pid 28764:tid 28764] [client 85.121.240.133:35590] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.streetfightfilm.com"] [uri "/.env"] [unique_id "ai_oeI2bwT-pjupvZkYNjwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-15 09:29:07 (8 hours ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/api/.env	Web App Attack
Anonymous	2026-06-15 09:24:01 (8 hours ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:16:22 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.240.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.240.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:16:17.395176 2026] [security2:error] [pid 6205:tid 6205] [client 85.121.240.133:43148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.oposicionesyconcursos.es"] [uri "/.env.example"] [unique_id "ai_C4eoXws_14chxVU95HAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.94.25.243

🇲🇽 200.68.161.186

🇲🇽 187.190.35.163

🇺🇸 162.216.149.152

🇺🇸 162.40.200.177

🇮🇹 91.80.132.173

🇪🇸 83.40.36.135

🇩🇪 43.228.157.10

🇨🇦 20.151.108.150

🇨🇳 14.103.118.167

🇵🇰 139.135.40.153

🇮🇹 88.147.30.59

🇪🇸 82.223.68.64

🇱🇹 45.227.254.170

🇨🇳 36.141.79.94

🇷🇴 2.57.122.238

🇮🇳 203.145.143.163

🇻🇪 190.142.97.50

🇨🇴 190.5.200.98

🇬🇧 188.240.59.14