JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.203.45.107

85.203.45.107 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 0%: ?

ISP	AF Networks
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	falco-networks.com
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.203.45.107

Whois 85.203.45.107

IP Abuse Reports for 85.203.45.107:

This IP address has been reported a total of 136 times from 39 distinct sources. 85.203.45.107 was first reported on May 11th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Starburst SysOp Team	2026-04-15 12:15:05 (1 month ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-16 19:54:33 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 15:54:30.438684 2026] [security2:error] [pid 6439:tid 6439] [client 85.203.45.107:50131] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|hodlmoser.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hodlmoser.com"] [uri "/backups/dump.sql"] [unique_id "abhf9sz-qesc_XoEjZSmswAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 23:12:10 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 18:12:06.992621 2026] [security2:error] [pid 17314:tid 17325] [client 85.203.45.107:20309] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bluetigertees.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bluetigertees.com"] [uri "/bak/wallet.dat"] [unique_id "aai8RtuIluP1vd0KTWkS1AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-28 21:08:54 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 16:08:50.747802 2026] [security2:error] [pid 29079:tid 29079] [client 85.203.45.107:27001] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.crypto-stamps.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.crypto-stamps.com"] [uri "/bak/dump.sql"] [unique_id "aaNZYo0StNRFmF2ZMbpNngAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-27 12:17:59 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 07:17:52.361720 2026] [security2:error] [pid 31068:tid 31068] [client 85.203.45.107:60793] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcointoolfair.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcointoolfair.com"] [uri "/back/backup.sql"] [unique_id "aaGLcOBXNEKtg5_xB4DN3gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 S.O.B.A. Dev.	2026-02-26 13:40:53 (3 months ago)	Threat Blocked by BeeHive from (ASN:9009) (Network:M247) (Host:soba.dev) (Method:HEAD) (Protocol:HTT ... show more Threat Blocked by BeeHive from (ASN:9009) (Network:M247) (Host:soba.dev) (Method:HEAD) (Protocol:HTTP/1.1) (Timestamp:2026-02-26T13:40:53Z) show less	Brute-Force Web Spam Web App Attack
🇺🇸 TPI-Abuse	2026-02-04 12:29:28 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 07:29:21.711509 2026] [security2:error] [pid 3759:tid 3759] [client 85.203.45.107:21359] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mpaexchangeinc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mpaexchangeinc.com"] [uri "/old/dump.sql"] [unique_id "aYM7oSOtyuPBoUs8sae06AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-29 06:19:04 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 01:18:57.520011 2026] [security2:error] [pid 19010:tid 19010] [client 85.203.45.107:63935] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.spectorworld.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.spectorworld.com"] [uri "/restore/mysql.sql"] [unique_id "aXr70UCgP_Im9ZpicxEySwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-01-22 18:05:32 (4 months ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 Penny Packer	2026-01-22 13:59:41 (4 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇩🇪 ghostwarriors	2026-01-12 15:20:36 (4 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-01-12 15:19:44 (4 months ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-10 00:43:36 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 09 19:43:30.005132 2026] [security2:error] [pid 31786:tid 31786] [client 85.203.45.107:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|eddysgroup.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eddysgroup.com"] [uri "/back/dump.sql"] [unique_id "aWGgsgK8Ia-8hHbaw_bMQQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-01-09 04:02:41 (4 months ago)	/restore/latest.zip	Hacking Web App Attack
🇩🇪 bescared	2026-01-09 01:30:11 (4 months ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 155.4.244.169

🇮🇳 154.61.69.74

🇨🇳 123.163.52.74

🇰🇷 118.34.164.157

🇺🇸 43.153.12.68

🇲🇽 187.189.165.137

🇳🇱 185.93.89.95

🇮🇳 182.70.243.207

🇨🇳 150.138.115.76

🇨🇦 142.44.233.48

🇨🇳 118.186.208.20

🇨🇳 116.114.94.242

🇨🇳 112.46.212.94

🇨🇳 112.27.129.78

🇰🇷 110.14.192.20

🇷🇴 92.118.39.236

🇳🇱 91.92.42.195

🇺🇸 66.132.186.246

🇺🇸 206.221.176.152

🇷🇺 83.246.133.16