JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.183.85.157

1.183.85.157 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 90%: ?

90%

ISP	CHINANET NeiMengGu province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Hohhot, Inner Mongolia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.183.85.157

Whois 1.183.85.157

IP Abuse Reports for 1.183.85.157:

This IP address has been reported a total of 20 times from 17 distinct sources. 1.183.85.157 was first reported on June 6th 2021, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-06-15 00:45:51 (9 hours ago)	Honeypot hit: Unauthorized connection attempt detected on 23/TELNET	Hacking Port Scan
🇬🇧 PeravixGroup	2026-06-14 01:56:47 (1 day ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇫🇷 security.rdmc.fr	2026-06-14 01:28:07 (1 day ago)	Port Scan Attack proto:TCP src:37567 dst:23	Port Scan
🇯🇵 mkaraki	2026-06-13 19:18:51 (1 day ago)	1781378330 # Service_probe # SIGNATURE_SEND # source_ip:1.183.85.157 # dst_port:23 ...	Port Scan
🇺🇸 MPL	2026-06-13 14:11:38 (1 day ago)	tcp/23 (4 or more attempts)	Port Scan
🇩🇪 ValtonTahiri	2026-06-13 13:31:43 (1 day ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=1.183.85.157; proto=TCP; source_port=53980; target_port=23; flags=SYN show less	Port Scan
🇵🇱 mkey	2026-06-13 03:05:01 (2 days ago)	Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS ... show more Verified scan activity detected by local IDS/firewall correlation. SCAN: HIGHRISK_SINGLEPORT \| PORTS=23 \| HITS=2 \| IPSET=ADD \| FIRST=2026-06-13 05:00:56 \| LAST=2026-06-13 05:00:57. Last seen 2026-06-13 05:00:57. show less	Port Scan
🇧🇷 SOC Blue Team	2026-06-12 23:25:58 (2 days ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇦🇹 urnilxfgbez	2026-06-12 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-12 14:19:04 (2 days ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-06-12 09:55:42 (3 days ago)	2026-06-12 09:55:42 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 RAP	2026-06-12 04:14:26 (3 days ago)	2026-06-12 04:14:26 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2026-06-12 00:03:56 (3 days ago)	IP & Port Scan.	SSH Port Scan Brute-Force
🇦🇺 dyln	2026-06-11 19:58:18 (3 days ago)	Dyls honeypot brute-force: Telnet (9 total hits)	Brute-Force
Anonymous	2026-06-11 19:10:37 (3 days ago)	Unauthorized connection to Telnet port 23	Port Scan

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 196.92.7.249

🇮🇩 157.20.252.49

🇮🇶 65.20.143.45

🇪🇸 64.137.96.81

🇳🇱 45.148.10.152

🇮🇳 34.131.2.222

🇻🇪 200.84.114.111

🇦🇷 186.122.90.4

🇵🇰 139.135.40.12

🇭🇰 103.210.21.178

🇷🇺 90.189.127.39

🇱🇹 81.30.98.225

🇺🇸 66.132.172.235

🇺🇸 66.132.172.198

🇺🇸 204.141.232.113

🇦🇿 185.91.211.187

🇧🇩 103.183.62.0

🇷🇺 95.108.213.138

🇵🇹 84.247.60.121

🇺🇸 73.168.53.36