JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.117.239.172

85.117.239.172 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 78%: ?

78%

ISP	TIGOVA NETWORK LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS207279
Hostname(s)	valvehaus.com
Domain Name	tigova.co.uk
Country	🇹🇷 Turkey
City	Istanbul, Istanbul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.117.239.172

Whois 85.117.239.172

IP Abuse Reports for 85.117.239.172:

This IP address has been reported a total of 28 times from 20 distinct sources. 85.117.239.172 was first reported on March 23rd 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 donarev419	2026-06-06 04:47:26 (4 hours ago)	Connection to port 3389 with data transfer. Data preview:	Port Scan Hacking
🇩🇪 Justin F. \| AS204464	2026-06-06 04:22:36 (4 hours ago)	Honeypot [nx-infrastructure]: HTTP header with cookie; 3389 [1] TCP Reported by: Justin F.	Hacking Bad Web Bot
🇸🇬 drewf.ink	2026-06-06 04:14:24 (4 hours ago)	[04:14] Port scanning. Port(s) scanned: TCP/3389	Port Scan
🇺🇸 wristhulk	2026-06-06 04:01:46 (4 hours ago)	Honeypot: RDP brute-force on OpenCanary honeypot (port 3389). Username: '173'.	Brute-Force
Anonymous	2026-06-06 03:45:52 (5 hours ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇺🇸 3rdKey	2026-06-06 03:01:02 (5 hours ago)	OpenCanary honeypot hit on port 3389 (no legitimate service runs there); logtype 14001. Automated re ... show more OpenCanary honeypot hit on port 3389 (no legitimate service runs there); logtype 14001. Automated report. show less	Port Scan Brute-Force Exploited Host
🇩🇪 kexol	2026-06-06 03:00:10 (5 hours ago)	3389 port scanned	Port Scan
🇬🇧 PeravixGroup	2026-06-06 02:44:38 (6 hours ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇪🇸 el-brujo	2026-06-06 00:13:00 (8 hours ago)	06/06/2026-02:13:00.826443 85.117.239.172 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Ser ... show more 06/06/2026-02:13:00.826443 85.117.239.172 Protocol: 6 ET SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) show less	Hacking
🇩🇪 Mailguard-FRD	2026-06-05 23:57:44 (8 hours ago)	1780703864 - 06/06/2026 01:57:44 Host: 85.117.239.172/85.117.239.172 Port: 3389 TCP Blocked ...	Port Scan
🇫🇷 Coco Bongo	2026-06-05 23:56:03 (9 hours ago)	1780703762 - 06/06/2026 01:56:02 Host: 85.117.239.172/85.117.239.172 Port: 3389 TCP Blocked ...	Port Scan
Anonymous	2026-06-05 23:53:09 (9 hours ago)	Trying ports that it shouldn't be.	Port Scan Hacking Exploited Host
🇺🇸 wristhulk	2026-06-05 01:58:08 (1 day ago)	Honeypot: RDP brute-force on OpenCanary honeypot (port 3389). Username: '173'.	Brute-Force
🇬🇧 skocherhan	2026-06-05 00:23:27 (1 day ago)	RDP probe cluster. Session hits: 1. Client Info: RDP Connection Request [Routing Token: [REDACTED]]	Port Scan Brute-Force
🇳🇱 EGP Abuse Dept	2026-06-05 00:14:17 (1 day ago)	Unauthorized connection to RDP port 3389	Port Scan Hacking

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 118.26.37.26

🇷🇺 90.151.171.109

🇺🇸 66.132.224.30

🇸🇪 192.178.93.147

🇨🇳 182.119.190.168

🇮🇳 103.77.14.62

🇷🇺 95.165.27.83

🇦🇹 77.119.211.7

🇧🇷 45.205.1.243

🇧🇷 177.103.85.80

🇮🇩 163.7.8.79

🇭🇰 152.32.132.28

🇵🇱 87.251.64.158

🇺🇸 66.132.172.244

🇷🇴 2.57.122.238

🇰🇷 221.163.5.228

🇧🇷 205.210.31.234

🇧🇪 198.235.24.204

🇩🇪 167.94.145.30

🇨🇳 116.178.128.218