JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 123.245.85.254

123.245.85.254 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 37%: ?

37%

ISP	JunQu2-SY-LN
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Shenyang, Liaoning

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 123.245.85.254

Whois 123.245.85.254

IP Abuse Reports for 123.245.85.254:

This IP address has been reported a total of 157 times from 53 distinct sources. 123.245.85.254 was first reported on January 17th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-07 06:49:23 (1 week ago)	Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aar ... show more Honeypot detection: POP3 email brute-force authentication attempt on port 110. Severity: MEDIUM. Aaran.cloud show less	Brute-Force
🇬🇧 PeravixGroup	2026-06-03 16:13:35 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-03 03:40:49 (1 week ago)	Honeypot detection: Server-Side Template Injection (SSTI) attempt on port 50000. Severity: HIGH. Aar ... show more Honeypot detection: Server-Side Template Injection (SSTI) attempt on port 50000. Severity: HIGH. Aaran.cloud show less	Hacking Web App Attack
Anonymous	2026-06-02 19:10:44 (1 week ago)	Honeypot hit: Unauthorized traffic (33 bytes of payload); 2154 [1] TCP Reported by: https://github.c ... show more Honeypot hit: Unauthorized traffic (33 bytes of payload); 2154 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 PeravixGroup	2026-06-02 11:22:48 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇳🇱 donarev419	2026-05-23 07:37:28 (3 weeks ago)	Connection to port 21 with data transfer. Data preview: �	Port Scan Hacking
🇬🇧 PeravixGroup	2026-05-23 07:06:59 (3 weeks ago)	Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: ... show more Honeypot detection: X11 display server unauthorized access / probing attempt on port 6000. Severity: MEDIUM. Aaran.cloud show less	Port Scan Brute-Force
🇫🇮 6kilowatti	2026-05-19 20:35:28 (3 weeks ago)	2026-05-19T23:35:28.465579+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-05-19T23:35:28.465579+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=123.245.85.254 DST=5.61.88.83 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=48384 PROTO=TCP SPT=18106 DPT=222 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-19 13:16:36 (3 weeks ago)	Honeypot hit: Empty payload (likely service probe); 12209 [1] TCP	Port Scan
🇬🇧 PeravixGroup	2026-05-16 22:08:11 (4 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇺🇸 MPL	2026-05-13 19:51:11 (1 month ago)	tcp/6082	Port Scan
🇺🇸 sumnone	2026-05-12 13:27:07 (1 month ago)	Port probing on unauthorized port 11210	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-12 11:37:23 (1 month ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-07 23:23:51 (1 month ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 xmission.com	2026-05-02 17:11:16 (1 month ago)	Blocked by UFW (TCP on 8040) Source port: 19487 TTL: 239 Packet length: 44 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 8040) Source port: 19487 TTL: 239 Packet length: 44 TOS: 0x00 This report (for 123.245.85.254) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.109.247.246

🇺🇸 172.208.48.177

🇺🇸 162.216.150.229

🇺🇸 147.185.132.28

🇺🇸 143.42.0.20

🇩🇪 130.61.190.249

🇻🇳 113.185.47.166

🇷🇺 95.24.126.216

🇩🇪 84.32.10.175

🇵🇱 83.168.107.158

🇧🇷 45.232.73.84

🇱🇹 45.227.254.170

🇦🇷 45.181.128.148

🇳🇱 45.142.193.8

🇬🇧 45.82.76.127

🇺🇸 40.80.201.49

🇺🇸 2604:a880:400:d1:0:4:9639:2001

🇦🇺 223.27.18.80

🇨🇳 218.13.26.42

🇧🇪 198.235.24.227