JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.85.216.45

1.85.216.45 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 28%: ?

28%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.85.216.45

Whois 1.85.216.45

IP Abuse Reports for 1.85.216.45:

This IP address has been reported a total of 124 times from 51 distinct sources. 1.85.216.45 was first reported on April 6th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-14 17:36:18 (1 day ago)	Blocked by UFW on LAXHH [13722/tcp] \| SPT: 42745 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: git ... show more Blocked by UFW on LAXHH [13722/tcp] \| SPT: 42745 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-14 10:39:57 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 15:52:30 (2 weeks ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 02:49:38 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-26 09:03:41 (3 weeks ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇫🇮 6kilowatti	2026-05-03 15:33:44 (1 month ago)	2026-05-03T18:33:43.797603+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-05-03T18:33:43.797603+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=1.85.216.45 DST=5.61.88.83 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=62256 PROTO=TCP SPT=30261 DPT=2118 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 D3RP4UL	2026-04-28 13:15:54 (1 month ago)	HTTP/1.1 request on 11211 GET / Accept: /; 11211 [1] TCP	Hacking Bad Web Bot
🇺🇸 cybsecaoccol	2026-04-10 01:28:28 (2 months ago)	unauthorized connection or malicious port scan attempted on tcp port 22 - dr	Port Scan Hacking
🇩🇪 David Ferneding	2026-04-09 05:25:23 (2 months ago)	Blocked by UFW (TCP on 1125) Source port: 21580 TTL: 236 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 1125) Source port: 21580 TTL: 236 Packet length: 44 TOS: 0x00 This report (for 1.85.216.45) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇦 Largnet SOC	2026-04-08 11:50:42 (2 months ago)	1.85.216.45 triggered Icarus honeypot on port 3306. Check us out on github.	Port Scan Hacking
🇺🇸 MPL	2026-03-16 14:55:53 (3 months ago)	tcp/3524	Port Scan
🇺🇸 MPL	2026-03-16 11:31:45 (3 months ago)	tcp/49666 (2 or more attempts)	Port Scan
🇺🇸 RAP	2026-03-15 22:52:57 (3 months ago)	2026-03-15 22:52:57 UTC Unauthorized activity to TCP port 3306.	Port Scan
Anonymous	2026-03-15 18:52:29 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-03-06 18:30:43 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 217.154.144.42

🇦🇷 200.41.206.1

🇹🇷 193.140.169.144

🇲🇽 187.191.48.23

🇭🇰 152.32.135.48

🇩🇪 118.193.59.41

🇨🇦 108.163.153.148

🇨🇳 60.8.121.6

🇮🇳 49.206.193.25

🇺🇸 40.121.179.100

🇺🇸 38.34.175.86

🇧🇷 20.195.176.139

🇺🇸 8.231.132.219

🇺🇸 132.196.32.55

🇭🇰 121.202.138.181

🇰🇷 121.134.214.4

🇨🇳 112.193.61.99

🇷🇴 80.94.92.206

🇨🇳 59.51.110.131

🇺🇸 54.70.53.60