JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.245.85.147

123.245.85.147 was found in our database!

This IP was reported 176 times. Confidence of Abuse is 54%: ?

54%

ISP	JunQu2-SY-LN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.245.85.147

Whois 123.245.85.147

IP Abuse Reports for 123.245.85.147:

This IP address has been reported a total of 176 times from 63 distinct sources. 123.245.85.147 was first reported on January 19th 2024, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-07 09:11:03 (16 hours ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇬🇧 PeravixGroup	2026-06-07 04:36:16 (20 hours ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 04:52:11 (1 day ago)	Honeypot detection: Privilege escalation / elevation attempt on port 9200. Severity: CRITICAL. Aaran ... show more Honeypot detection: Privilege escalation / elevation attempt on port 9200. Severity: CRITICAL. Aaran.cloud show less	Hacking
🇮🇹 MenaBelino	2026-06-03 22:49:00 (4 days ago)	123.245.85.147 - - [03/Jun/2026:22:48:59 +0000] "JDWP-Handshake\x00\x00\x00\x0B\x00\x00\x00\x01\x00\ ... show more 123.245.85.147 - - [03/Jun/2026:22:48:59 +0000] "JDWP-Handshake\x00\x00\x00\x0B\x00\x00\x00\x01\x00\x01\x01" 400 150 "-" "-" ... show less	Hacking Port Scan
🇬🇧 PeravixGroup	2026-06-02 01:49:26 (5 days ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-01 10:06:38 (6 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-29 19:53:14 (1 week ago)	Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. A ... show more Honeypot detection: IRC botnet command-and-control channel attempt on port 6667. Severity: MEDIUM. Aaran.cloud show less	DDoS Attack Hacking
🇨🇦 Tanados	2026-05-21 22:48:08 (2 weeks ago)	Blocked by UFW [5985/tcp] Source port: 30205 TTL: 232 Packet length: 44 TOS: 0x00 This report was g ... show more Blocked by UFW [5985/tcp] Source port: 30205 TTL: 232 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇹 abuseiphack	2026-05-21 00:16:16 (2 weeks ago)	Automatic report for brute force attack	Web App Attack
🇬🇧 PeravixGroup	2026-05-20 09:24:16 (2 weeks ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇳🇱 BIV	2026-05-18 13:34:07 (2 weeks ago)	Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 8080. Automated tiered (T-Pot+DSh ... show more Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 8080. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 ShadowWhisperer	2026-05-16 09:30:12 (3 weeks ago)	SSH fingerprint.	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-12 09:21:31 (3 weeks ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 7443 [1] TCP	Port Scan
🇧🇾 stroytrest	2026-05-10 12:39:37 (4 weeks ago)	2026-05-10T15:39:36.790416+03:00 gate kernel: [1663613.604721] nftables: JAIL-TELNET IN=wan OUT= MAC ... show more 2026-05-10T15:39:36.790416+03:00 gate kernel: [1663613.604721] nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=123.245.85.147 DST=xxx.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=51909 DF PROTO=TCP SPT=51645 DPT=23 WINDOW=28880 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇦🇹 urnilxfgbez	2026-05-08 22:45:00 (4 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 176 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.85

🇨🇳 180.111.30.85

🇳🇱 91.92.42.10

🇺🇸 66.228.46.52

🇲🇾 49.124.150.252

🇫🇮 35.228.132.114

🇩🇪 213.209.159.226

🇺🇸 195.184.76.219

🇺🇸 192.142.2.40

🇺🇸 143.198.123.221

🇺🇸 134.209.127.206

🇺🇸 91.193.232.235

🇺🇸 64.62.197.41

🇬🇭 41.211.21.18

🇺🇸 38.20.115.48

🇺🇸 20.168.120.249

🇮🇹 2.57.170.215

🇲🇽 186.96.145.241

🇺🇾 186.54.201.182

🇨🇳 180.113.219.217