JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 95.85.251.66

95.85.251.66 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 16%: ?

16%

ISP	VPSPay - vpspay.cloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS201988
Domain Name	vpspay.cloud
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 95.85.251.66

Whois 95.85.251.66

IP Abuse Reports for 95.85.251.66:

This IP address has been reported a total of 6 times from 4 distinct sources. 95.85.251.66 was first reported on May 6th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 melochef	2026-05-17 20:12:57 (3 weeks ago)	ModSecurity: Access denied with code 403 (phase 2). [id "941100"] [msg "XSS Attack Detected via libi ... show more ModSecurity: Access denied with code 403 (phase 2). [id "941100"] [msg "XSS Attack Detected via libinjection"] [severity "CRITICAL"] [tag "OWASP_CRS/4.0"] [hostname "waf.cdn-edge.net"] [uri "/api/v1/namespaces"] [unique_id "855c432bbd331d6d"] 95.85.251.66 - - [14/May/2026:17:12:35 +0000] "GET /api/v1/namespaces HTTP/1.1" 403 1140 "-" "python-requests/2.31.0" show less	Hacking Web App Attack
🇧🇷 Kevin Landry	2026-05-17 19:24:35 (3 weeks ago)	[] [1:2010939:3] ET SCAN Suspicious inbound to PostgreSQL port 5432 [] [Classification: Attempte ... show more [] [1:2010939:3] ET SCAN Suspicious inbound to PostgreSQL port 5432 [] [Classification: Attempted Information Leak] [Priority: 2] 15/May/2026:21:31:40 +0000 {TCP} 95.85.251.66:62516 -> 10.63.122.250:8443 show less	Port Scan
🇧🇪 melochef	2026-05-17 01:31:26 (4 weeks ago)	ModSecurity: Access denied with code 403 (phase 2). [id "913100"] [msg "Found User-Agent associated ... show more ModSecurity: Access denied with code 403 (phase 2). [id "913100"] [msg "Found User-Agent associated with security scanner"] [severity "WARNING"] [tag "OWASP_CRS/4.0"] [hostname "waf.cdn-edge.net"] [uri "/cgi-bin/luci"] [unique_id "0c31717ba91d2b39"] 95.85.251.66 - - [14/May/2026:06:53:26 +0000] "GET /cgi-bin/luci HTTP/1.1" 403 227 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" show less	Hacking Web App Attack
🇷🇴 Jashuva P	2026-05-16 22:24:35 (4 weeks ago)	IP banned by Fail2Ban (traefik jail) after 29 hits. 95.85.251.66 - - [14/May/2026:05:44:21 +0000] "G ... show more IP banned by Fail2Ban (traefik jail) after 29 hits. 95.85.251.66 - - [14/May/2026:05:44:21 +0000] "GET /wp-config.old HTTP/1.1" 403 28845 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" 95.85.251.66 - - [14/May/2026:05:44:21 +0000] "POST /wp-login.php HTTP/1.1" 401 502 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:126.0) Gecko/20100101 Firefox/126.0" show less	Web App Attack
Anonymous	2026-05-08 15:25:59 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-05-06 17:09:39 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.241.141.178

🇺🇸 172.253.0.23

🇺🇸 149.18.169.243

🇳🇱 134.209.194.215

🇧🇪 35.205.201.232

🇧🇬 5.188.206.66

🇲🇽 2806:2f0:a7c0:d465:71b6:4006:74b7:4d24

🇺🇸 209.46.125.221

🇲🇽 187.191.48.24

🇧🇷 186.193.242.161

🇨🇦 159.89.124.112

🇨🇳 120.48.90.166

🇮🇳 103.167.99.13

🇳🇱 91.92.40.10

🇺🇸 86.111.176.100

🇺🇸 66.132.186.225

🇺🇸 64.225.29.67

🇩🇪 64.89.163.130

🇦🇺 34.151.75.40

🇧🇪 198.235.24.215