JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.85.219.71

1.85.219.71 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 11%: ?

11%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.85.219.71

Whois 1.85.219.71

IP Abuse Reports for 1.85.219.71:

This IP address has been reported a total of 143 times from 47 distinct sources. 1.85.219.71 was first reported on May 2nd 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-04 05:27:19 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 donarev419	2026-05-07 05:03:59 (1 month ago)	Connection to port 2619 with data transfer. Data preview: USER anonymous	Port Scan Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-03-16 03:11:43 (2 months ago)	Honeypot hit: Empty payload (likely service probe); 8126 [1] TCP	Port Scan
🇺🇸 RAP	2026-03-02 02:15:59 (3 months ago)	2026-03-02 02:15:59 UTC Unauthorized activity to TCP port 9200.	Port Scan
🇺🇸 donarev419	2026-03-02 00:35:30 (3 months ago)	Connection to port 1911 with data transfer. Data preview:	Port Scan Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-02-18 03:00:14 (3 months ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 5202 [1] TCP	Port Scan
🇨🇦 Largnet SOC	2026-02-08 07:21:25 (4 months ago)	1.85.219.71 triggered Icarus honeypot on port 25. Check us out on github.	Port Scan Hacking
Anonymous	2026-01-24 12:21:45 (4 months ago)	unsolicited connect TCP dport 9001 (sport 12718)	Hacking
Anonymous	2026-01-19 16:47:45 (4 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 MirrorImageGaming	2025-12-10 17:50:51 (6 months ago)	TCP probe(s) @ 5984 CN	Port Scan
🇬🇧 Andrew	2025-11-30 22:37:01 (6 months ago)	Blocked by UFW (TCP on port 7090). Source port: 24888 TTL: 237 Packet length: 44 TOS: 0x00 This rep ... show more Blocked by UFW (TCP on port 7090). Source port: 24888 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 1.85.219.71) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 ThreatBook.io	2025-11-24 22:03:40 (6 months ago)	ThreatBook Intelligence: Dynamic IP,Spam more details on https://threatbook.io/ip/1.85.219.71 2025-1 ... show more ThreatBook Intelligence: Dynamic IP,Spam more details on https://threatbook.io/ip/1.85.219.71 2025-11-24 09:42:20 / show less	Web App Attack
🇰🇷 forgeban	2025-11-23 16:45:47 (6 months ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 1088 [1] TCP	Port Scan
Anonymous	2025-11-23 10:39:06 (6 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-11-10 09:21:39 (7 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.48.23

🇩🇪 45.135.141.15

🇰🇷 222.110.147.58

🇿🇦 197.234.206.108

🇨🇳 180.184.37.115

🇧🇪 104.199.111.189

🇺🇸 66.132.172.226

🇰🇷 43.164.190.40

🇸🇬 43.156.12.237

🇺🇸 43.153.12.68

🇹🇳 41.62.247.91

🇯🇵 212.32.76.2

🇲🇦 196.89.243.145

🇬🇧 193.163.125.36

🇮🇩 163.7.9.55

🇹🇭 122.154.74.204

🇺🇸 104.238.135.87

🇺🇸 91.230.168.233

🇳🇱 91.92.40.207

🇧🇷 45.205.1.73