JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.20.252.85

198.20.252.85 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 0%: ?

ISP	Unified Layer
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46606
Hostname(s)	samitask.com
Domain Name	newfold.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.20.252.85

Whois 198.20.252.85

IP Abuse Reports for 198.20.252.85:

This IP address has been reported a total of 21 times from 13 distinct sources. 198.20.252.85 was first reported on November 11th 2023, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-04-09 06:15:50 (2 months ago)	Blocked by UFW (TCP on 44606) Source port: 443 TTL: 50 Packet length: 40 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 44606) Source port: 443 TTL: 50 Packet length: 40 TOS: 0x08 This report (for 198.20.252.85) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇲🇦 Mohamed Omar Bennouna Temsamani	2025-03-08 12:06:00 (1 year ago)	A phishing email was sent to an address under the rock.ma domain, impersonating HSBC and requesting ... show more A phishing email was sent to an address under the rock.ma domain, impersonating HSBC and requesting payment verification for a supposed remittance. The fraudulent sender email ([email protected]) passed SPF and DKIM verification, but the message originated from an unauthorized IP: 198.20.252.85. Technical Details: Return Path: [email protected] Sender Domain: lagranjavilla.com Reply-To Address: [email protected] (Fraudulent HSBC Impersonation) DKIM Signature: Passed for lagranjavilla.com. SPF: Passed for IP 198.20.252.85. ARC-Seal Header: Spoofing detected via relays. Message Subject: "Payment Advice - Verification Needed to Release Payment Remittance Copy" show less	Phishing Email Spam
🇸🇰 EVISION	2025-03-08 07:08:00 (1 year ago)	[email protected]	Phishing Email Spam Spoofing
🇸🇰 wirecontrol	2024-08-08 08:19:06 (1 year ago)	Mail contains malware	Email Spam
🇷🇸 Smel	2024-08-08 07:34:12 (1 year ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇷🇸 Smel	2024-08-06 23:04:14 (1 year ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇪🇸 didevi	2024-07-29 21:55:30 (1 year ago)	2024-07-29T23:55:30.029565+02:00 mail01 postfix/smtpd[145055]: NOQUEUE: reject: RCPT from samitask.c ... show more 2024-07-29T23:55:30.029565+02:00 mail01 postfix/smtpd[145055]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
🇪🇸 didevi	2024-07-28 06:18:06 (1 year ago)	2024-07-28T08:18:05.200391+02:00 mail01 postfix/smtpd[7621]: NOQUEUE: reject: RCPT from samitask.com ... show more 2024-07-28T08:18:05.200391+02:00 mail01 postfix/smtpd[7621]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
🇪🇸 didevi	2024-07-27 13:05:36 (1 year ago)	2024-07-27T15:05:35.232066+02:00 mail01 postfix/smtpd[4118058]: NOQUEUE: reject: RCPT from samitask. ... show more 2024-07-27T15:05:35.232066+02:00 mail01 postfix/smtpd[4118058]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
🇪🇸 didevi	2024-07-27 02:11:04 (1 year ago)	2024-07-27T04:11:04.571110+02:00 mail01 postfix/smtpd[4098362]: NOQUEUE: reject: RCPT from samitask. ... show more 2024-07-27T04:11:04.571110+02:00 mail01 postfix/smtpd[4098362]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
🇪🇸 didevi	2024-07-26 18:31:27 (1 year ago)	2024-07-26T20:31:26.806372+02:00 mail01 postfix/smtpd[4033026]: NOQUEUE: reject: RCPT from samitask. ... show more 2024-07-26T20:31:26.806372+02:00 mail01 postfix/smtpd[4033026]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
🇪🇸 didevi	2024-07-26 11:00:50 (1 year ago)	2024-07-26T13:00:49.838650+02:00 mail01 postfix/smtpd[4018382]: NOQUEUE: reject: RCPT from samitask. ... show more 2024-07-26T13:00:49.838650+02:00 mail01 postfix/smtpd[4018382]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
🇪🇸 didevi	2024-07-26 09:08:45 (1 year ago)	2024-07-26T11:08:44.923484+02:00 mail01 postfix/smtpd[4013554]: NOQUEUE: reject: RCPT from samitask. ... show more 2024-07-26T11:08:44.923484+02:00 mail01 postfix/smtpd[4013554]: NOQUEUE: reject: RCPT from samitask.com[198.20.252.85]: 450 4.7.1 <198-20-252-85.unifiedlayer.com>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<198-20-252-85.unifiedlayer.com> show less	Brute-Force
Anonymous	2024-07-26 09:03:38 (1 year ago)	postfix	Email Spam Web App Attack
🇬🇧 Shadymint	2023-11-15 15:03:49 (2 years ago)	url probing from IP marked as abusive	Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇮🇳 163.61.33.117

🇮🇩 103.154.231.122

🇳🇱 91.92.40.4

🇨🇳 223.159.80.91

🇮🇹 217.26.178.106

🇻🇳 103.118.28.15

🇨🇦 89.251.0.97

🇲🇽 46.250.169.245

🇷🇺 46.39.254.221

🇰🇷 43.164.129.84

🇻🇳 157.10.45.192

🇨🇦 104.255.152.18

🇺🇸 104.168.99.198

🇺🇸 74.7.244.43

🇺🇸 74.7.229.176

🇺🇸 64.227.14.170

🇹🇼 34.80.188.252

🇺🇸 18.191.188.231

🇨🇳 211.93.6.230