JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.203.47.107

85.203.47.107 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 25%: ?

25%

ISP	Falco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS42708
Domain Name	falco-networks.com
Country	🇩🇰 Denmark
City	Copenhagen, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.203.47.107

Whois 85.203.47.107

IP Abuse Reports for 85.203.47.107:

This IP address has been reported a total of 70 times from 32 distinct sources. 85.203.47.107 was first reported on September 18th 2023, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Viveronese	2026-06-09 15:04:57 (3 days ago)	HTTP vulnerability scanning	Web App Attack
🇮🇹 VHosting	2026-06-07 14:25:03 (5 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 dynamix	2026-05-02 13:02:24 (1 month ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-04-28 08:03:25 (1 month ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DK, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DK, Attack patterns: WordPress scanning, Webshell probing, Backup file probing show less	Bad Web Bot Web App Attack
Anonymous	2026-04-27 07:03:51 (1 month ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DK, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DK, Attack patterns: WordPress scanning, Webshell probing, Backup file probing show less	Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-04-26 17:15:06 (1 month ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-04-26 17:03:32 (1 month ago)	85.203.47.107 - - [26/Apr/2026:20:03:30 +0300] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 40 ... show more 85.203.47.107 - - [26/Apr/2026:20:03:30 +0300] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 85.203.47.107 - - [26/Apr/2026:20:03:31 +0300] "GET /wp-content/themes/classwithtostring.php HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36" ... show less	Web App Attack
🇫🇮 Shaik Sai Meera	2026-02-04 04:35:13 (4 months ago)	IM360 WAF: Infectors: Suspicious access attempt (webshell)	FTP Brute-Force Open Proxy Brute-Force
🇺🇸 TPI-Abuse	2026-02-03 23:59:05 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 85.203.47.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 85.203.47.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 18:58:50.742097 2026] [security2:error] [pid 5354:tid 5354] [client 85.203.47.107:61235] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|abundancecompany.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "abundancecompany.com"] [uri "/images/stories/themes.php"] [unique_id "aYKLuukhJDwrXKlcmB8JdwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-29 00:13:39 (4 months ago)	wordpress-trap	Web App Attack
🇧🇪 cmbplf	2026-01-28 23:40:20 (4 months ago)	249 requests with url.path /.well-known/acme-challenge/.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-26 23:07:31 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 85.203.47.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.47.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 18:07:15.077025 2026] [security2:error] [pid 22516:tid 22516] [client 85.203.47.107:45371] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.dudleyanddudley.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dudleyanddudley.com"] [uri "/backups/sql.sql"] [unique_id "aXfzowF2s0cTieKIbE7S8QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 03:49:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 85.203.47.107 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.203.47.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 24 22:49:21.609358 2026] [security2:error] [pid 30817:tid 30817] [client 85.203.47.107:45345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phantomquailkennel.com"] [uri "/.env"] [unique_id "aXWSwaX4_NURfq-4qs_GmgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-01-25 03:05:33 (4 months ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 Penny Packer	2025-12-23 03:33:52 (5 months ago)	Fail2Ban apache-tripwires	Web App Attack

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.214.56.78

🇨🇳 182.44.38.181

🇩🇪 139.162.186.99

🇯🇵 86.48.12.168

🇺🇸 64.62.156.157

🇹🇼 61.231.229.39

🇺🇸 52.167.144.194

🇭🇰 34.92.83.162

🇰🇷 14.45.142.178

🇨🇳 1.14.28.29

🇬🇧 213.171.208.62

🇬🇧 213.166.84.37

🇰🇷 211.219.243.53

🇺🇸 172.93.101.146

🇮🇳 136.232.11.10

🇬🇧 81.19.219.227

🇷🇴 80.94.92.186

🇺🇸 66.132.195.152

🇫🇷 51.75.236.143

🇳🇱 45.148.10.151