JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.11.167.49

85.11.167.49 was found in our database!

This IP was reported 1,326 times. Confidence of Abuse is 100%: ?

100%

ISP	TechTies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209630
Hostname(s)	web-defines.cubeamps.com
Domain Name	tech-ties.net
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.11.167.49

Whois 85.11.167.49

IP Abuse Reports for 85.11.167.49:

This IP address has been reported a total of 1,326 times from 404 distinct sources. 85.11.167.49 was first reported on April 8th 2026, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 mk-dizajn.hr	2026-04-20 03:13:32 (1 month ago)	$f2bV_matches	Brute-Force
🇨🇭 4server	2026-04-20 02:44:19 (1 month ago)	[MonApr2004:44:11.8892952026][security2:error][pid2688120:tid2688144][client85.11.167.49:0]ModSecuri ... show more [MonApr2004:44:11.8892952026][security2:error][pid2688120:tid2688144][client85.11.167.49:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.server-privato.com\"][uri\"/.aws/credentials\"][unique_id\"aeWS-_aZQnl6WisB7cLq7gAAAFY\"] show less	Hacking Web App Attack
Anonymous	2026-04-20 02:33:15 (1 month ago)	85.11.167.49 - - [19/Apr/2026:21:30:45 -0500] "GET /.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows ... show more 85.11.167.49 - - [19/Apr/2026:21:30:45 -0500] "GET /.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 172.70.220.50 85.11.167.49 - - [19/Apr/2026:21:30:45 -0500] "GET /.env.example HTTP/1.1" 403 199 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 172.70.220.50 85.11.167.49 - - [19/Apr/2026:21:30:45 -0500] "GET /.env.local HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 172.70.220.50 85.11.167.49 - - [19/Apr/2026:21:30:46 -0500] "GET /.env.backup HTTP/1.1" 403 199 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 172.70.220.50 85.11.167.49 - - [19/Apr/2026:21:31:12 -0500] "GET /.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 macrob	2026-04-20 02:15:23 (1 month ago)	2026/04/20 02:15:21 [error] 1533406#1533406: 163998361 access forbidden by rule, client: 85.11.167. ... show more 2026/04/20 02:15:21 [error] 1533406#1533406: 163998361 access forbidden by rule, client: 85.11.167.49, server: binofferes.com, request: "GET /admin/phpinfo.php HTTP/2.0", host: "binofferes.com", referrer: "http://binofferes.com/admin/phpinfo.php" 2026/04/20 02:15:21 [error] 1533406#1533406: 163998361 access forbidden by rule, client: 85.11.167.49, server: binofferes.com, request: "GET /.aws/credentials HTTP/2.0", host: "binofferes.com", referrer: "http://binofferes.com/.aws/credentials" 2026/04/20 02:15:21 [error] 1533406#1533406: 163998361 access forbidden by rule, client: 85.11.167.49, server: binofferes.com, request: "GET /.env HTTP/2.0", host: "binofferes.com", referrer: "http://binofferes.com/.env" ... show less	Web App Attack
🇺🇸 entangled_mongoose	2026-04-20 01:35:26 (1 month ago)	Probed /info.php.	Web App Attack
🇬🇧 andypiper	2026-04-20 01:02:39 (1 month ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-04-20 00:41:43 (1 month ago)	Excessive multi-domain requests	Brute-Force
🇷🇴 iulianh	2026-04-19 23:12:38 (1 month ago)	*	Brute-Force SSH
🇩🇪 todix	2026-04-19 22:45:34 (1 month ago)	Web App Attack Exploid from 85.11.167.49	Web App Attack
🇩🇪 macrob	2026-04-19 20:50:43 (1 month ago)	2026/04/19 20:50:33 [error] 1533407#1533407: 163689119 access forbidden by rule, client: 85.11.167. ... show more 2026/04/19 20:50:33 [error] 1533407#1533407: 163689119 access forbidden by rule, client: 85.11.167.49, server: finami.com.ua, request: "GET /.aws/credentials HTTP/1.1", host: "finami.com.ua" 2026/04/19 20:50:36 [error] 1533407#1533407: 163689119 access forbidden by rule, client: 85.11.167.49, server: finami.com.ua, request: "GET /.env HTTP/1.1", host: "finami.com.ua" 2026/04/19 20:50:42 [error] 1533407#1533407: 163689223 access forbidden by rule, client: 85.11.167.49, server: finami.com.ua, request: "GET /.env.example HTTP/1.1", host: "finami.com.ua" ... show less	Web App Attack
🇩🇪 updown.io	2026-04-19 19:33:26 (1 month ago)	{"level":"info","ts":1776626555.622945,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1776626555.622945,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"85.11.167.49","remote_port":"54261","client_ip":"85.11.167.49","proto":"HTTP/1.1","method":"GET","host":"bdl.computer","uri":"/phpinfo","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000045466,"size":0,"status":308,"resp_headers":{"Location":["https://bdl.computer/phpinfo"],"Content-Type":[],"Server":["Caddy"],"Connection":["close"]}} {"level":"info","ts":1776626562.5656533,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"85.11.167.49","remote_port":"51076","client_ip":"85.11.167.49","proto":"HTTP/1.1","method":"GET","host":"bdl.computer","uri":"/phpinfo.php","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chro ... show less	DDoS Attack Web App Attack
🇵🇱 andykurg	2026-04-19 19:30:03 (1 month ago)	Blocked by nakordoni.eu automated security: vulnerability scanner / probe attack. Jail: nakordoni-se ... show more Blocked by nakordoni.eu automated security: vulnerability scanner / probe attack. Jail: nakordoni-security-probe, 5 matches. ISP: SOFCOMPANY Ltd (NL), Usage: Data Center/Web Hosting/Transit. Prior AbuseIPDB score at ban time: 100/100. show less	Bad Web Bot Web App Attack
🇺🇸 rdpguard.com	2026-04-19 06:29:36 (1 month ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
Anonymous	2026-04-19 05:06:37 (1 month ago)	$f2bV_matches	Brute-Force
🇺🇸 agenciahypelab.com.br	2026-04-19 04:15:38 (1 month ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH

Showing 1126 to 1140 of 1326 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:171:f3:f0:9999::231

🇮🇳 223.233.80.158

🇳🇱 176.65.139.231

🇺🇸 138.99.38.185

🇺🇸 57.151.98.124

🇸🇬 47.128.54.44

🇩🇪 213.209.159.235

🇩🇪 213.209.159.108

🇰🇷 211.223.107.86

🇧🇷 177.39.34.118

🇺🇸 162.216.150.96

🇵🇰 157.10.226.170

🇺🇬 129.205.2.18

🇻🇳 116.99.173.102

🇮🇩 103.214.112.253

🇻🇳 101.99.53.24

🇺🇸 47.77.233.62

🇺🇸 20.118.225.19

🇫🇷 213.32.23.140

🇫🇷 143.244.57.92