JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.240.140

85.121.240.140 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 49%: ?

49%

ISP	1GSERVERS, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14315
Domain Name	1gservers.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.240.140

Whois 85.121.240.140

IP Abuse Reports for 85.121.240.140:

This IP address has been reported a total of 7 times from 7 distinct sources. 85.121.240.140 was first reported on June 15th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-16 00:12:29 (1 day ago)	Too many Status 40X (17) Scanning/Probing (16)	Brute-Force Web App Attack
Anonymous	2026-06-16 00:11:00 (1 day ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇨🇭 Origon	2026-06-15 15:43:35 (1 day ago)	http-sensitive-files - IP: 85.121.240.140 - time="2026-06-15T17:43:34+02:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 85.121.240.140 - time="2026-06-15T17:43:34+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 85.121.240.140 (US/14315) : 4h ban on Ip 85.121.240.140" module=db show less	Web App Attack
Anonymous	2026-06-15 14:05:02 (1 day ago)	suspicious request in access.log	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 12:58:09 (1 day ago)	85.121.240.140 - - [15/Jun/2026:15:58:08 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5.0 (c ... show more 85.121.240.140 - - [15/Jun/2026:15:58:08 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" 85.121.240.140 - - [15/Jun/2026:15:58:08 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 10:52:38 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 85.121.240.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.240.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:52:33.751787 2026] [security2:error] [pid 27222:tid 27222] [client 85.121.240.140:46594] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.criarteste.com"] [uri "/api/.env"] [unique_id "ai_ZcREn480zVF3eQyr3ZQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-06-15 09:33:00 (1 day ago)	IPBlock protected site ID [669-fx]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.173.191

🇦🇷 186.148.121.69

🇷🇺 185.42.40.40

🇮🇩 182.13.96.107

🇮🇩 103.190.46.130

🇺🇸 96.44.129.253

🇺🇸 65.49.1.191

🇺🇸 20.171.8.85

🇺🇸 107.175.135.204

🇷🇴 92.118.39.59

🇺🇸 64.62.156.214

🇺🇸 43.130.39.254

🇧🇾 37.214.69.68

🇸🇬 34.142.239.108

🇷🇺 31.6.119.180

🇰🇷 218.148.106.182

🇮🇳 205.254.163.54

🇺🇸 195.184.76.222

🇨🇦 185.213.80.16

🇮🇳 182.95.111.46