JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.245.85.199

123.245.85.199 was found in our database!

This IP was reported 189 times. Confidence of Abuse is 57%: ?

57%

ISP	JunQu2-SY-LN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.245.85.199

Whois 123.245.85.199

IP Abuse Reports for 123.245.85.199:

This IP address has been reported a total of 189 times from 70 distinct sources. 123.245.85.199 was first reported on January 18th 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-10 22:17:58 (15 hours ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇬🇧 PeravixGroup	2026-06-06 21:53:50 (4 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-06 05:50:08 (5 days ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-04 08:42:10 (1 week ago)	Honeypot hit: Unauthorized traffic (16 bytes of payload); 49154 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (16 bytes of payload); 49154 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-05-31 16:09:42 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 02:13:59 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇳🇱 StopAbuse	2026-05-31 01:10:32 (1 week ago)	tcp/24888	Port Scan
🇬🇧 PeravixGroup	2026-05-30 04:18:46 (1 week ago)	Honeypot detection: Server-Side Template Injection (SSTI) attempt on port 27017. Severity: HIGH. Aar ... show more Honeypot detection: Server-Side Template Injection (SSTI) attempt on port 27017. Severity: HIGH. Aaran.cloud show less	Hacking Web App Attack
🇺🇸 MPL	2026-05-28 13:40:40 (1 week ago)	tcp/12125	Port Scan
🇺🇸 xmission.com	2026-05-26 17:42:49 (2 weeks ago)	Blocked by UFW (TCP on 2762) Source port: 42944 TTL: 237 Packet length: 44 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 2762) Source port: 42944 TTL: 237 Packet length: 44 TOS: 0x08 This report (for 123.245.85.199) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 6kilowatti	2026-05-25 07:50:46 (2 weeks ago)	2026-05-25T10:50:46.032568+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-05-25T10:50:46.032568+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=123.245.85.199 DST=83.148.240.21 LEN=44 TOS=0x00 PREC=0x00 TTL=236 ID=6419 PROTO=TCP SPT=29200 DPT=5000 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-05-24 13:52:40 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 bitblockit	2026-05-21 10:50:15 (3 weeks ago)	Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: P0f. Decoy ... show more Reconnaissance or port-scan activity observed on a honeypot sensor. Honeypot decoy type: P0f. Decoy listen port: 6480/tcp. Observed event time: 2026-05-21 10:50:15 UTC. Report from passive honeypot only; no payload or credentials included. show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-20 19:54:54 (3 weeks ago)	Honeypot hit: HTTP/1.1 request on 7433 GET / Accept: /; 7433 [1] TCP	Web App Attack
🇨🇳 ThreatBook.io	2026-05-17 22:41:04 (3 weeks ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/123.245.85.199	SSH

Showing 1 to 15 of 189 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 118.193.40.191

🇬🇧 81.19.219.213

🇺🇸 64.44.154.209

🇺🇸 24.199.85.227

🇺🇸 2a03:2880:f806:e::

🇰🇷 222.118.59.16

🇺🇸 207.90.244.17

🇺🇸 199.195.254.215

🇳🇱 153.80.240.139

🇳🇬 152.32.142.165

🇻🇳 125.212.158.171

🇨🇳 119.96.173.169

🇮🇳 117.211.15.106

🇳🇴 109.247.132.149

🇺🇸 73.215.87.15

🇳🇱 45.153.34.112

🇧🇷 45.140.193.156

🇻🇳 14.225.173.146

🇲🇽 201.116.244.188

🇲🇽 187.158.229.107