JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.245.15

85.121.245.15 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.245.15

Whois 85.121.245.15

IP Abuse Reports for 85.121.245.15:

This IP address has been reported a total of 74 times from 53 distinct sources. 85.121.245.15 was first reported on May 28th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 cityhunter_rhone	2026-06-01 10:02:58 (3 days ago)	=== RAPPORT ABUSE === IP source : 85.121.245.15 Pays : Hong Kong Periode ... show more === RAPPORT ABUSE === IP source : 85.121.245.15 Pays : Hong Kong Periode : 24 dernieres heures Requetes total : 131 Mitigation CF : 131 Top URLs ciblees : /api/env /webpack-stats.json /runtime-config.js /.env.bak /__/firebase/init.json /.env.test /.env.local /storage/logs/laravel.log /config.js /.env User-Agents observes : Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html) Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot Mozilla/5.0 (Linux; U; Android 14; zh-CN; SM-S921B Build/UP1A.231005.007) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/131.0.0.0 MQQBrowser/14.5 Mo Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected] Actions Cloudflare : Bloque (131) show less	Port Scan Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-05-31 20:57:33 (3 days ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
🇺🇸 Major Hostility	2026-05-31 20:40:35 (3 days ago)	"GET /secrets.json HTTP/1.1" 404 "GET /.git/config HTTP/1.1" 404 "GET /application.yml HTTP/1.1" 404 ... show more "GET /secrets.json HTTP/1.1" 404 "GET /.git/config HTTP/1.1" 404 "GET /application.yml HTTP/1.1" 404 "GET /.aws/credentials HTTP/1.1" 404 "GET /config/application.properties HTTP/1.1" 404 "GET /vault.env HTTP/1.1" 404 "GET /secrets.yml HTTP/1.1" 404 "GET /application.properties HTTP/1.1" 404 "GET /storage/logs/laravel.log HTTP/1.1" 404 "GET /config/secrets.yml HTTP/1.1" 404 "GET /.env.local HTTP/1.1" 404 "GET /.env.production HTTP/1.1" 404 "GET /.env HTTP/1.1" 404 show less	Web App Attack
🇺🇸 antlac1	2026-05-31 19:42:49 (3 days ago)	crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-05-31 16:43:23 (3 days ago)	Try to access /.aws/credentials	Web App Attack
🇦🇺 2000cn.com.au	2026-05-31 15:39:56 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 Melle	2026-05-31 15:10:10 (3 days ago)	Blocked by CrowdSec \| Scenario: crowdsecurity/http-sensitive-files \| 85.121.245.15 triggered 5 event ... show more Blocked by CrowdSec \| Scenario: crowdsecurity/http-sensitive-files \| 85.121.245.15 triggered 5 events \| Detected: 2026-05-31T15:10:08.745428319Z show less	Web App Attack Hacking
🇦🇹 penguin-solutions.at	2026-05-31 14:30:27 (3 days ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇬🇧 consul.to	2026-05-31 12:45:07 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 sdos.es	2026-05-31 05:51:35 (4 days ago)	"Restricted File Access Attempt - Matched Data: .aws/credentials found within REQUEST_FILENAME: /.aw ... show more "Restricted File Access Attempt - Matched Data: .aws/credentials found within REQUEST_FILENAME: /.aws/credentials" show less	Web App Attack
Anonymous	2026-05-31 05:15:19 (4 days ago)	(caddyscan) Scanner path probe from 85.121.245.15 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ... show more (caddyscan) Scanner path probe from 85.121.245.15 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.121.245.15 - - [31/May/2026:05:15:15 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 85.121.245.15 - - [31/May/2026:05:15:15 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 85.121.245.15 - - [31/May/2026:05:15:17 +0000] "GET /.env.example HTTP/1.1" [REDACTED] 200 2627 85.121.245.15 - - [31/May/2026:05:15:17 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 85.121.245.15 - - [31/May/2026:05:15:17 +0000] "GET /.env.production HTTP/1.1" show less	Port Scan
🇫🇷 masterguru	2026-05-31 04:58:31 (4 days ago)	Restricted File Access Attempt. Matched phrase ".aws/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇫🇮 YF	2026-05-31 04:09:19 (4 days ago)	404 errors Vulnerability scan	Web App Attack
🇩🇪 BlueWire Hosting	2026-05-31 03:25:30 (4 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇩🇪 pscriptos	2026-05-31 03:15:29 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.172.146

🇳🇱 45.156.87.166

🇨🇳 14.216.92.240

🇺🇸 5.161.81.130

🇧🇷 177.104.171.149

🇺🇸 137.184.235.133

🇨🇳 124.117.194.246

🇮🇹 93.92.76.11

🇺🇸 91.230.168.174

🇧🇬 78.128.113.22

🇺🇸 74.87.117.149

🇶🇦 34.153.64.89

🇨🇳 14.103.114.221

🇷🇺 213.234.11.10

🇩🇪 152.53.191.128

🇮🇩 128.14.233.253

🇻🇳 116.110.158.220

🇨🇳 115.56.13.50

🇬🇧 35.203.210.42

🇺🇸 13.58.248.240