JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.245.85.113

123.245.85.113 was found in our database!

This IP was reported 202 times. Confidence of Abuse is 69%: ?

69%

ISP	JunQu2-SY-LN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.245.85.113

Whois 123.245.85.113

IP Abuse Reports for 123.245.85.113:

This IP address has been reported a total of 202 times from 75 distinct sources. 123.245.85.113 was first reported on January 18th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-12 02:41:46 (2 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 centurion	2026-06-12 01:50:36 (2 days ago)	Blocked by UFW on ns02 [17113/tcp] Source port: 27640 TTL: 238 Packet length: 44 TOS: 0x00 This rep ... show more Blocked by UFW on ns02 [17113/tcp] Source port: 27640 TTL: 238 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-11 20:48:00 (2 days ago)	Blocked by UFW on LAXHH [9100/tcp] \| SPT: 62323 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9100/tcp] \| SPT: 62323 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-11 03:06:49 (3 days ago)	tcp/7779	Port Scan
🇬🇧 PeravixGroup	2026-06-10 21:24:27 (3 days ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇩🇪 ghostwarriors	2026-06-10 10:50:15 (3 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Justin F. \| AS204464	2026-06-09 10:04:34 (4 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 12415 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 12415 [1] TCP Reported by: Justin F. show less	Port Scan
🇪🇸 librebit	2026-06-08 05:18:33 (6 days ago)	Brute force	Brute-Force
🇬🇧 PeravixGroup	2026-06-07 21:29:12 (6 days ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-05 15:43:48 (1 week ago)	unsolicited connect TCP dport 9092 (sport 63905)	Hacking
🇨🇭 4server	2026-06-05 14:33:59 (1 week ago)	[FriJun0516:33:52.1380162026][security2:error][pid1464645:tid1464928][client123.245.85.113:0]ModSecu ... show more [FriJun0516:33:52.1380162026][security2:error][pid1464645:tid1464928][client123.245.85.113:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.4server.biz\"][uri\"/\"][unique_id\"aiLeUEcFz5XIfI5SpR_FewAAANE\"] show less	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-05-31 10:41:29 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 LiftUp Hosting	2026-05-29 14:51:59 (2 weeks ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 8880 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-29 10:46:17 (2 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-22 09:37:14 (3 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2376. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host

Showing 1 to 15 of 202 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.184.143

🇫🇷 193.32.126.157

🇳🇱 185.242.226.11

🇺🇸 185.226.196.14

🇻🇳 171.244.39.95

🇺🇸 147.185.132.229

🇺🇸 66.132.195.56

🇺🇸 66.132.195.39

🇬🇧 35.203.211.210

🇺🇸 208.109.52.213

🇺🇸 172.208.48.177

🇺🇸 165.154.173.141

🇺🇸 162.216.149.254

🇲🇽 160.34.212.79

🇫🇮 147.185.133.5

🇺🇸 109.105.210.68

🇩🇪 91.217.249.227

🇱🇹 81.30.98.158

🇷🇴 80.94.92.171

🇰🇷 59.26.132.170