JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.83.125.143

1.83.125.143 was found in our database!

This IP was reported 226 times. Confidence of Abuse is 52%: ?

52%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.83.125.143

Whois 1.83.125.143

IP Abuse Reports for 1.83.125.143:

This IP address has been reported a total of 226 times from 68 distinct sources. 1.83.125.143 was first reported on April 6th 2021, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-06-14 02:27:56 (17 hours ago)	Honeypot hit: Large payload (1457 bytes); 7500 [1] TCP	Bad Web Bot
🇬🇧 PeravixGroup	2026-06-08 05:20:28 (6 days ago)	Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDI ... show more Honeypot detection: MongoDB unauthorized access / exploitation attempt on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇧🇬 MazenHost	2026-05-30 18:31:58 (2 weeks ago)	1780165917 - 05/30/2026 21:31:57 Host: 1.83.125.143/1.83.125.143 Port: 1 TCP Blocked ...	Port Scan
🇬🇧 PeravixGroup	2026-05-30 16:31:30 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇧🇾 StatsMe	2026-05-29 22:39:34 (2 weeks ago)	2026-05-29T23:38:24.444112+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇩🇪 dispaisyenterprises	2026-05-26 10:28:49 (2 weeks ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 6082 GET / Accept: /; 6082 [1] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 6082 GET / Accept: /; 6082 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇺🇸 drewf.ink	2026-05-25 21:45:45 (2 weeks ago)	[21:45] Port scanning. Port(s) scanned: TCP/25	Port Scan
🇺🇸 MPL	2026-05-25 07:53:17 (2 weeks ago)	tcp/37443	Port Scan
Anonymous	2026-05-18 15:12:30 (3 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 dispaisyenterprises	2026-05-07 12:21:25 (1 month ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 4064 GET / Accept: /; 4064 [1] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 4064 GET / Accept: /; 4064 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇨🇭 pingusurmars	2026-05-07 06:02:46 (1 month ago)	Blocked by UFW on amperetwo [5323/tcp] Source port: 56966 TTL: 226 Packet length: 44 TOS: 0x00 This ... show more Blocked by UFW on amperetwo [5323/tcp] Source port: 56966 TTL: 226 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇳 ThreatBook.io	2026-05-07 00:26:29 (1 month ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/1.83.125.143 202 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/1.83.125.143 2026-05-06 00:46:41 //www.voanews.com:443 show less	Web App Attack
🇺🇸 MPL	2026-05-02 23:52:40 (1 month ago)	tcp/12387	Port Scan
🇩🇪 iNetWorker	2026-05-02 09:30:29 (1 month ago)	firewall-block, port(s): 1688/tcp	Port Scan
🇺🇸 sumnone	2026-05-01 06:09:55 (1 month ago)	Port probing on unauthorized port 16403	Port Scan Hacking Exploited Host

Showing 1 to 15 of 226 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 186.147.162.215

🇧🇷 172.69.39.155

🇯🇵 152.32.146.235

🇮🇳 117.250.250.2

🇵🇪 200.37.179.83

🇨🇴 190.60.60.114

🇲🇽 189.146.60.82

🇧🇷 187.0.238.211

🇨🇳 175.8.36.198

🇺🇸 172.98.32.14

🇩🇪 165.227.140.13

🇺🇸 129.153.145.135

🇩🇪 69.5.169.232

🇩🇪 69.5.169.116

🇩🇪 8.209.71.64

🇨🇳 218.202.161.185

🇩🇪 165.227.139.253

🇩🇪 165.227.134.175

🇷🇴 109.100.14.222

🇺🇸 98.89.204.118