JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.239.58.195

85.239.58.195 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	JSC TIMEWEB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9123
Domain Name	timeweb.com
Country	🇷🇺 Russian Federation
City	Moscow, Moscow

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.239.58.195

Whois 85.239.58.195

IP Abuse Reports for 85.239.58.195:

This IP address has been reported a total of 12 times from 6 distinct sources. 85.239.58.195 was first reported on April 6th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-06 20:35:49 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 85.239.58.195 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.239.58.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 16:35:42.446802 2025] [security2:error] [pid 28419:tid 28419] [client 85.239.58.195:65433] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Apex II/Thumbs.db"] [unique_id "aLybHvmEKqiHiynyOz03ywAAAAU"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Apex%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-20 21:42:50 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 85.239.58.195 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.239.58.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 20 17:42:44.824401 2025] [security2:error] [pid 2895213:tid 2895213] [client 85.239.58.195:48621] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Himolla-ZeroStress-Recliner/Images/Thumbs.db"] [unique_id "aFXV1OfC262gecRc74GQkgAAAB0"], referer: https://vitalitywebb.com/backstore/Himolla-ZeroStress-Recliner/Images/ show less	Brute-Force Bad Web Bot Web App Attack
🇲🇽 licjperezl	2025-06-10 19:12:24 (11 months ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force
🇲🇽 licjperezl	2025-06-05 18:04:50 (1 year ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force
🇨🇭 backslash	2025-05-24 02:30:05 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-03-05 10:06:53 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 85.239.58.195 (visit.keznews.com): 1 in the las ... show more (mod_security) mod_security (id:210730) triggered by 85.239.58.195 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 05 05:06:47.552827 2025] [security2:error] [pid 46617:tid 46617] [client 85.239.58.195:36545] [client 85.239.58.195] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Cedar Hill/Thumbs.db"] [unique_id "Z8giN-ciosX4wz9WyQ-keAAAAAk"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Cedar%20Hill/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-01 09:12:14 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 85.239.58.195 (visit.keznews.com): 1 in the las ... show more (mod_security) mod_security (id:210730) triggered by 85.239.58.195 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 04:12:10.960422 2024] [security2:error] [pid 3744080:tid 3744080] [client 85.239.58.195:36107] [client 85.239.58.195] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Briarwood II/Briarwood II/Stetson Bordeaux/originals/Thumbs.db"] [unique_id "Z0woak4g6bsq3frlPJBZEQAAAAM"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Briarwood%20II/Briarwood%20II/Stetson%20Bordeaux/originals/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-09-24 09:16:51 (1 year ago)	GlobalProtect login attempts with user gcline.	VPN IP Brute-Force
🇷🇺 sms.ru	2024-09-22 01:20:08 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇨🇭 backslash	2024-05-18 05:23:34 (2 years ago)	honeypot detection	Bad Web Bot
🇨🇭 backslash	2024-04-12 06:43:59 (2 years ago)	honeypot	Bad Web Bot
Anonymous	2024-04-06 19:46:05 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.195.13.179

🇮🇩 180.244.187.139

🇫🇷 176.31.139.20

🇺🇸 166.149.16.62

🇦🇹 141.101.104.107

🇨🇳 120.78.9.93

🇩🇪 118.193.59.4

🇨🇳 115.190.230.82

🇰🇿 95.56.56.185

🇺🇸 13.59.27.105

🇳🇱 204.76.203.212

🇺🇸 147.185.132.49

🇨🇴 129.222.203.206

🇺🇬 129.205.2.18

🇮🇳 125.19.159.186

🇮🇳 113.193.234.210

🇰🇷 58.224.62.29

🇺🇸 38.148.249.2

🇺🇸 35.130.111.146

🇩🇪 212.80.7.172