JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.11.167.133

85.11.167.133 was found in our database!

This IP was reported 612 times. Confidence of Abuse is 100%: ?

100%

ISP	SOFCOMPANY Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197170
Domain Name	tech-ties.net
Country	🇳🇱 Netherlands
City	Hopel, Limburg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.11.167.133

Whois 85.11.167.133

IP Abuse Reports for 85.11.167.133:

This IP address has been reported a total of 612 times from 258 distinct sources. 85.11.167.133 was first reported on April 14th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 Rauno Asp	2026-06-14 19:48:51 (2 days ago)	Automated CMS vulnerability scanning detected. Requesting wp-login.php, xmlrpc.php, wlwmanifest.xml.	Web App Attack
🇨🇦 zXero	2026-06-09 13:03:00 (1 week ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇨🇦 zXero	2026-06-03 12:39:09 (1 week ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇫🇮 Rauno Asp	2026-06-02 05:37:31 (2 weeks ago)	Automated CMS vulnerability scanning detected. Requesting wp-login.php, xmlrpc.php, wlwmanifest.xml.	Web App Attack
🇮🇳 evicky2002	2026-05-30 08:05:12 (2 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇨🇦 zXero	2026-05-29 12:33:21 (2 weeks ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇧🇷 ICS Labs	2026-05-21 15:16:42 (3 weeks ago)	ICS Labs identified 85.11.167.133 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇺🇸 Vano Ganzzz	2026-05-14 12:13:41 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: BLOCK ASN: 213438 (ColocaTel Inc.) ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: BLOCK ASN: 213438 (ColocaTel Inc.) Protocol: HTTP/1.1 (GET method) Endpoint: /settings.php Timestamp: 2026-05-14T12:13:41Z Ray ID: 9fb9d17d9debd24e UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 show less	Bad Web Bot
Anonymous	2026-05-14 12:02:22 (1 month ago)	(caddyscan) Scanner path probe from 85.11.167.133 (NL/The Netherlands/fondue-masonry.canterburyknoll ... show more (caddyscan) Scanner path probe from 85.11.167.133 (NL/The Netherlands/fondue-masonry.canterburyknolls.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:12:01:14 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:12:01:14 +0000] "GET /wp-config.php HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:12:01:14 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:12:02:16 +0000] "GET /wp-config.php HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:12:02:16 +0000] "GET /.git/config HTTP/1.1" show less	Port Scan
🇺🇸 Major Hostility	2026-05-14 11:29:50 (1 month ago)	"GET /server.js HTTP/1.1" 404 "GET /.env HTTP/1.1" 404 "GET /phpinfo.php HTTP/1.1" 404 "GET /app.js ... show more "GET /server.js HTTP/1.1" 404 "GET /.env HTTP/1.1" 404 "GET /phpinfo.php HTTP/1.1" 404 "GET /app.js HTTP/1.1" 404 "GET /wp-config.php HTTP/1.1" 404 "GET /info.php HTTP/1.1" 404 "GET /config.php HTTP/1.1" 404 show less	Web App Attack
Anonymous	2026-05-14 10:57:30 (1 month ago)	(caddyscan) Scanner path probe from 85.11.167.133 (NL/The Netherlands/fondue-masonry.canterburyknoll ... show more (caddyscan) Scanner path probe from 85.11.167.133 (NL/The Netherlands/fondue-masonry.canterburyknolls.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:10:52:41 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:10:52:41 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:10:52:41 +0000] "GET /wp-config.php HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:10:55:02 +0000] "GET /.env.bak HTTP/1.1" [REDACTED] 200 2627 85.11.167.133 - - [14/May/2026:10:57:30 +0000] "GET /.aws/credentials HTTP/1.1" show less	Port Scan
🇮🇹 mgarofano80	2026-05-14 10:46:40 (1 month ago)		Brute-Force Web App Attack
🇪🇸 antivoid.xyz	2026-05-14 10:11:07 (1 month ago)		Brute-Force Web App Attack
🇵🇱 strefapi_com	2026-05-14 06:11:37 (1 month ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇫🇮 NoaQT	2026-05-14 06:04:54 (1 month ago)	2026-05-14T06:04:53.532310+00:00 ingress-1 haproxy[368]: 85.11.167.133:51438 [14/May/2026:06:04:53.5 ... show more 2026-05-14T06:04:53.532310+00:00 ingress-1 haproxy[368]: 85.11.167.133:51438 [14/May/2026:06:04:53.532] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 88/71/0/0/0 0/0 "GET /settings.py HTTP/1.1" 2026-05-14T06:04:53.532379+00:00 ingress-1 haproxy[368]: 85.11.167.133:51440 [14/May/2026:06:04:53.531] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 88/71/0/0/0 0/0 "GET /app/config/parameters.yml HTTP/1.1" 2026-05-14T06:04:53.532555+00:00 ingress-1 haproxy[368]: 85.11.167.133:51462 [14/May/2026:06:04:53.531] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 88/71/0/0/0 0/0 "GET /config/parameters.yml HTTP/1.1" 2026-05-14T06:04:53.896242+00:00 ingress-1 haproxy[368]: 85.11.167.133:51484 [14/May/2026:06:04:53.895] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 88/71/0/0/0 0/0 "GET /server_info.php HTTP/1.1" 2026-05-14T06:04:53.896460+00:00 ingress-1 haproxy[368]: 85.11.167.133:51524 [14/May/2026:06:04:53.895] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 ... show less	DDoS Attack

Showing 1 to 15 of 612 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c23::12a

🇸🇪 188.126.240.80

🇩🇪 178.218.130.161

🇺🇸 172.105.128.13

🇮🇳 167.71.227.158

🇳🇵 103.148.23.200

🇬🇧 81.97.145.84

🇯🇵 43.153.150.130

🇮🇷 178.131.170.25

🇫🇷 176.191.43.176

🇮🇳 142.93.214.20

🇲🇾 121.122.119.170

🇨🇳 120.208.48.154

🇨🇳 115.195.97.22

🇨🇳 111.26.106.119

🇰🇷 110.14.190.221

🇯🇵 87.249.128.218

🇺🇸 76.251.39.254

🇻🇳 27.76.145.113

🇩🇪 3.73.56.124