JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.239.59.92

85.239.59.92 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	JSC TIMEWEB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9123
Domain Name	timeweb.com
Country	🇷🇺 Russian Federation
City	Moscow, Moscow

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.239.59.92

Whois 85.239.59.92

IP Abuse Reports for 85.239.59.92:

This IP address has been reported a total of 16 times from 10 distinct sources. 85.239.59.92 was first reported on January 4th 2022, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2025-06-20 00:40:08 (11 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-03-05 10:05:42 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 05 05:05:34.617446 2025] [security2:error] [pid 43525:tid 43525] [client 85.239.59.92:27615] [client 85.239.59.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Hudson II/Thumbs.db"] [unique_id "Z8gh7m6lqeTQfMswbL1nIgAAABI"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Hudson%20II/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-16 15:34:47 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
🇺🇸 TPI-Abuse	2024-11-09 19:05:41 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 14:05:34.986261 2024] [security2:error] [pid 1414059:tid 1414059] [client 85.239.59.92:59041] [client 85.239.59.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Detrick/Thumbs.db"] [unique_id "Zy-yfoZe8-5-rO6Co9q8NgAAAAU"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Detrick/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-09-24 08:25:55 (1 year ago)	GlobalProtect login attempts with user mcooper.	VPN IP Brute-Force
🇺🇸 MrDD	2024-06-24 20:50:21 (1 year ago)	Botnet Attacking Cisco Web VPN	Brute-Force
Anonymous	2024-06-17 14:55:00 (1 year ago)	"Scanning for multiple vulnerable file extensions and wp-login.php xmlrpc.php"	Web App Attack
🇬🇧 essinghigh	2024-06-13 17:39:36 (1 year ago)	1718300374 # Service_probe # SIGNATURE_SEND # source_ip:85.239.59.92 # dst_port:60000 ...	Port Scan
Anonymous	2024-05-29 23:31:00 (2 years ago)	"Scanning for multiple vulnerable file extensions and wp-login.php xmlrpc.php"	Web App Attack
🇺🇸 TPI-Abuse	2024-05-28 08:00:52 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 04:00:48.931929 2024] [security2:error] [pid 16287] [client 85.239.59.92:11209] [client 85.239.59.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|portalvasco.com\|F\|2"] [data ".lacasadelarcerojo.wordpress.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "portalvasco.com"] [uri "/blog/2009/08/pere-navarro-el-\\xe2\\x80\\x9cfranco\\xe2\\x80\\x9d-de-las-carreteras\\xe2\\x80\\xa6/www.lacasadelarcerojo.wordpress.com"] [unique_id "ZlWPMG2fadpD7M81evtFEQAAAAg"], referer: https://portalvasco.com/blog/2009/08/pere-navarro-el-%e2%80%9cfranco%e2%80%9d-de-las-carreteras%e2%80%a6/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-24 01:09:42 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.239.59.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 21:09:38.171187 2024] [security2:error] [pid 8921] [client 85.239.59.92:15313] [client 85.239.59.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Longhorn II/Thumbs.db"] [unique_id "Zk_o0iq_j_klQpJ_jf-LnwAAAAI"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Longhorn%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-05-22 23:25:02 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇦🇺 oncord	2024-05-02 09:09:19 (2 years ago)	Form spam	Web Spam
🇨🇭 backslash	2024-04-10 05:57:25 (2 years ago)	honeypot	Bad Web Bot
Anonymous	2024-03-10 12:27:29 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.108.147.76

🇺🇸 216.73.217.138

🇺🇸 205.210.31.65

🇹🇳 193.95.2.247

🇯🇵 133.18.180.27

🇫🇷 95.111.250.103

🇬🇧 81.19.219.200

🇮🇪 212.129.79.108

🇵🇰 182.184.51.177

🇮🇳 182.70.243.207

🇺🇸 69.171.232.149

🇸🇰 62.197.220.186

🇳🇱 45.198.224.143

🇬🇧 35.203.210.249

🇳🇱 195.178.110.30

🇸🇬 194.164.107.5

🇺🇸 162.216.149.154

🇿🇦 66.8.6.146

🇭🇰 42.200.78.166

🇰🇷 20.214.145.16