JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.237.212.137

85.237.212.137 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 63%: ?

63%

ISP	LIVAPROXY YAZILIM TICARET LIMITED SIRKETI
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	livaproxy.com
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.237.212.137

Whois 85.237.212.137

IP Abuse Reports for 85.237.212.137:

This IP address has been reported a total of 39 times from 25 distinct sources. 85.237.212.137 was first reported on March 30th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 matthieul.dev	2026-06-23 04:15:24 (1 day ago)	Blocked by os-abuseipdb; 9 hits, proto=tcp,udp, ports=17218	Port Scan Brute-Force
🇩🇪 conseilgouz	2026-06-21 00:54:54 (3 days ago)	vew-(visforms) : try to access forms...	Hacking
🇺🇸 TPI-Abuse	2026-06-12 20:02:49 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 16:02:42.363644 2026] [security2:error] [pid 24024:tid 24024] [client 85.237.212.137:25481] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|www.nomorenicenice.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "www.nomorenicenice.net"] [uri "/license.txt"] [unique_id "aixl4rBdxCDQ4NkSGWzNHwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 19:04:26 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 15:04:22.575066 2026] [security2:error] [pid 32219:tid 32219] [client 85.237.212.137:44929] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|whaleyhouse.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "whaleyhouse.net"] [uri "/license.txt"] [unique_id "aixYNgBlWwkUGtZSKTBZ1wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 18:13:30 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 85.237.212.137 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210801) triggered by 85.237.212.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:13:26.999565 2026] [security2:error] [pid 15474:tid 15474] [client 85.237.212.137:33369] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|r-390a.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "r-390a.net"] [uri "/license.txt"] [unique_id "aixMRmBJKZLctyiitf7IqQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-09 19:03:55 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 todix	2026-06-09 17:31:22 (2 weeks ago)	WebAttack or semilar from 85.237.212.137	Web App Attack
🇺🇸 donarev419	2026-06-08 05:43:37 (2 weeks ago)	Port scan detected on port 8082 (connection without data transfer)	Port Scan
🇷🇺 punctualsuspension968	2026-06-07 14:26:50 (2 weeks ago)	blocked by ufw on TCP 59415	Port Scan
🇷🇺 punctualsuspension968	2026-06-07 10:37:48 (2 weeks ago)	blocked by ufw on TCP 60639	Port Scan
Anonymous	2026-06-07 09:30:14 (2 weeks ago)	2026-06-07T10:30:13.086702+01:00 vps kernel: [42564776.569077] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-07T10:30:13.086702+01:00 vps kernel: [42564776.569077] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=85.237.212.137 DST=54.37.14.118 LEN=40 TOS=0x08 PREC=0x40 TTL=240 ID=198 PROTO=TCP SPT=49618 DPT=8000 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
Anonymous	2026-06-01 18:56:14 (3 weeks ago)	Try to connect to Port_Scan_4433_stealth	Port Scan
🇬🇧 consul.to	2026-05-31 18:23:47 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-27 03:13:36 (4 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 xmission.com	2026-05-22 09:31:39 (1 month ago)	Blocked by UFW (TCP on 55756) Source port: 21774 TTL: 47 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 55756) Source port: 21774 TTL: 47 Packet length: 60 TOS: 0x08 This report (for 85.237.212.137) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 203.124.44.231

🇺🇸 165.22.155.98

🇨🇳 123.117.152.61

🇨🇳 111.38.136.211

🇺🇸 64.62.156.155

🇧🇷 45.171.171.216

🇺🇸 23.239.96.154

🇺🇸 12.25.69.255

🇷🇴 193.32.162.84

🇦🇴 154.116.254.157

🇸🇬 136.110.58.0

🇨🇳 123.150.80.157

🇨🇳 113.125.165.132

🇮🇹 79.57.223.11

🇺🇸 65.49.1.199

🇱🇹 45.227.254.170

🇸🇬 43.156.60.15

🇩🇪 213.209.159.226

🇺🇸 185.191.171.10

🇨🇳 171.43.6.214