JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.245.186

85.121.245.186 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 36%: ?

36%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇷🇴 Romania
City	Bucharest, Bucharest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.245.186

Whois 85.121.245.186

IP Abuse Reports for 85.121.245.186:

This IP address has been reported a total of 8 times from 5 distinct sources. 85.121.245.186 was first reported on June 12th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 pinguin	2026-06-12 16:49:11 (18 hours ago)	Triggered Cloudflare WAF (firewallCustom) from RO. Action taken: BLOCK Protocol: HTTP/2 (GET method) ... show more Triggered Cloudflare WAF (firewallCustom) from RO. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /loadable-stats.json UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 MBombeck	2026-06-12 15:24:10 (19 hours ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 13:39:48 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:39:42.685315 2026] [security2:error] [pid 25767:tid 25767] [client 85.121.245.186:53868] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wallet.joebankx.com"] [uri "/.env.example"] [unique_id "aiwMHtPE9SMgKqoT3SDWzgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 12:43:23 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:43:17.375119 2026] [security2:error] [pid 7242:tid 7242] [client 85.121.245.186:47030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walkerweb.walkerweb.com"] [uri "/.env"] [unique_id "aiv-5dqbDYcIjtCbzVYhtAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 12:01:57 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:01:48.772002 2026] [security2:error] [pid 12320:tid 12378] [client 85.121.245.186:56854] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wakhan-adventure.com"] [uri "/.env"] [unique_id "aiv1LBhxTU6lViE2EVukSQAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 clapper	2026-06-12 11:20:37 (23 hours ago)	(mod_security) mod_security (id:980001) triggered by 85.121.245.186 (RO/Romania/-): 3 in the last 36 ... show more (mod_security) mod_security (id:980001) triggered by 85.121.245.186 (RO/Romania/-): 3 in the last 3600 secs; ID: LUC show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-12 11:18:56 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.121.245.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:18:51.444560 2026] [security2:error] [pid 26518:tid 26518] [client 85.121.245.186:33982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chevronparkett.com"] [uri "/.env"] [unique_id "aivrG1SaRND9JSdGxVZekgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 11:11:33 (23 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 157.15.40.76

🇺🇸 65.49.1.154

🇰🇷 59.18.54.66

🇺🇸 40.119.33.98

🇺🇸 2600:1900:4120:e3fb:0:81::

🇺🇸 165.154.173.226

🇩🇪 159.26.104.19

🇧🇬 156.146.55.165

🇺🇸 136.113.30.115

🇩🇪 135.125.226.143

🇺🇸 107.173.131.45

🇩🇿 105.98.80.240

🇦🇹 77.119.20.248

🇳🇱 45.198.224.136

🇩🇪 35.198.130.172

🇯🇵 34.153.215.68

🇬🇧 2a06:4880::10

🇺🇸 205.210.31.93

🇨🇭 179.43.150.26

🇺🇸 154.83.197.107