JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 183.199.113.199

183.199.113.199 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 4%: ?

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS24547
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 183.199.113.199

Whois 183.199.113.199

IP Abuse Reports for 183.199.113.199:

This IP address has been reported a total of 5 times from 2 distinct sources. 183.199.113.199 was first reported on April 13th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-23 21:11:24 (5 days ago)	(mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 17:11:18.338359 2026] [security2:error] [pid 13051:tid 13051] [client 183.199.113.199:7402] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|kemela.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "kemela.com"] [uri "/"] [unique_id "ajr2doHfZfnxkeQozWzpjQAAAAA"], referer: https://kemela.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 19:52:27 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:52:19.124793 2026] [security2:error] [pid 12504:tid 12504] [client 183.199.113.199:7534] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.recetabook.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.recetabook.com"] [uri "/"] [unique_id "ajhA80LgRO_aAnwr7BriKwAAAAk"], referer: http://www.recetabook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 21:46:58 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:46:49.769483 2026] [security2:error] [pid 25765:tid 25765] [client 183.199.113.199:7607] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|mitchellart.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mitchellart.com"] [uri "/"] [unique_id "ajMVySpzdkN3T0tYtoCp_wAAABk"], referer: http://mitchellart.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 23:21:34 (1 week ago)	(mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210831) triggered by 183.199.113.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:21:28.897002 2026] [security2:error] [pid 29718:tid 29809] [client 183.199.113.199:7601] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.teanaunz.com\|F\|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.teanaunz.com"] [uri "/"] [unique_id "ajCI-Nt86-8SyykiuTbyxgAAAQY"], referer: http://www.teanaunz.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-04-13 23:21:57 (1 year ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.113.199 2025-04-13 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/183.199.113.199 2025-04-13 03:58:38 /robots.txt 2025-04-13 03:53:03 /sitemap.xml show less	Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.125

🇳🇱 195.178.110.217

🇺🇸 91.230.168.129

🇺🇸 47.230.47.197

🇫🇮 185.148.1.18

🇨🇳 111.4.78.74

🇮🇩 108.136.165.222

🇹🇭 103.230.120.249

🇧🇬 93.152.221.65

🇳🇱 91.92.40.11

🇩🇪 91.92.33.248

🇺🇸 64.72.74.162

🇮🇷 193.177.242.219

🇭🇰 162.159.98.85

🇸🇬 103.189.234.244

🇷🇺 94.233.127.218

🇬🇧 87.236.176.252

🇮🇷 85.185.153.60

🇬🇧 35.203.210.105

🇲🇽 190.171.68.106