JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.83.125.181

1.83.125.181 was found in our database!

This IP was reported 276 times. Confidence of Abuse is 68%: ?

68%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.83.125.181

Whois 1.83.125.181

IP Abuse Reports for 1.83.125.181:

This IP address has been reported a total of 276 times from 76 distinct sources. 1.83.125.181 was first reported on May 9th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-13 04:07:55 (1 day ago)	Blocked by UFW on LAXHH [9864/tcp] \| SPT: 39027 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: gith ... show more Blocked by UFW on LAXHH [9864/tcp] \| SPT: 39027 \| TTL: 235 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-06-11 01:49:20 (3 days ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-10 02:35:31 (4 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇯🇵 mkaraki	2026-06-10 01:36:52 (4 days ago)	1781055411 # Service_probe # SIGNATURE_SEND # source_ip:1.83.125.181 # dst_port:53 ...	Port Scan
🇺🇸 Cyber Crusader	2026-06-07 05:09:33 (6 days ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-06-05 09:24:49 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-04 18:33:07 (1 week ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: M ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 11211. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-30 23:43:35 (2 weeks ago)	Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Seve ... show more Honeypot detection: Windows Remote Management (WinRM) unauthorized access attempt on port 5985. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-05-29 20:22:50 (2 weeks ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 14:39:58 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇮 6kilowatti	2026-05-28 09:09:00 (2 weeks ago)	2026-05-28T12:09:00.257207+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:2e:2 ... show more 2026-05-28T12:09:00.257207+03:00 oh6ah kernel: [UFW BLOCK] IN=enp2s0 OUT= MAC=00:26:18:a8:d6:75:2e:2d:5e:71:aa:73:08:00 SRC=1.83.125.181 DST=192.168.0.102 LEN=44 TOS=0x00 PREC=0x00 TTL=235 ID=57781 PROTO=TCP SPT=59727 DPT=5342 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 PeravixGroup	2026-05-28 07:04:06 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇧🇷 ICS Labs	2026-05-27 19:46:59 (2 weeks ago)	ICS Labs identified 1.83.125.181 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-27 04:43:53 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-26 14:24:46 (2 weeks ago)	tcp/8030 (2 or more attempts)	Port Scan

Showing 1 to 15 of 276 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.228.139.227

🇺🇸 186.233.184.67

🇧🇷 177.55.61.255

🇺🇸 161.35.230.183

🇸🇬 129.226.95.93

🇺🇸 109.105.210.67

🇭🇰 103.81.170.118

🇷🇺 92.36.33.175

🇦🇹 68.210.120.110

🇭🇰 47.83.9.173

🇧🇷 205.210.31.238

🇧🇷 191.6.25.239

🇧🇷 186.236.237.105

🇦🇪 176.205.254.176

🇺🇸 147.185.132.91

🇨🇳 113.73.235.41

🇵🇱 87.251.64.176

🇪🇸 80.24.1.119

🇫🇮 77.105.161.120

🇲🇾 47.250.82.40