JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.11.187.4

85.11.187.4 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 100%: ?

100%

ISP	SOFCOMPANY Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS211486
Domain Name	skknet.net
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.11.187.4

Whois 85.11.187.4

IP Abuse Reports for 85.11.187.4:

This IP address has been reported a total of 211 times from 94 distinct sources. 85.11.187.4 was first reported on March 8th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Justin F. \| AS204464	2026-06-13 12:58:38 (2 days ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (52 bytes of payload); 10362 [1], 27767 [1], 2588 ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (52 bytes of payload); 10362 [1], 27767 [1], 25887 [1], 9491 [1], 12033 [1], 19395 [1] TCP Reported by: Justin F. show less	Port Scan
🇦🇹 begou.dev	2026-06-12 20:16:24 (3 days ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/3389	Port Scan
🇬🇧 skocherhan	2026-06-12 20:13:13 (3 days ago)	RDP probe cluster. Session hits: 1. Client Info: Unknown Protocol (Non-RDP Data)	Port Scan Brute-Force
🇸🇬 drewf.ink	2026-06-12 20:13:10 (3 days ago)	[20:13] Port scanning. Port(s) scanned: TCP/3389	Port Scan
🇫🇷 TheHoneyPotter	2026-06-12 20:08:08 (3 days ago)	Honeypot [fc-honeypot]: MSSQL traffic (on 1433) without login credentials Reported by: https://githu ... show more Honeypot [fc-honeypot]: MSSQL traffic (on 1433) without login credentials Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
Anonymous	2026-06-12 19:52:47 (3 days ago)	Malicious activity detected	Port Scan Brute-Force Hacking
🇩🇪 kexol	2026-06-12 19:52:36 (3 days ago)	3389 port scanned	Port Scan
🇩🇪 femboy.cat	2026-06-12 19:49:31 (3 days ago)	Port scan to tcp/3389 from 85.11.187.4	Brute-Force
🇺🇸 drewf.ink	2026-06-12 19:31:52 (3 days ago)	[19:31] Port scanning. Port(s) scanned: TCP/3389	Port Scan
🇩🇪 D3RP4UL	2026-06-12 19:30:04 (3 days ago)	MSSQL traffic (on 1433) without login credentials	Port Scan
🇺🇸 LSPCCU	2026-06-12 19:10:02 (3 days ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Br ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: DDoS Attack, Port Scan, Hacking, Brute-Force, Web App Attack, SSH, IoT Targeted. Honeypot: ssh-telnet, cowrie. Context: 85. show less	DDoS Attack Port Scan Hacking Brute-Force Web App Attack SSH IoT Targeted
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-12 19:07:03 (3 days ago)	Honeypot hit: MSSQL traffic (on 1433) without login credentials	Port Scan
🇯🇵 mkaraki	2026-06-12 19:03:19 (3 days ago)	1781290998 # Service_probe # SIGNATURE_SEND # source_ip:85.11.187.4 # dst_port:1433 ...	Port Scan
🇩🇪 guldkage	2026-06-12 19:01:11 (3 days ago)	Unauthorized connection attempt detected from IP address 85.11.187.4 to port 1433 (ger-03) [G]	Brute-Force Exploited Host
Anonymous	2026-06-12 18:53:49 (3 days ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 176.65.144.128

🇩🇪 138.199.19.180

🇺🇸 207.90.244.12

🇵🇰 202.143.120.241

🇵🇦 201.77.55.242

🇳🇱 195.178.110.132

🇩🇪 192.109.200.175

🇲🇽 187.246.12.58

🇫🇷 185.177.72.67

🇫🇷 185.177.72.54

🇫🇮 147.185.133.89

🇺🇸 147.185.132.94

🇮🇳 103.228.201.69

🇺🇸 100.29.192.109

🇹🇷 91.151.88.131

🇨🇭 89.217.231.108

🇨🇦 85.217.149.8

🇺🇸 65.49.1.139

🇺🇸 64.62.197.64

🇩🇪 46.225.98.181