JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.245.85.191

123.245.85.191 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 40%: ?

40%

ISP	JunQu2-SY-LN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.245.85.191

Whois 123.245.85.191

IP Abuse Reports for 123.245.85.191:

This IP address has been reported a total of 175 times from 56 distinct sources. 123.245.85.191 was first reported on January 17th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-15 09:02:44 (1 week ago)	Blocked by UFW on LAXHH [119/tcp] \| SPT: 27670 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on LAXHH [119/tcp] \| SPT: 27670 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-10 02:01:30 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5986. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-09 01:21:55 (2 weeks ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-08 07:03:24 (2 weeks ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇫🇷 Petre 21_ip	2026-06-07 02:34:31 (2 weeks ago)	2026-06-07T04:34:30.975517+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-07T04:34:30.975517+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=123.245.85.191 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=231 ID=57225 PROTO=TCP SPT=62947 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇵🇱 sefinek.net	2026-06-06 00:12:53 (2 weeks ago)	Blocked by UFW on PL02 [5984/tcp] \| SPT: 51431 \| TTL: 232 \| LEN: 44 \| TOS: 0x00 • Reported by: githu ... show more Blocked by UFW on PL02 [5984/tcp] \| SPT: 51431 \| TTL: 232 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-05 09:51:31 (2 weeks ago)	tcp/5342	Port Scan
🇬🇧 PeravixGroup	2026-05-31 03:09:44 (3 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 07:23:39 (3 weeks ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 19:45:49 (1 month ago)	Honeypot hit: Empty payload (likely service probe); 7082 [1] TCP	Port Scan
🇩🇪 dispaisyenterprises	2026-05-20 14:27:49 (1 month ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 10276 GET / Accept: /; 10276 [1] TCP Reported by ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 10276 GET / Accept: /; 10276 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇭🇰 pengpeng	2026-05-19 07:34:39 (1 month ago)	monitor: on ser162528253480 \| port: 2078 \| ttl: 237 script: github.com/sefinek/UFW-AbuseIPDB-Report ... show more monitor: on ser162528253480 \| port: 2078 \| ttl: 237 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-05-15 11:20:55 (1 month ago)	Blocked by UFW (TCP on 5984) Source port: 19580 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 5984) Source port: 19580 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 123.245.85.191) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-05-13 16:38:31 (1 month ago)	Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aar ... show more Honeypot detection: IMAP email brute-force authentication attempt on port 143. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇲🇳 Public CSIRT/CC of Mongolia	2026-04-29 16:46:49 (1 month ago)	Honeypot hit: HTTP/1.1 request on 9923 GET / Accept: /; 9923 [1] TCP	Web App Attack

Showing 1 to 15 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 145.90.8.9

🇧🇩 103.213.238.91

🇺🇸 84.37.194.188

🇺🇸 71.12.42.216

🇺🇸 43.135.134.127

🇧🇷 15.228.244.5

🇺🇸 13.90.206.6

🇺🇸 2607:f8b0:4001:c0a::12d

🇧🇪 207.175.103.174

🇲🇽 187.216.224.85

🇧🇷 187.93.51.46

🇺🇸 184.105.247.238

🇻🇳 116.110.15.47

🇮🇩 103.84.7.190

🇨🇮 102.209.217.170

🇳🇱 91.92.40.50

🇺🇸 88.218.46.74

🇨🇦 85.217.149.13

🇮🇳 64.227.188.154

🇺🇸 44.34.120.45