JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.83.125.99

1.83.125.99 was found in our database!

This IP was reported 354 times. Confidence of Abuse is 48%: ?

48%

ISP	CHINANET SHAANXI PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	xa.sn.cn
Country	🇨🇳 China
City	Xi'an, Shaanxi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.83.125.99

Whois 1.83.125.99

IP Abuse Reports for 1.83.125.99:

This IP address has been reported a total of 354 times from 112 distinct sources. 1.83.125.99 was first reported on April 19th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-08 06:44:14 (2 days ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-07 13:25:14 (3 days ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-06-07 12:30:13 (3 days ago)	Honeypot hit: Large payload (1388 bytes); 7004 [1] TCP Reported by: https://github.com/sefinek/T-Pot ... show more Honeypot hit: Large payload (1388 bytes); 7004 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 PeravixGroup	2026-06-02 14:56:46 (1 week ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-31 22:02:17 (1 week ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 xmission.com	2026-05-31 16:31:48 (1 week ago)	Blocked by UFW (TCP on 19091) Source port: 33191 TTL: 237 Packet length: 44 TOS: 0x00 This report ( ... show more Blocked by UFW (TCP on 19091) Source port: 33191 TTL: 237 Packet length: 44 TOS: 0x00 This report (for 1.83.125.99) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇬🇧 PeravixGroup	2026-05-30 16:03:57 (1 week ago)	Honeypot detection: OS command injection in HTTP parameters on port 27017. Severity: MEDIUM. Aaran.c ... show more Honeypot detection: OS command injection in HTTP parameters on port 27017. Severity: MEDIUM. Aaran.cloud show less	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-05-30 11:52:37 (1 week ago)	Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) o ... show more Honeypot detection: Jenkins CI unauthorized access / script console abuse attempt (CVE-2024-23897) on port 50000. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 MPL	2026-05-30 07:58:56 (1 week ago)	tcp/2197	Port Scan
🇬🇧 PeravixGroup	2026-05-29 09:54:37 (1 week ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 cybsecaoccol	2026-05-15 11:35:27 (3 weeks ago)	multiple malicious connection attempts on tcp port 5000 - dr	DDoS Attack Port Scan Hacking Brute-Force
🇨🇳 ThreatBook.io	2026-05-14 22:22:32 (3 weeks ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/1.83.125.99 2026 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/1.83.125.99 2026-05-14 03:07:47 http://110.242.68.4/ show less	Web App Attack
🇫🇷 Petre 21_ip	2026-05-13 00:33:44 (4 weeks ago)	2026-05-13T02:33:43.841162+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-05-13T02:33:43.841162+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=1.83.125.99 DST=155.133.26.57 LEN=44 TOS=0x00 PREC=0x00 TTL=230 ID=2123 PROTO=TCP SPT=38022 DPT=16000 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-01 03:01:23 (1 month ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (243 bytes of payload); 7030 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (243 bytes of payload); 7030 [1] TCP Reported by: Justin F. show less	Port Scan
🇳🇵 radheykrishna.com.np	2026-05-01 00:54:31 (1 month ago)	May 1 06:39:30 kernel: [1086594.336768] [UFW BLOCK] IN=ens160 OUT= SRC=1.83.125.99 LEN=44 TOS=0x00 ... show more May 1 06:39:30 kernel: [1086594.336768] [UFW BLOCK] IN=ens160 OUT= SRC=1.83.125.99 LEN=44 TOS=0x00 PREC=0x00 TTL=234 ID=6828 PROTO=TCP SPT=44569 DPT=32790 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 354 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇨 186.68.83.104

🇩🇪 165.227.170.113

🇸🇬 128.199.231.249

🇨🇳 59.59.212.225

🇺🇸 3.141.167.212

🇹🇭 202.29.224.230

🇧🇪 198.235.24.158

🇲🇾 49.124.151.22

🇬🇧 193.163.125.152

🇺🇸 172.236.127.133

🇺🇸 172.234.217.192

🇮🇳 152.52.236.122

🇩🇪 109.91.4.177

🇷🇺 95.165.68.145

🇧🇬 79.124.59.78

🇺🇸 47.251.176.21

🇺🇸 44.220.185.148

🇺🇸 23.254.204.187

🇭🇰 199.45.154.186

🇸🇬 165.154.205.128