JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.237.212.136

85.237.212.136 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 49%: ?

49%

ISP	LIVAPROXY YAZILIM TICARET LIMITED SIRKETI
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	livaproxy.com
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.237.212.136

Whois 85.237.212.136

IP Abuse Reports for 85.237.212.136:

This IP address has been reported a total of 28 times from 16 distinct sources. 85.237.212.136 was first reported on March 31st 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-20 11:05:50 (4 hours ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-18 19:11:44 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:55:04 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:54:58.610978 2026] [security2:error] [pid 4119:tid 4119] [client 85.237.212.136:46093] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|www.fixitz.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "www.fixitz.net"] [uri "/license.txt"] [unique_id "aiyAMnhslZnXldzOKayZdAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:22:28 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:22:24.624779 2026] [security2:error] [pid 5201:tid 5201] [client 85.237.212.136:32719] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|primecomputer.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "primecomputer.net"] [uri "/license.txt"] [unique_id "aix4kKAf0NAUgjhPavTSewAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 21:01:51 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 17:01:46.672353 2026] [security2:error] [pid 1194:tid 1307] [client 85.237.212.136:22173] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|kiwimagic.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "kiwimagic.net"] [uri "/license.txt"] [unique_id "aixzuprk6kl4xewSNLHE5wAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 20:23:19 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 16:23:14.357735 2026] [security2:error] [pid 28570:tid 28570] [client 85.237.212.136:53897] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|creationorevolution.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "creationorevolution.net"] [uri "/license.txt"] [unique_id "aixqsuih9Gdt1Eq-7vRQrgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 18:19:44 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:19:39.544971 2026] [security2:error] [pid 5483:tid 5483] [client 85.237.212.136:62571] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|davesullivan.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "davesullivan.net"] [uri "/license.txt"] [unique_id "aixNuyI0mgeyZON3WhDEfgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-09 19:03:45 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 todix	2026-06-09 17:31:23 (1 week ago)	WebAttack or semilar from 85.237.212.136	Web App Attack
🇬🇧 consul.to	2026-05-31 18:23:29 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-27 03:13:34 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 backslash	2026-05-21 11:27:01 (4 weeks ago)	block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1	Bad Web Bot
🇩🇪 conseilgouz	2026-05-21 10:37:22 (4 weeks ago)	vew-(visforms) : try to access forms...	Hacking
🇺🇸 oncord	2026-05-19 19:36:54 (1 month ago)	Form spam	Web Spam
🇫🇷 vtchost.com	2026-05-19 17:42:22 (1 month ago)	minux.vtchost.com:80 85.237.212.136 - - [19/May/2026:19:42:22 +0200] "GET /forum/index.php HTTP/1.0" ... show more minux.vtchost.com:80 85.237.212.136 - - [19/May/2026:19:42:22 +0200] "GET /forum/index.php HTTP/1.0" 418 233 "http://minux.vtchost.com/forum/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 CCleaner/130.0.0.0" ... show less	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.17.217.141

🇺🇸 162.216.149.194

🇮🇳 159.89.172.177

🇮🇳 152.52.236.122

🇧🇷 129.159.56.14

🇨🇭 107.189.7.144

🇸🇿 102.222.132.206

🇺🇸 47.251.249.71

🇳🇱 45.148.10.230

🇨🇳 39.144.130.8

🇮🇶 37.77.55.248

🇩🇪 2400:cb00:636:1000:f6b8:ffc0:2561:27b7

🇵🇱 212.87.249.99

🇺🇸 195.184.76.7

🇨🇳 183.135.5.172

🇺🇸 134.122.11.130

🇨🇭 35.216.144.195

🇳🇱 176.65.148.244

🇺🇸 154.83.197.167

🇩🇪 91.194.84.12