JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.239.59.73

85.239.59.73 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	JSC TIMEWEB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9123
Domain Name	timeweb.com
Country	🇷🇺 Russian Federation
City	Moscow, Moscow

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.239.59.73

Whois 85.239.59.73

IP Abuse Reports for 85.239.59.73:

This IP address has been reported a total of 14 times from 8 distinct sources. 85.239.59.73 was first reported on April 4th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-11 00:47:40 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 20:47:33.866319 2025] [security2:error] [pid 15655:tid 15655] [client 85.239.59.73:42915] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|surrenderhouse.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "surrenderhouse.com"] [uri "/contact.html"] [unique_id "aMIcJf6zcNP7YPplrtlLUwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 19:45:54 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 15:45:47.120957 2025] [security2:error] [pid 2999:tid 2999] [client 85.239.59.73:13051] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Giovanni 4405/Thumbs.db"] [unique_id "aLyPa5xRtdn7-6KSLlBs_QAAACI"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Giovanni%204405/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-31 00:28:53 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 on-com	2025-07-03 04:18:18 (11 months ago)	URL scan	Brute-Force Web App Attack
🇨🇭 backslash	2025-05-24 02:45:05 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-05-06 05:03:26 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 01:03:18.632661 2025] [security2:error] [pid 606603:tid 606603] [client 85.239.59.73:53053] [client 85.239.59.73] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Gesture/Thumbs.db"] [unique_id "aBmYFlVZXXjPvYsjQuXjXQAAABI"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Gesture/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 hbrks	2025-03-22 13:09:32 (1 year ago)	GET http://marche-be.com/	Web Spam Hacking Bad Web Bot
🇪🇸 Reinhard	2025-02-21 05:25:00 (1 year ago)	Msg from error-handling: Error: Illegal path. Body:Fri, 21 Feb 2025 06:25:27 +0100, IP-Addr:85.239.5 ... show more Msg from error-handling: Error: Illegal path. Body:Fri, 21 Feb 2025 06:25:27 +0100, IP-Addr:85.239.59.73, Host:85.239.59.73 show less	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2024-11-09 12:35:35 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 07:35:27.668194 2024] [security2:error] [pid 1146932:tid 1146932] [client 85.239.59.73:10133] [client 85.239.59.73] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Gesture Stool/Thumbs.db"] [unique_id "Zy9XDzWi0vOz3g-WRdNeiQAAAAs"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Gesture%20Stool/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-24 04:32:34 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 24 00:32:26.631561 2024] [security2:error] [pid 20627] [client 85.239.59.73:35297] [client 85.239.59.73] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Lochmere II Recliner/broughton_saddle/Thumbs.db"] [unique_id "ZlAYWn6r4q99D6f72WbQRwAAAAg"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Lochmere%20II%20Recliner/broughton_saddle/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-05-18 05:23:46 (2 years ago)	honeypot detection	Bad Web Bot
🇨🇭 backslash	2024-04-11 06:25:44 (2 years ago)	honeypot	Bad Web Bot
🇬🇧 essinghigh	2024-04-08 00:39:51 (2 years ago)	1712536786 # Service_probe # SIGNATURE_SEND # source_ip:85.239.59.73 # dst_port:8239 ...	Port Scan
🇺🇸 hostseries	2024-04-04 02:50:41 (2 years ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.152.161.54

🇧🇷 170.84.89.114

🇮🇳 122.161.47.26

🇸🇬 43.172.195.77

🇧🇷 205.210.31.220

🇧🇷 177.136.206.71

🇭🇰 156.245.246.50

🇸🇪 155.4.245.222

🇦🇺 149.118.68.211

🇮🇩 139.255.254.163

🇮🇳 117.209.2.130

🇮🇳 103.21.79.242

🇯🇴 82.212.82.237

🇷🇴 2.57.121.25

🇩🇪 213.209.159.11

🇺🇸 162.243.0.195

🇨🇳 59.56.226.180

🇭🇰 42.200.78.166

🇳🇱 144.31.97.54

🇬🇧 51.75.161.33