JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.85.216.112

1.85.216.112 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 28%: ?

28%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.85.216.112

Whois 1.85.216.112

IP Abuse Reports for 1.85.216.112:

This IP address has been reported a total of 136 times from 23 distinct sources. 1.85.216.112 was first reported on May 3rd 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-12 06:25:01 (1 day ago)	Blocked by UFW (TCP on 12016) Source port: 54395 TTL: 237 Packet length: 44 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 12016) Source port: 54395 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 1.85.216.112) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-07 23:04:39 (5 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-07 00:31:59 (6 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-02 05:26:04 (1 week ago)	attempted attached to my private listening port	Port Scan
Anonymous	2026-05-01 18:38:40 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-03-21 14:43:10 (2 months ago)	tcp/13246 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-03-21 14:43:10 (2 months ago)	tcp/13246	Port Scan
Anonymous	2026-03-02 00:06:57 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-01-24 01:50:53 (4 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 VMHeaven.io	2025-12-17 15:33:43 (5 months ago)	Blocked by UFW [10162/tcp] Source port: 12252 TTL: 236 Packet length: 44	Port Scan
Anonymous	2025-12-12 17:43:45 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-12-07 17:19:16 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-11-29 12:26:52 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-11-24 11:42:32 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇰🇷 forgeban	2025-11-07 14:22:22 (7 months ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 4949 [1] TCP	Port Scan

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.87.243.61

🇨🇳 119.98.250.237

🇮🇳 116.72.69.232

🇭🇰 114.111.53.214

🇷🇺 95.215.0.145

🇧🇪 34.79.11.2

🇸🇪 212.17.184.93

🇻🇳 171.243.150.62

🇺🇸 165.154.173.141

🇭🇰 165.154.1.18

🇺🇸 162.216.149.104

🇫🇮 147.185.133.250

🇫🇮 147.185.133.90

🇨🇳 119.53.253.2

🇨🇳 116.204.5.89

🇨🇳 101.206.107.245

🇰🇿 91.147.100.71

🇧🇬 91.92.40.58

🇫🇷 89.92.240.151

🇫🇷 51.159.110.167