JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.203.45.60

85.203.45.60 was found in our database!

This IP was reported 183 times. Confidence of Abuse is 27%: ?

27%

ISP	AF Networks
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	falco-networks.com
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.203.45.60

Whois 85.203.45.60

IP Abuse Reports for 85.203.45.60:

This IP address has been reported a total of 183 times from 58 distinct sources. 85.203.45.60 was first reported on March 22nd 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-06-21 20:05:14 (5 days ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-21 18:30:32 (1 month ago)	85.203.45.60 - - [21/May/2026:21:30:29 +0300] "GET //administrator/index.php HTTP/1.1" 404 707 "-" " ... show more 85.203.45.60 - - [21/May/2026:21:30:29 +0300] "GET //administrator/index.php HTTP/1.1" 404 707 "-" "Go-http-client/1.1" 85.203.45.60 - - [21/May/2026:21:30:32 +0300] "GET //wp-content/plugins/age-restriction/modules/remote_support/remote_init.php HTTP/1.1" 404 707 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇮🇹 Inartis	2026-05-21 16:28:42 (1 month ago)	85.203.45.60 - - [21/May/2026:18:28:35 +0200] "GET /admin/log.php HTTP/1.1" 404 67669 "https://blog. ... show more 85.203.45.60 - - [21/May/2026:18:28:35 +0200] "GET /admin/log.php HTTP/1.1" 404 67669 "https://blog.abanoritz.it//admin/log.php" "Go-http-client/1.1" 85.203.45.60 - - [21/May/2026:18:28:36 +0200] "GET /admin/cache.php HTTP/1.1" 404 67674 "https://blog.abanoritz.it//admin/cache.php" "Go-http-client/1.1" 85.203.45.60 - - [21/May/2026:18:28:41 +0200] "GET /admin/include/student.php HTTP/1.1" 404 67698 "https://blog.abanoritz.it//admin/include/student.php" "Go-http-client/1.1" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-05-21 12:15:07 (1 month ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇵🇱 nfsec.pl	2026-05-21 10:52:15 (1 month ago)	85.203.45.60 - - [21/May/2026:10:52:13 +0000] "GET /modules/prestaheroconnect/cronjob.php HTTP/2.0" ... show more 85.203.45.60 - - [21/May/2026:10:52:13 +0000] "GET /modules/prestaheroconnect/cronjob.php HTTP/2.0" 404 23891 "https://nfsec.pl//modules/prestaheroconnect/cronjob.php" "Go-http-client/2.0" 85.203.45.60 - - [21/May/2026:10:52:13 +0000] "GET /modules/medultimatejs/blue.php HTTP/2.0" 404 23922 "https://nfsec.pl//modules/medultimatejs/blue.php" "Go-http-client/2.0" 85.203.45.60 - - [21/May/2026:10:52:14 +0000] "GET /modules/onlinechat2028/az.php HTTP/2.0" 404 23956 "https://nfsec.pl//modules/onlinechat2028/az.php" "Go-http-client/2.0" 85.203.45.60 - - [21/May/2026:10:52:15 +0000] "GET /modules/sendinblue/numberv2.php HTTP/2.0" 404 24031 "https://nfsec.pl//modules/sendinblue/numberv2.php" "Go-http-client/2.0" 85.203.45.60 - - [21/May/2026:10:52:15 +0000] "GET /themes/freshfood/ HTTP/2.0" 404 23997 "https://nfsec.pl//themes/freshfood/index.php" "Go-http-client/2.0" ... show less	Web App Attack Exploited Host
🇩🇪 ghostwarriors	2026-05-21 09:50:12 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-06 17:17:15 (1 month ago)	<comment>	Web App Attack
🇺🇸 mnsf	2026-04-19 19:05:18 (2 months ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-04-16 02:29:59 (2 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 BlueWire Hosting	2026-04-14 21:24:00 (2 months ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-10 05:24:07 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.45.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.203.45.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 01:24:00.052564 2026] [security2:error] [pid 6309:tid 6309] [client 85.203.45.60:56337] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dudleyanddudley.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dudleyanddudley.com"] [uri "/old/sql.sql"] [unique_id "aa-q8JW7jqFXd2eBdyXeewAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-02-10 07:57:32 (4 months ago)	Triggered Cloudflare WAF (linkMaze) from CH. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (HEAD ... show more Triggered Cloudflare WAF (linkMaze) from CH. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (HEAD method) Endpoint: /public_html.zip UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-07 20:32:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 85.203.45.60 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 85.203.45.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 15:32:29.616783 2026] [security2:error] [pid 13203:tid 13203] [client 85.203.45.60:43403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lusocleaningservice.com"] [uri "/old/sftp-config.json"] [unique_id "aYehXdTcTrP5oXRwb_C9ygAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-01-22 09:27:28 (5 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇯🇵 Valhalla	2026-01-08 20:01:29 (5 months ago)	/back/application.zip	Hacking Web App Attack

Showing 1 to 15 of 183 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 14.136.93.28

🇺🇸 2a02:4780:75:4739::1

🇩🇪 212.132.78.209

🇳🇱 176.65.132.129

🇺🇸 162.216.149.82

🇨🇳 125.124.226.217

🇳🇱 89.124.68.77

🇨🇿 78.44.192.210

🇮🇳 35.200.191.248

🇨🇳 27.24.141.160

🇯🇵 8.209.229.161

🇺🇸 193.37.33.149

🇧🇷 186.239.41.74

🇳🇱 172.94.9.55

🇪🇪 85.29.246.199

🇸🇬 45.197.12.65

🇵🇱 194.180.49.70

🇫🇷 185.252.234.32

🇺🇸 147.185.132.157

🇺🇸 142.93.10.93