JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.11.167.114

85.11.167.114 was found in our database!

This IP was reported 804 times. Confidence of Abuse is 100%: ?

100%

ISP	TechTies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209630
Hostname(s)	how-by-client.negativeprints.com
Domain Name	tech-ties.net
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.11.167.114

Whois 85.11.167.114

IP Abuse Reports for 85.11.167.114:

This IP address has been reported a total of 804 times from 290 distinct sources. 85.11.167.114 was first reported on April 12th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 anotherwatcher	2026-05-10 17:36:34 (3 weeks ago)	bad bot	Bad Web Bot
🇩🇪 wp1web.com	2026-05-10 17:33:15 (3 weeks ago)	env-file - Search for .env data weakness (/.env) by 85.11.167.114 (Lelystad; NLD; how-by-client.nega ... show more env-file - Search for .env data weakness (/.env) by 85.11.167.114 (Lelystad; NLD; how-by-client.negativeprints.com) - collected by docker http-honeypot show less	Web App Attack
🇩🇪 london2038.com	2026-05-10 17:09:15 (3 weeks ago)	Probing for exploits 85.11.167.114 - - [10/May/2026:15:20:47 +0200] "GET /.env HTTP/1.1" 422 0 "-" " ... show more Probing for exploits 85.11.167.114 - - [10/May/2026:15:20:47 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 85.11.167.114 - - [10/May/2026:19:09:11 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Hacking Web App Attack
Anonymous	2026-05-10 17:04:44 (3 weeks ago)	May 10 18:11:33 mail2 Nextcloud[17463]: {"reqId":"agCuNeY7ylJwVQre4tGi9AAAAEk","level":1,"time":"202 ... show more May 10 18:11:33 mail2 Nextcloud[17463]: {"reqId":"agCuNeY7ylJwVQre4tGi9AAAAEk","level":1,"time":"2026-05-10T16:11:33+00:00","remoteAddr":"85.11.167.114","user":"--","app":"core","method":"GET","url":"/.env","scriptName":"/index.php","message":"Trusted domain error. \"85.11.167.114\" tried to access using \"178.254.3.7\" as host.","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36","version":"32.0.5.0","data":{"app":"core"}} May 10 18:37:42 mail2 Nextcloud[15693]: {"reqId":"agC0VrKralI_5l_-0Km-VQAAAMY","level":1,"time":"2026-05-10T16:37:42+00:00","remoteAddr":"85.11.167.114","user":"--","app":"core","method":"GET","url":"/.env","scriptName":"/index.php","message":"Trusted domain error. \"85.11.167.114\" tried to access using \"178.254.3.7\" as host.","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36","version":"32.0.5.0","data":{"app":"core"}} May 10 1 ... show less	Brute-Force Web App Attack
🇮🇩 sockominfo	2026-05-10 17:00:16 (3 weeks ago)	Access to sensitive files detected w/ specific boundary.. Threat Score: 6.9/10 (MEDIUM). Reported by ... show more Access to sensitive files detected w/ specific boundary.. Threat Score: 6.9/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇩🇪 ecs.ge	2026-05-10 16:52:10 (3 weeks ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇺🇸 Cyber Crusader	2026-05-10 16:26:37 (3 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
Anonymous	2026-05-10 16:22:40 (3 weeks ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
Anonymous	2026-05-10 16:18:06 (3 weeks ago)	Portscan: TCP/443 (13x), TCP/80 (18x)	Port Scan
🇩🇪 Gwyneth Llewelyn	2026-05-10 16:04:00 (3 weeks ago)	2026/05/10 17:03:57 [error] 2342191#2342191: 105759 access forbidden by rule, client: 85.11.167.114 ... show more 2026/05/10 17:03:57 [error] 2342191#2342191: 105759 access forbidden by rule, client: 85.11.167.114, server: [redacted], request: "GET /.env HTTP/2.0", host: "[redacted]", referrer: "http://[redacted]/.env" 85.11.167.114 - - [10/May/2026:17:03:56 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 85.11.167.114 - - [10/May/2026:17:03:57 +0100] "GET /.env HTTP/2.0" 403 1166 "http://[redacted]/.env" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Brute-Force Web App Attack
🇩🇪 MusicLibrary	2026-05-10 15:39:20 (3 weeks ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇵🇱 Kitki30.com	2026-05-10 15:38:49 (3 weeks ago)	HTTP Probing. Log: 85.11.167.114 - - [10/May/2026:17:38:47 +0200] "GET /.env HTTP/1.1" 301 162 "-" " ... show more HTTP Probing. Log: 85.11.167.114 - - [10/May/2026:17:38:47 +0200] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 kumiko	2026-05-10 15:25:12 (3 weeks ago)	[2026-05-10 18:25:12] Probing for dotfiles "GET /.env HTTP/1.1" 403	Bad Web Bot Web App Attack
🇩🇪 gadix	2026-05-10 15:10:55 (3 weeks ago)	[10/May/2026:12:09:24.871759 +0200] agBZVNcozTTo40Sdi-LqTQAAAJE 85.11.167.114 58202 127.0.0.1 7080 [ ... show more [10/May/2026:12:09:24.871759 +0200] agBZVNcozTTo40Sdi-LqTQAAAJE 85.11.167.114 58202 127.0.0.1 7080 [10/May/2026:14:24:36.261636 +0200] agB5BNcozTTo40Sdi-LvDwAAAII 85.11.167.114 40660 127.0.0.1 7080 [10/May/2026:16:49:30.330847 +0200] agCa-oWYFdKBLS2d738kQwAAAME 85.11.167.114 52888 127.0.0.1 7080 [10/May/2026:17:10:54.396064 +0200] agCf_tcozTTo40Sdi-L2PQAAAJY 85.11.167.114 46190 127.0.0.1 7080 ... show less	Web App Attack
🇫🇷 Guardian	2026-05-10 15:00:35 (3 weeks ago)	Unauthorized attempt to retrieve configuration file 85.11.167.114 [10/May/2026:15:00:34] "GET /.env ... show more Unauthorized attempt to retrieve configuration file 85.11.167.114 [10/May/2026:15:00:34] "GET /.env HTTP/1.1" show less	Port Scan Web App Attack

Showing 61 to 75 of 804 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 110.225.255.179

🇺🇸 47.254.70.85

🇺🇸 185.238.231.9

🇩🇪 144.31.80.14

🇻🇳 103.176.20.115

🇮🇳 103.174.34.49

🇫🇷 91.196.152.32

🇬🇧 80.42.234.100

🇺🇸 66.132.186.205

🇮🇳 49.43.135.219

🇳🇱 45.148.10.151

🇺🇸 45.43.57.6

🇸🇬 34.177.101.205

🇮🇳 1.22.114.164

🇺🇸 209.85.219.49

🇺🇸 198.199.74.50

🇮🇹 185.208.106.50

🇻🇳 183.91.27.6

🇧🇷 177.189.46.98

🇸🇬 152.42.240.74