JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.245.85.225

123.245.85.225 was found in our database!

This IP was reported 200 times. Confidence of Abuse is 61%: ?

61%

ISP	JunQu2-SY-LN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.245.85.225

Whois 123.245.85.225

IP Abuse Reports for 123.245.85.225:

This IP address has been reported a total of 200 times from 57 distinct sources. 123.245.85.225 was first reported on January 22nd 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-30 08:27:33 (8 hours ago)	tcp/16566 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-30 01:01:12 (16 hours ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 Axel	2026-06-29 11:43:57 (1 day ago)	Blocked by UFW on LAXHH [16002/tcp] \| SPT: 41839 \| TTL: 236 \| LEN: 44 \| TOS: 0x00 • Reported by: git ... show more Blocked by UFW on LAXHH [16002/tcp] \| SPT: 41839 \| TTL: 236 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-28 10:11:00 (2 days ago)	Blocked by UFW on LAXHH [8118/tcp] \| SPT: 62354 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [8118/tcp] \| SPT: 62354 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 BIV	2026-06-25 11:31:58 (5 days ago)	Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 6068. Automated tiered (T-Pot+DSh ... show more Honeypot multi-source hit. Sources: tpot:P0f,tpot:Suricata. Ports: 6068. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking
🇺🇸 MPL	2026-06-25 07:07:22 (5 days ago)	tcp/21	Port Scan
🇬🇧 PeravixGroup	2026-06-24 00:38:03 (6 days ago)	Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: ... show more Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: MEDIUM. Aaran.cloud show less	Port Scan Brute-Force
🇩🇪 dispaisyenterprises	2026-06-21 19:03:50 (1 week ago)	Honeypot [fra-de-honeypot]: Large payload (1457 bytes); 9306 [1] TCP Reported by DisPaisy Enterprise ... show more Honeypot [fra-de-honeypot]: Large payload (1457 bytes); 9306 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 femboy.cat	2026-06-19 03:25:55 (1 week ago)	Port scan to tcp/49669 from 123.245.85.225	Brute-Force
🇺🇸 cybsecaoccol	2026-06-18 10:02:08 (1 week ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
🇺🇸 MPL	2026-06-18 02:33:23 (1 week ago)	tcp/4848	Port Scan
🇺🇸 xmission.com	2026-06-14 13:31:44 (2 weeks ago)	Blocked by UFW (TCP on 2480) Source port: 24644 TTL: 239 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 2480) Source port: 24644 TTL: 239 Packet length: 44 TOS: 0x00 This report (for 123.245.85.225) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-14 01:45:26 (2 weeks ago)	Blocked by UFW on LAXHH [9012/tcp] \| SPT: 41162 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9012/tcp] \| SPT: 41162 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-07 10:11:02 (3 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇳🇱 donarev419	2026-06-07 01:35:55 (3 weeks ago)	Connection to port 80 with data transfer. Data preview: GET / HTTP/1.1 Host: 87.229.95.155:80 Acce ... show more Connection to port 80 with data transfer. Data preview: GET / HTTP/1.1 Host: 87.229.95.155:80 Accept: / show less	Port Scan Hacking

Showing 1 to 15 of 200 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 203.88.119.100

🇱🇰 124.43.6.160

🇬🇧 20.117.48.238

🇺🇸 205.210.31.104

🇺🇸 198.251.83.40

🇺🇸 187.77.6.41

🇷🇺 178.178.222.58

🇺🇸 172.237.136.85

🇫🇮 147.185.133.215

🇸🇬 103.189.234.57

🇻🇳 101.99.22.200

🇭🇰 218.190.8.165

🇵🇰 182.186.127.248

🇩🇪 91.92.33.248

🇳🇱 45.148.10.151

🇺🇸 44.193.248.119

🇺🇸 44.53.200.196

🇸🇦 154.205.134.214

🇮🇹 151.0.160.69

🇺🇸 147.185.132.64