JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.137.85.229

213.137.85.229 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 38%: ?

38%

ISP	CLOUD LEASE Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206446
Domain Name	cloudlease.co.il
Country	🇮🇱 Israel
City	Petah Tiqva, Central District

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.137.85.229

Whois 213.137.85.229

IP Abuse Reports for 213.137.85.229:

This IP address has been reported a total of 22 times from 16 distinct sources. 213.137.85.229 was first reported on March 23rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-23 23:15:46 (1 day ago)	Blocked by UFW (TCP on 465) Source port: 14104 TTL: 108 Packet length: 52 TOS: 0x0A This report (fo ... show more Blocked by UFW (TCP on 465) Source port: 14104 TTL: 108 Packet length: 52 TOS: 0x0A This report (for 213.137.85.229) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 rellim.com	2026-06-13 08:04:45 (1 week ago)	Jun 13 01:04:36 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 13 01:04:36 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=213.137.85.229 DST=204.17.205.254 LEN=52 TOS=0x02 PREC=0x00 TTL=107 ID=1112 DF PROTO=TCP SPT=8478 DPT=465 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Jun 13 01:04:39 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=213.137.85.229 DST=204.17.205.254 LEN=52 TOS=0x02 PREC=0x00 TTL=107 ID=1113 DF PROTO=TCP SPT=8478 DPT=465 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0 Jun 13 01:04:45 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=213.137.85.229 DST=204.17.205.254 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=1114 DF PROTO=TCP SPT=8478 DPT=465 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 FurrIX vIX	2026-06-13 00:28:37 (1 week ago)	2026-06-12T20:28:34.592570-04:00 mail postfix/submission/smtpd[408470]: lost connection after CONNEC ... show more 2026-06-12T20:28:34.592570-04:00 mail postfix/submission/smtpd[408470]: lost connection after CONNECT from unknown[213.137.85.229] 2026-06-12T20:28:37.161874-04:00 mail postfix/submission/smtpd[408470]: lost connection after STARTTLS from unknown[213.137.85.229] ... show less	Brute-Force
🇧🇷 hostseries	2026-06-02 02:04:14 (3 weeks ago)	Trigger: LF_SMTPAUTH	Brute-Force
🇩🇪 Tamsweb	2026-05-11 20:10:08 (1 month ago)	Unauthorized connection attempt or scan from 213.137.85.229 on port 46250 ...	Port Scan
🇩🇪 Tamsweb	2026-05-11 17:23:07 (1 month ago)	Unauthorized connection attempt or scan from 213.137.85.229 on port 27454 ...	Port Scan
🇳🇱 jetron	2026-05-11 05:24:45 (1 month ago)	unauthorized login attempt @ mailgarant.jetron.com	Brute-Force
🇪🇸 Gem	2026-05-08 22:25:30 (1 month ago)	Unauthorized web scan.	Web App Attack
🇧🇬 Stoyko Stoykov	2026-05-08 14:11:15 (1 month ago)	2026-05-08T16:48:44.007695+03:00 ns1 postfix/smtps/smtpd[1943443]: NOQUEUE: reject: RCPT from unknow ... show more 2026-05-08T16:48:44.007695+03:00 ns1 postfix/smtps/smtpd[1943443]: NOQUEUE: reject: RCPT from unknown[213.137.85.229]: 450 4.7.25 Client host rejected: cannot find your hostname, [213.137.85.229]; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<leviron-srv.domain> 2026-05-08T17:11:14.966747+03:00 ns1 postfix/smtps/smtpd[1943475]: NOQUEUE: reject: RCPT from unknown[213.137.85.229]: 450 4.7.25 Client host rejected: cannot find your hostname, [213.137.85.229]; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<leviron-srv.domain> ... show less	Hacking Brute-Force
🇸🇰 Eurofluid	2026-05-08 02:02:15 (1 month ago)	You shall not pass ! Abusive behavior blocked by EF firewall.	Port Scan Hacking Brute-Force
🇸🇰 KlinikaMD	2026-05-08 02:00:08 (1 month ago)	Automatic report from KMD firewall log.	Port Scan Hacking Brute-Force
🇸🇰 Eurofluid	2026-05-08 01:22:46 (1 month ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇸🇰 KlinikaMD	2026-05-08 01:08:49 (1 month ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
🇳🇱 AutoBlockIP	2026-05-05 14:13:09 (1 month ago)	Suspicious behaviour detected (tcp/465)	Port Scan Hacking Brute-Force
🇺🇸 ive03	2026-05-04 18:19:00 (1 month ago)		Email Spam Phishing

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.225

🇧🇷 45.187.97.174

🇳🇱 45.148.10.152

🇩🇪 193.124.20.235

🇩🇪 167.94.145.29

🇪🇸 158.158.49.166

🇯🇵 152.32.147.106

🇨🇦 140.238.153.39

🇳🇱 91.92.40.4

🇧🇬 79.124.56.250

🇺🇸 72.10.32.138

🇨🇳 60.191.125.35

🇬🇧 35.203.211.108

🇩🇪 8.211.39.116

🇬🇧 209.93.138.37

🇨🇳 183.153.35.0

🇺🇸 162.216.150.6

🇨🇳 115.190.215.101

🇹🇼 114.32.24.136

🇫🇷 88.188.90.40