Hi tom.vanhee,
What can be said about the IP and site is that it is known as a PHISH:
https://www.virustotal.com/nl/url/b2fbe7a26aa6ad23442961c3e335cfdee2590a5723bc6efe0a729029c0b4dd5d/analysis/This scan is also rather conclusive: Domain Name: 158.85.47.164-static.reverse.softlayer.com
URL Tested: htxps://158.85.47.164-static.reverse.softlayer.com
Number of items downloaded on page: 1
SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details:
ERROR: certificate common name '*.teracreative.com' doesn't match requested host name '158.85.47.164-static.reverse.softlayer.com'.
Certificate valid through: May 22 19:54:42 2017 GMT
Certificate Issuer: GoDaddy.com, Inc.
SSL Protocols Supported: SSLv3 TLSv1 TLSv1.1 TLSv1.2
Server supports SSLv3, may be vulnerable to POODLE attack. It is suggested to disable the SSLv3 protocol.
Server certificate
Total number of items: 1
Number of insecure items: 1
Insecure URL: htxp://158.85.47.164-static.reverse.softlayer.com/blank.html
Damian