JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.11.167.49

85.11.167.49 was found in our database!

This IP was reported 1,317 times. Confidence of Abuse is 100%: ?

100%

ISP	TechTies Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209630
Hostname(s)	web-defines.cubeamps.com
Domain Name	tech-ties.net
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.11.167.49

Whois 85.11.167.49

IP Abuse Reports for 85.11.167.49:

This IP address has been reported a total of 1,317 times from 401 distinct sources. 85.11.167.49 was first reported on April 8th 2026, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Penny Packer	2026-04-16 05:07:23 (1 month ago)	Fail2Ban apache-404	Web App Attack
🇩🇪 gadix	2026-04-16 04:59:26 (1 month ago)	[16/Apr/2026:06:59:25.162727 +0200] aeBsrV-RhyJTsJmPPe8DJwAAAAI 85.11.167.49 48190 127.0.0.1 7081 [1 ... show more [16/Apr/2026:06:59:25.162727 +0200] aeBsrV-RhyJTsJmPPe8DJwAAAAI 85.11.167.49 48190 127.0.0.1 7081 [16/Apr/2026:06:59:25.194618 +0200] aeBsrUExVNy6Uv2MiPTGsAAAAAc 85.11.167.49 48206 127.0.0.1 7081 [16/Apr/2026:06:59:25.225682 +0200] aeBsrc2qCTjXuftqqAXLeAAAAAM 85.11.167.49 48218 127.0.0.1 7081 ... show less	Web App Attack
🇫🇷 loveprod	2026-04-15 19:49:37 (1 month ago)	85.11.167.49 - - [15/Apr/2026:22:49:36 +0300] "GET /.env HTTP/2.0" 403 352 "https://2aim.ru/.env" "M ... show more 85.11.167.49 - - [15/Apr/2026:22:49:36 +0300] "GET /.env HTTP/2.0" 403 352 "https://2aim.ru/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 85.11.167.49 - - [15/Apr/2026:22:49:37 +0300] "GET /.env.example HTTP/2.0" 403 375 "https://2aim.ru/.env.example" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Bad Web Bot
🇩🇪 jasperedv.de	2026-04-15 15:46:31 (1 month ago)	Apache Login - Brutforcing	Web App Attack Brute-Force
🇬🇧 consul.to	2026-04-15 15:07:00 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Major Hostility	2026-04-15 10:31:26 (1 month ago)	"GET /phpinfo HTTP/1.1" 404 "GET /phpinfo.php HTTP/1.1" 404 "GET /test.php HTTP/1.1" 404 "GET /_prof ... show more "GET /phpinfo HTTP/1.1" 404 "GET /phpinfo.php HTTP/1.1" 404 "GET /test.php HTTP/1.1" 404 "GET /_profiler/phpinfo HTTP/1.1" 404 "GET /info.php HTTP/1.1" 404 "GET /php.php HTTP/1.1" 404 "GET /php_info.php HTTP/1.1" 404 "GET /i.php HTTP/1.1" 404 "GET /pi.php HTTP/1.1" 404 "GET /admin/phpinfo.php HTTP/1.1" 404 "GET /pinfo.php HTTP/1.1" 404 "GET /php_version.php HTTP/1.1" 404 "GET /.aws/credentials HTTP/1.1" 404 "GET /.env HTTP/1.1" 404 "GET /.env.example HTTP/1.1" 404 "GET /.env.local HTTP/1.1" 404 "GET /.env.backup HTTP/1.1" 404 "GET /config/.env HTTP/1.1" 404 show less	Web App Attack
🇺🇸 Epimetheus	2026-04-15 10:28:36 (1 month ago)	Zombie network / Bot scanner detected: [GET] /config/.env [GET] /test.php [GET] /info.php [GET] /ph ... show more Zombie network / Bot scanner detected: [GET] /config/.env [GET] /test.php [GET] /info.php [GET] /phpinfo.php [GET] /php.php [GET] /.aws/credentials [GET] /.env.example [GET] /pinfo.php [GET] /pi.php UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 show less	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-04-15 09:00:03 (1 month ago)	ICONZDE WEBEXPLOIT 85.11.167.49 (web-defines.cubeamps.com)	Web App Attack
🇩🇪 updown.io	2026-04-15 07:30:29 (1 month ago)	{"level":"info","ts":1776233848.9997056,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1776233848.9997056,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"85.11.167.49","remote_port":"55566","client_ip":"85.11.167.49","proto":"HTTP/1.1","method":"GET","host":"status.stamped.ai","uri":"/i.php","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000048893,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.stamped.ai/i.php"],"Content-Type":[]}} {"level":"info","ts":1776233848.9997056,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"85.11.167.49","remote_port":"55566","client_ip":"85.11.167.49","proto":"HTTP/1.1","method":"GET","host":"status.stamped.ai","uri":"/i.php","headers":{"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like ... show less	DDoS Attack Web App Attack
🇧🇪 madeit	2026-04-15 05:25:24 (1 month ago)		Web App Attack
🇩🇪 dbmwebdesign	2026-04-15 05:05:10 (1 month ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇦 URAN Publishing Service	2026-04-15 04:55:43 (1 month ago)	85.11.167.49 - - [15/Apr/2026:07:55:41 +0300] "GET /.env HTTP/1.1" 404 736 "http://publishing.pnpu.e ... show more 85.11.167.49 - - [15/Apr/2026:07:55:41 +0300] "GET /.env HTTP/1.1" 404 736 "http://publishing.pnpu.edu.ua/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 85.11.167.49 - - [15/Apr/2026:07:55:42 +0300] "GET /config/.env HTTP/1.1" 404 736 "http://publishing.pnpu.edu.ua/config/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Web App Attack
🇺🇸 chrisj	2026-04-15 04:19:02 (1 month ago)	[Wed Apr 15 04:19:01.329003 2026] [proxy_fcgi:error] [pid 210182:tid 210182] [client 85.11.167.49:59 ... show more [Wed Apr 15 04:19:01.329003 2026] [proxy_fcgi:error] [pid 210182:tid 210182] [client 85.11.167.49:59803] AH01071: Got error 'Primary script unknown', referer: http://mail.greencityliving.earth/phpinfo.php [Wed Apr 15 04:19:01.538442 2026] [proxy_fcgi:error] [pid 210182:tid 210182] [client 85.11.167.49:59803] AH01071: Got error 'Primary script unknown', referer: http://mail.greencityliving.earth/test.php [Wed Apr 15 04:19:01.965300 2026] [proxy_fcgi:error] [pid 210182:tid 210182] [client 85.11.167.49:59803] AH01071: Got error 'Primary script unknown', referer: http://mail.greencityliving.earth/info.php ... show less	Brute-Force
Anonymous	2026-04-15 02:03:17 (1 month ago)	Auto-reported by Fail2Ban (NPM-Auth)	Web App Attack
🇳🇱 e.fierstra	2026-04-15 01:13:28 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack

Showing 1171 to 1185 of 1317 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 152.32.150.26

🇬🇧 51.75.161.33

🇺🇸 24.129.38.119

🇧🇷 205.210.31.183

🇳🇱 192.142.24.156

🇫🇷 185.177.72.68

🇫🇷 185.177.72.38

🇧🇷 179.222.52.63

🇹🇷 176.88.38.141

🇳🇱 176.65.148.96

🇺🇸 162.216.149.160

🇩🇪 89.46.10.57

🇧🇬 79.124.40.166

🇬🇧 193.163.125.144

🇷🇺 185.40.30.168

🇺🇸 165.154.235.59

🇺🇸 162.216.150.54

🇨🇳 124.226.216.189

🇷🇴 92.118.39.236

🇹🇷 85.106.151.244