JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.131.213.34

85.131.213.34 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 23%: ?

23%

ISP	XSERVER Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS131965
Hostname(s)	sv16653.xserver.jp
Domain Name	xserver.co.jp
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.131.213.34

Whois 85.131.213.34

IP Abuse Reports for 85.131.213.34:

This IP address has been reported a total of 13 times from 12 distinct sources. 85.131.213.34 was first reported on March 26th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-13 21:59:05 (3 weeks ago)	Auto-ban: 11 malicious requests on 2026-05-12 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 11 malicious requests on 2026-05-12 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-05-12 22:00:15 (3 weeks ago)	Auto-ban: >3000 req/min op 2026-05-12	Web App Attack SSH Hacking
Anonymous	2026-05-12 05:01:05 (3 weeks ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
Anonymous	2026-05-12 00:53:22 (3 weeks ago)	(caddyscan) Scanner path probe from 85.131.213.34 (JP/Japan/sv16653.xserver.jp): 5 in the last 3600 ... show more (caddyscan) Scanner path probe from 85.131.213.34 (JP/Japan/sv16653.xserver.jp): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 0 85.131.213.34 - - [12/May/2026:00:35:21 +0000] "HEAD /xmlrpc.php HTTP/1.1" [REDACTED] 200 0 85.131.213.34 - - [12/May/2026:00:39:33 +0000] "HEAD /xmlrpc.php HTTP/1.1" [REDACTED] 200 0 85.131.213.34 - - [12/May/2026:00:47:11 +0000] "HEAD /xmlrpc.php HTTP/1.1" [REDACTED] 200 2627 85.131.213.34 - - [12/May/2026:00:52:01 +0000] "GET /wp-login.php HTTP/1.1" [REDACTED] 200 0 85.131.213.34 - - [12/May/2026:00:53:15 +0000] "HEAD /xmlrpc.php HTTP/1.1" show less	Port Scan
🇺🇸 walnuts	2026-05-12 00:25:40 (3 weeks ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-05-11 22:19:36 (3 weeks ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇸🇬 aloon78	2026-04-02 00:00:00 (2 months ago)	WordPress wp-login.php brute force attack detected on trillactive.com	Brute-Force Web App Attack
🇺🇸 octageeks.com	2026-03-27 04:07:53 (2 months ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 [email protected]	2026-03-27 00:16:28 (2 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2026-03-27T00:16:28Z	Brute-Force
🇺🇸 lostswordfish.com	2026-03-26 16:34:03 (2 months ago)	Wordfence waf block on restore georgia	Web App Attack
🇲🇹 Malta	2026-03-26 15:55:27 (2 months ago)	85.131.213.34 - - [26/Mar/2026:16:55:27 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 85.131.213.34 - - [26/Mar/2026:16:55:27 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/10.1 Safari/603.1.30" show less	Hacking Web App Attack
Anonymous	2026-03-26 15:42:24 (2 months ago)	Brute forcing Wordpress login	Hacking Web App Attack
🇫🇷 Yepngo	2026-03-26 15:11:57 (2 months ago)	85.131.213.34 - - [26/Mar/2026:16:11:22 +0100] "POST /wp-login.php HTTP/2.0" 200 12101 "https://www. ... show more 85.131.213.34 - - [26/Mar/2026:16:11:22 +0100] "POST /wp-login.php HTTP/2.0" 200 12101 "https://www.yepngo.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; MASBJS; rv:11.0) like Gecko" 85.131.213.34 - - [26/Mar/2026:16:11:56 +0100] "POST /wp-login.php HTTP/2.0" 200 12100 "https://yepngo.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/602.2.14 (KHTML, like Gecko) Version/10.0.1 Safari/602.2.14" ... show less	Brute-Force Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.172.177

🇺🇸 100.29.192.93

🇺🇸 67.20.76.238

🇨🇳 222.176.201.127

🇺🇸 216.73.163.108

🇨🇦 148.113.160.5

🇺🇸 147.185.132.37

🇨🇳 123.145.19.254

🇨🇳 112.103.141.62

🇹🇭 106.0.165.219

🇭🇰 103.149.26.230

🇬🇧 87.236.176.116

🇺🇸 66.132.172.146

🇫🇮 5.181.20.206

🇵🇪 200.106.49.149

🇲🇾 175.144.238.198

🇩🇪 167.94.146.78

🇺🇸 162.216.149.11

🇮🇳 124.253.192.48

🇨🇳 112.31.109.13