JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.121.55.197

85.121.55.197 was found in our database!

This IP was reported 100 times. Confidence of Abuse is 100%: ?

100%

ISP	Urban Network Solutions SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	urbannetworksolutions.nl
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.121.55.197

Whois 85.121.55.197

IP Abuse Reports for 85.121.55.197:

This IP address has been reported a total of 100 times from 73 distinct sources. 85.121.55.197 was first reported on March 11th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Inartis	2026-06-11 18:57:50 (4 days ago)	85.121.55.197 - - [11/Jun/2026:20:57:48 +0200] "GET /.env HTTP/1.1" 403 222 "-" "Mozilla/5.0 (Window ... show more 85.121.55.197 - - [11/Jun/2026:20:57:48 +0200] "GET /.env HTTP/1.1" 403 222 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" 85.121.55.197 - - [11/Jun/2026:20:57:48 +0200] "GET /.env.local HTTP/1.1" 403 5522 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" 85.121.55.197 - - [11/Jun/2026:20:57:49 +0200] "GET /.env.production HTTP/1.1" 403 222 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RH5	2026-06-11 13:22:44 (5 days ago)	Restricted URL probing (/.git) (UTC 2026-06-11 13:22)	Web App Attack
🇬🇧 consul.to	2026-06-11 10:05:09 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 FeG Deutschland	2026-06-11 09:11:29 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127	Exploited Host Web App Attack
🇦🇺 2000cn.com.au	2026-06-11 07:21:14 (5 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇧🇷 dominioz	2026-06-11 06:50:43 (5 days ago)	2026-06-11 06:50:18 GET /.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+A ... show more 2026-06-11 06:50:18 GET /.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/147.0.0.0+Safari/537.36 - 200 1615 2026-06-11 06:50:18 GET /backend/.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/147.0.0.0+Safari/537.36 - 200 1615 2026-06-11 06:50:19 GET /api/.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+15.7;+rv:149.0)+Gecko/20100101+Firefox/149.0 - 200 1615 2026-06-11 06:50:19 GET /.git/config - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/147.0.0.0+Safari/537.36+Edg/146.0.3856.109 - 200 1615 ... show less	Web App Attack
🇩🇪 4server	2026-06-11 05:32:50 (5 days ago)	[ThuJun1107:32:45.4850432026][security2:error][pid1508109:tid1508133][client85.121.55.197:0]ModSecur ... show more [ThuJun1107:32:45.4850432026][security2:error][pid1508109:tid1508133][client85.121.55.197:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"specialfood.ch\"][uri\"/.git/HEAD\"][unique_id\"aipIfTf8_wtZl6Qhth21wAAAAA0\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 patrisei	2026-06-10 21:38:24 (5 days ago)	You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-sensitive-fil ... show more You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-sensitive-files show less	Port Scan Web App Attack
🇻🇳 trung.fun	2026-06-10 21:21:44 (5 days ago)	DDoS, Hack, Brute Force, Web Attack ...	DDoS Attack Web Spam Hacking Brute-Force Web App Attack
Anonymous	2026-06-10 21:18:15 (5 days ago)	Attempt to access sensitive files	Hacking Web App Attack
🇺🇸 ANTI SCANNER	2026-06-10 19:44:44 (5 days ago)	Scanner : /.env.development	Web Spam
🇦🇺 Terrier	2026-06-10 18:00:02 (5 days ago)	Blocked for HTTP vulnerability scanning (excessive 40x)	Web App Attack
🇩🇪 FeG Deutschland	2026-06-10 16:51:42 (6 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇧🇷 dominioz	2026-06-10 14:55:40 (6 days ago)	2026-06-10 14:55:16 GET /.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+A ... show more 2026-06-10 14:55:16 GET /.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/147.0.0.0+Safari/537.36+Edg/146.0.3856.109 - 301 540 2026-06-10 14:55:16 GET /backend/.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+15.7;+rv:149.0)+Gecko/20100101+Firefox/149.0 - 301 556 2026-06-10 14:55:16 GET /api/.env - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+15.7;+rv:149.0)+Gecko/20100101+Firefox/149.0 - 301 548 2026-06-10 14:55:16 GET /.git/config - - 85.121.55.197 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+15.7;+rv:149.0)+Gecko/20100101+Firefox/149.0 - 301 554 ... show less	Web App Attack
Anonymous	2026-06-10 12:11:26 (6 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Clou ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Cloud secrets probing show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 100 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.218.206.123

🇺🇸 154.39.79.49

🇩🇪 128.14.225.164

🇻🇳 113.173.154.153

🇨🇳 112.80.175.1

🇺🇦 77.87.40.114

🇰🇷 59.16.192.32

🇹🇭 58.10.48.167

🇭🇰 47.242.245.129

🇱🇹 45.227.254.170

🇺🇸 35.212.170.115

🇳🇱 5.61.209.43

🇶🇦 2600:1900:4260:40e::2e

🇫🇷 176.129.57.20

🇳🇱 176.65.139.215

🇺🇸 135.119.88.104

🇻🇳 123.22.187.96

🇹🇼 111.70.32.6

🇸🇬 47.237.174.42

🇳🇱 45.156.87.253