JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 183.14.28.125

183.14.28.125 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 12%: ?

12%

ISP	CHINANET Guangdong province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Guangzhou, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 183.14.28.125

Whois 183.14.28.125

IP Abuse Reports for 183.14.28.125:

This IP address has been reported a total of 4 times from 4 distinct sources. 183.14.28.125 was first reported on September 11th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sireno	2026-06-02 09:57:25 (1 week ago)	2026-06-02T16:56:09.572826+07:00 localhost sshd[2884876]: pam_unix(sshd:auth): authentication failur ... show more 2026-06-02T16:56:09.572826+07:00 localhost sshd[2884876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.14.28.125 2026-06-02T16:56:11.435871+07:00 localhost sshd[2884876]: Failed password for invalid user admin from 183.14.28.125 port 6512 ssh2 2026-06-02T16:56:22.470712+07:00 localhost sshd[2884890]: Invalid user deploy from 183.14.28.125 port 6426 2026-06-02T16:56:22.828279+07:00 localhost sshd[2884890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.14.28.125 2026-06-02T16:56:24.811437+07:00 localhost sshd[2884890]: Failed password for invalid user deploy from 183.14.28.125 port 6426 ssh2 ... show less	Brute-Force SSH
🇪🇸 saima	2026-06-01 00:00:06 (1 week ago)	Detected 1069 times. SSH Brute-Force from address 183.14.28.125	SSH Brute-Force
🇺🇸 kosada.com	2025-09-11 23:22:38 (9 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-09-11 04:50:36 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 183.14.28.125 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 183.14.28.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 00:50:33.145556 2025] [security2:error] [pid 29723:tid 29723] [client 183.14.28.125:44385] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.renju.net\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.renju.net"] [uri "/tournament/2648/game/127896"] [unique_id "aMJVGYniLp7GcFsdPjbHZAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.213.174.141

🇹🇼 60.251.50.149

🇫🇮 204.168.240.142

🇩🇪 192.109.200.78

🇩🇪 165.22.73.155

🇨🇳 117.50.157.229

🇳🇱 89.32.243.133

🇪🇸 46.253.45.10

🇳🇱 45.148.10.157

🇨🇳 42.178.198.164

🇮🇶 185.166.25.150

🇬🇧 178.128.38.38

🇺🇸 170.187.163.117

🇧🇯 137.255.61.229

🇩🇪 82.165.80.52

🇰🇷 34.158.200.103

🇮🇱 2.55.122.202

🇸🇬 185.200.116.83

🇮🇳 182.95.223.90

🇮🇳 182.95.40.98