JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.215.229.109

85.215.229.109 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 63%: ?

63%

ISP	IONOS SE
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8560
Domain Name	ionos.com
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.215.229.109

Whois 85.215.229.109

IP Abuse Reports for 85.215.229.109:

This IP address has been reported a total of 37 times from 19 distinct sources. 85.215.229.109 was first reported on June 2nd 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-06-15 09:07:02 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 21:32:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:32:11.436086 2026] [security2:error] [pid 2604:tid 2610] [client 85.215.229.109:53245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.14"] [uri "/.env"] [unique_id "ai8d2xe0kQfX27ueEak_UwAAAQI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Roper123	2026-06-14 21:22:28 (2 weeks ago)	Web exploits	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 21:04:47 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:04:40.464956 2026] [security2:error] [pid 31504:tid 31504] [client 85.215.229.109:56797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.157"] [uri "/.env"] [unique_id "ai8XaFC_3Ib1dRgY-Cxs6AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 19:05:04 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:04:56.835703 2026] [security2:error] [pid 4187:tid 4253] [client 85.215.229.109:50461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.84"] [uri "/.env"] [unique_id "ai77WGIyPSdGnXLCu1eGXgAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 langenkamp-media	2026-06-14 18:28:28 (2 weeks ago)	Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 18:16:52 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:16:47.772448 2026] [security2:error] [pid 31644:tid 31644] [client 85.215.229.109:64167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.117"] [uri "/.env"] [unique_id "ai7wD8z7c6jPYrnJ_jF8TQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 17:34:20 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:949110) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:34:13.632628 2026] [security2:error] [pid 31049:tid 31049] [client 85.215.229.109:51327] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "192.64.150.240"] [uri "/.env"] [unique_id "ai7mFUVidquxfZWmDl3iVAAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-06-14 17:32:15 (2 weeks ago)	F2B - Malicious activity detected. URL Probing. -c0423ad6-	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 16:54:05 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 12:53:58.368414 2026] [security2:error] [pid 13242:tid 13242] [client 85.215.229.109:52076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.20"] [uri "/.env"] [unique_id "ai7cpn2Fcq92ZfFoFVsQLAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 15:23:41 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 85.215.229.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 11:23:38.302170 2026] [security2:error] [pid 5106:tid 5106] [client 85.215.229.109:63473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.222"] [uri "/.env"] [unique_id "ai7HeqrJxfJAr2mszQQsbQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 TrafficAnalyser	2026-06-14 15:21:34 (2 weeks ago)	Probing "GET /.env HTTP/1.1"	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-14 15:05:03 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02,wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 aks4226	2026-06-14 14:34:06 (2 weeks ago)	Bot search, attacking common web applications.	Web App Attack
🇫🇷 Teufel100	2026-06-14 14:21:15 (2 weeks ago)	ModSecurity rejected a query	Brute-Force Hacking Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.249.74.198

🇬🇧 2a00:1450:4009:c19::121

🇳🇱 204.76.203.81

🇸🇪 185.246.128.170

🇮🇷 185.231.181.16

🇵🇰 182.180.154.234

🇨🇳 139.159.238.55

🇨🇳 121.31.210.125

🇬🇧 109.228.59.224

🇺🇸 44.250.71.149

🇮🇩 41.216.178.119

🇺🇸 34.19.116.61

🇨🇭 185.211.94.76

🇷🇺 185.207.0.46

🇫🇷 185.192.97.91

🇨🇳 182.244.0.150

🇫🇮 178.20.210.208

🇳🇱 172.71.183.87

🇩🇪 172.71.164.16

🇺🇸 146.190.160.228