JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.102.227.100

112.102.227.100 was found in our database!

This IP was reported 420 times. Confidence of Abuse is 57%: ?

57%

ISP	CHINANET HEILONGJIANG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Harbin, Heilongjiang

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.102.227.100

Whois 112.102.227.100

IP Abuse Reports for 112.102.227.100:

This IP address has been reported a total of 420 times from 110 distinct sources. 112.102.227.100 was first reported on May 15th 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-05 09:23:39 (1 hour ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-04 05:24:43 (1 day ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-04 03:34:59 (1 day ago)	Honeypot hit: Large payload (1457 bytes); 11110 [1] TCP	Hacking
🇬🇧 PeravixGroup	2026-05-24 00:20:12 (1 week ago)	Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MED ... show more Honeypot detection: TR-069 CWMP router management protocol abuse attempt on port 7547. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇺🇸 MPL	2026-05-22 01:44:32 (2 weeks ago)	tcp/2263 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-21 09:58:15 (2 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇩🇪 Justin F. \| AS204464	2026-05-20 21:14:53 (2 weeks ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 10000 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 10000 [1] TCP Reported by: Justin F. show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-19 11:27:10 (2 weeks ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 11111 [1] TCP	Port Scan
🇨🇳 ThreatBook.io	2026-05-17 00:06:29 (2 weeks ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.102.227.100 2026-0 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/112.102.227.100 2026-05-16 07:00:37 / show less	Web App Attack
🇫🇷 Pölkky	2026-05-15 09:58:03 (3 weeks ago)	Abusive IP (403 Forbidden)	Web App Attack
🇫🇮 6kilowatti	2026-05-14 16:00:21 (3 weeks ago)	2026-05-14T19:00:20.607607+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:2e:2 ... show more 2026-05-14T19:00:20.607607+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:2e:2d:5e:71:aa:73:08:00 SRC=112.102.227.100 DST=192.168.0.102 LEN=44 TOS=0x00 PREC=0x00 TTL=229 ID=65038 PROTO=TCP SPT=21773 DPT=8085 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 gbzret4d	2026-05-13 07:40:04 (3 weeks ago)	Honeypot [uk-production01]: Unauthorized traffic (16 bytes of payload); 9005 [1] TCP	Port Scan
🇷🇸 Scan	2026-05-04 00:04:05 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇨🇦 Largnet SOC	2026-04-29 15:09:43 (1 month ago)	112.102.227.100 triggered Icarus honeypot on port 3389. Check us out on github.	Port Scan Hacking
🇵🇱 sefinek.net	2026-04-28 11:51:33 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 16062 [1] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 16062 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan

Showing 1 to 15 of 420 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:fb91:4485:6155:208c:dc4d:725d:2f89

🇧🇷 205.210.31.133

🇬🇧 193.32.209.232

🇺🇸 49.51.39.209

🇱🇹 45.227.254.170

🇺🇸 2607:f8b0:4023:1004::126

🇺🇸 162.216.150.62

🇩🇪 47.245.141.74

🇮🇳 43.228.112.254

🇺🇸 35.188.112.111

🇮🇳 27.0.221.169

🇨🇳 117.177.102.79

🇷🇴 80.94.92.184

🇺🇸 23.94.92.98

🇵🇱 188.212.135.28

🇩🇪 172.71.144.147

🇩🇪 104.248.47.99

🇷🇺 95.84.137.185

🇧🇬 81.177.213.165

🇺🇸 64.62.156.195