JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.234.81.180

123.234.81.180 was found in our database!

This IP was reported 692 times. Confidence of Abuse is 70%: ?

70%

ISP	China Unicom Shandong Province Network
Usage Type	Fixed Line ISP
ASN	AS4837
Domain Name	chinaunicom.cn
Country	🇨🇳 China
City	Qingdao, Shandong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.234.81.180

Whois 123.234.81.180

IP Abuse Reports for 123.234.81.180:

This IP address has been reported a total of 692 times from 244 distinct sources. 123.234.81.180 was first reported on January 18th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-06-18 15:31:51 (1 week ago)	SecLedge detected suspicious activity. Score: 104.64. Sensor: T-Pot.	Brute-Force
Anonymous	2026-06-01 15:02:52 (3 weeks ago)	2026-06-01 10:02:51.999 [7299] H=(mailserver.regency.local) [123.234.81.180]:21098 I=[192.168.1.220] ... show more 2026-06-01 10:02:51.999 [7299] H=(mailserver.regency.local) [123.234.81.180]:21098 I=[192.168.1.220]:25 Ci=7299 F=<[email protected]> rejected RCPT <[email protected]>: Unknown user ... show less	Brute-Force Exploited Host
🇮🇳 evicky2002	2026-05-25 06:00:00 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇳🇱 JCB	2026-05-23 12:41:00 (1 month ago)	123.234.81.180 - - [22/May/2026:11:51:01 +0300] "POST /register.jsp HTTP/1.1" 404 236 123.234.81.18 ... show more 123.234.81.180 - - [22/May/2026:11:51:01 +0300] "POST /register.jsp HTTP/1.1" 404 236 123.234.81.180 - - [22/May/2026:11:51:07 +0300] "POST /login/login.jsp HTTP/1.1" 404 236 ... show less	Web App Attack
🇧🇷 dominioz	2026-05-23 01:08:02 (1 month ago)	2026-05-23 01:07:14 GET /index.action - - 123.234.81.180 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+ ... show more 2026-05-23 01:07:14 GET /index.action - - 123.234.81.180 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_12_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 1440 2026-05-23 01:07:19 GET /login.action - - 123.234.81.180 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_12_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 1440 2026-05-23 01:07:23 GET /index.do - - 123.234.81.180 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_12_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 1440 2026-05-23 01:07:27 GET /index.jsp - - 123.234.81.180 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_12_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 1440 ... show less	Web App Attack
🇩🇪 gadix	2026-05-22 21:20:33 (1 month ago)	[22/May/2026:23:20:14.811630 +0200] ahDIjgqKuJGgfWARCk9-PQAAAAI 123.234.81.180 56552 127.0.0.1 7080 ... show more [22/May/2026:23:20:14.811630 +0200] ahDIjgqKuJGgfWARCk9-PQAAAAI 123.234.81.180 56552 127.0.0.1 7080 [22/May/2026:23:20:23.933584 +0200] ahDIl--2KoAFLHK9bNJlfgAAAAA 123.234.81.180 60436 127.0.0.1 7080 [22/May/2026:23:20:32.596278 +0200] ahDIoFjvzSV6-HvaFaLj7QAAAAU 123.234.81.180 48604 127.0.0.1 7080 ... show less	Web App Attack
🇳🇱 BellFix	2026-05-22 14:12:55 (1 month ago)	Fail2ban reported 123.234.81.180 for npm-docker	Web App Attack
🇭🇷 IgorS.zg.hr	2026-05-22 11:25:01 (1 month ago)	Web application attack detected by fail2ban	Hacking Web App Attack
🇫🇷 Fasetech	2026-05-22 08:17:25 (1 month ago)	SecLedge detected suspicious activity. Score: 104.64. Sensor: T-Pot.	Brute-Force
🇳🇱 JCB	2026-05-22 08:03:00 (1 month ago)	123.234.81.180 - - [22/May/2026:00:42:50 +0300] "POST /login.jsp HTTP/1.1" 404 236 123.234.81.180 - ... show more 123.234.81.180 - - [22/May/2026:00:42:50 +0300] "POST /login.jsp HTTP/1.1" 404 236 123.234.81.180 - - [22/May/2026:00:42:58 +0300] "POST /main.jsp HTTP/1.1" 404 236 ... show less	Web App Attack
🇬🇧 blueskysystems	2026-05-22 04:45:03 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇯🇵 pixelboost.kr	2026-05-22 03:19:22 (1 month ago)	123.234.81.180 - - [22/May/2026:12:19:06 +0900] "GET /index.jsp HTTP/1.1" 404 181 "-" "Mozilla/5.0 ( ... show more 123.234.81.180 - - [22/May/2026:12:19:06 +0900] "GET /index.jsp HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" 123.234.81.180 - - [22/May/2026:12:19:21 +0900] "GET /login.jsp HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-22 02:05:28 (1 month ago)	Too many Status 50X (39)	Brute-Force Web App Attack
Anonymous	2026-05-22 01:41:42 (1 month ago)	Unauthorized access (tcp/80/http)	Port Scan Web App Attack
🇫🇷 Rom74	2026-05-22 01:23:48 (1 month ago)	[Fri May 22 03:23:46.641576 2026] [security2:error] [pid 2104629:tid 138140073309888] [client 123.23 ... show more [Fri May 22 03:23:46.641576 2026] [security2:error] [pid 2104629:tid 138140073309888] [client 123.234.81.180:46822] [client 123.234.81.180] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "90.12.173.178"] [uri "/"] [unique_id "ag-wIu3gyLsRTcy1URcWcwAAAJU"] [Fri May 22 03:23:47.387358 2026] [security2:error] [pid 2104629:tid 138140106880704] [client 123.234.81.180:47227] [client 123.234.81.180] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total ... show less	Web App Attack

Showing 1 to 15 of 692 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 135.237.125.135

🇨🇳 111.26.106.119

🇺🇸 65.49.1.218

🇸🇬 4.194.16.184

🇺🇸 184.72.137.136

🇨🇳 119.100.208.171

🇷🇴 92.118.39.77

🇧🇷 31.56.44.38

🇺🇸 20.65.217.91

🇺🇸 2607:f8b0:400c:c15::126

🇦🇷 181.116.220.251

🇺🇸 165.227.206.64

🇳🇱 80.82.65.202

🇨🇳 39.129.90.146

🇷🇺 31.173.12.27

🇷🇴 2.57.121.112

🇺🇬 196.0.120.6

🇬🇧 193.176.29.9

🇺🇸 141.11.88.4

🇬🇧 94.72.102.118