JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.85.219.216

1.85.219.216 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 25%: ?

25%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.85.219.216

Whois 1.85.219.216

IP Abuse Reports for 1.85.219.216:

This IP address has been reported a total of 89 times from 26 distinct sources. 1.85.219.216 was first reported on December 21st 2020, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 06:48:30 (5 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇲🇽 FenixHunter🐦‍🔥	2026-06-04 13:09:33 (1 week ago)	Blocked TLS Cipher Downgrade Attemp. Action Performed: DROP	Port Scan Hacking Bad Web Bot Web App Attack
🇳🇱 BIV	2026-05-18 14:21:46 (3 weeks ago)	Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 8080. Automated tiered (T-Pot+DSh ... show more Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 8080. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 MPL	2026-05-14 02:50:00 (1 month ago)	tcp/8881	Port Scan
🇨🇦 unullable	2026-05-11 03:55:46 (1 month ago)	Telnet scanner/bruter (port:2404)	Brute-Force
🇨🇦 Tanados	2026-04-08 16:07:32 (2 months ago)	Blocked by UFW [1100/tcp] Source port: 59367 TTL: 232 Packet length: 44 TOS: 0x00 This report was g ... show more Blocked by UFW [1100/tcp] Source port: 59367 TTL: 232 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-03-07 18:22:05 (3 months ago)	tcp/1400	Port Scan
🇵🇱 sefinek.net	2026-02-28 17:44:05 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 www.winos.me	2026-02-06 10:18:33 (4 months ago)	port scan	Port Scan
🇺🇸 RogueAutomata	2026-01-24 04:06:03 (4 months ago)	Detected malicious request: GET / Detections triggered: Access via IP addr (v4)	Web App Attack
Anonymous	2026-01-20 05:19:06 (4 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 MPL	2025-09-04 21:20:23 (9 months ago)	tcp/80 (2 or more attempts)	Port Scan
🇺🇸 MPL	2025-08-30 15:55:33 (9 months ago)	tcp/2053	Port Scan
🇺🇸 MPL	2025-08-30 15:55:33 (9 months ago)	tcp/2053 (2 or more attempts)	Port Scan
🇩🇪 Coco Bongo	2025-05-08 08:14:39 (1 year ago)	1746692078 - 05/08/2025 10:14:38 Host: 1.85.219.216/1.85.219.216 Port: 6667 TCP Blocked ...	Port Scan

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 45.156.129.91

🇹🇷 45.74.244.199

🇧🇪 34.52.158.58

🇫🇮 2a00:1450:4010:c01::120

🇦🇺 210.50.185.165

🇧🇷 200.175.201.167

🇧🇪 198.235.24.180

🇺🇸 174.35.25.177

🇺🇸 172.237.156.201

🇨🇳 119.249.100.114

🇮🇳 117.248.231.1

🇨🇳 117.13.171.178

🇨🇳 115.230.124.67

🇺🇦 78.152.190.35

🇺🇸 64.62.197.213

🇺🇸 48.217.227.80

🇺🇸 2607:f8b0:400e:c08::128

🇯🇵 212.32.76.22

🇩🇰 194.239.23.78

🇬🇧 188.240.59.12