JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 183.199.157.196

183.199.157.196 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 31%: ?

31%

ISP	China Mobile Communications Corporation
Usage Type	Fixed Line ISP
ASN	AS24547
Domain Name	chinamobile.com
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 183.199.157.196

Whois 183.199.157.196

IP Abuse Reports for 183.199.157.196:

This IP address has been reported a total of 14 times from 7 distinct sources. 183.199.157.196 was first reported on September 30th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-27 21:42:13 (1 day ago)	RdpGuard detected brute-force attempt on RDP	Brute-Force
🇳🇱 Nerdscave Hosting	2026-06-25 12:17:44 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 12:17:44 UTC Port: 9617 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 12:17:44 UTC Port: 9617 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-25 11:44:55 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 11:44:54 UTC Port: 9549 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 11:44:54 UTC Port: 9549 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-25 11:08:14 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 11:08:14 UTC Port: 12521 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 11:08:14 UTC Port: 12521 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-25 10:33:42 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 10:33:42 UTC Port: 9384 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 10:33:42 UTC Port: 9384 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-25 09:48:04 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 09:48:04 UTC Port: 12780 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 09:48:04 UTC Port: 12780 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-25 09:08:05 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 09:08:05 UTC Port: 12496 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 09:08:05 UTC Port: 12496 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇳🇱 Nerdscave Hosting	2026-06-25 07:56:00 (4 days ago)	[SMB Honeypot Report] Timestamp: 2026-06-25 07:56:00 UTC Port: 12417 Attempted credentials (Base64): ... show more [SMB Honeypot Report] Timestamp: 2026-06-25 07:56:00 UTC Port: 12417 Attempted credentials (Base64): RVNNQnJ8GAF8InwCTlQgTE0gMC4xMnwCU01CIDIuMDAyfAJTTUIgMi4/Pz8= Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇨🇦 dpinse	2026-06-21 18:50:11 (1 week ago)	Honeypot [honeypot-ca-sensor1]: SMB traffic on port 445	Hacking
🇬🇧 Birdo	2026-06-15 15:29:39 (2 weeks ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
🇦🇺 dyln	2026-06-14 02:53:31 (2 weeks ago)	Dyls honeypot brute-force: SMB (547 total hits)	Brute-Force
🇦🇺 dyln	2026-06-03 13:25:01 (3 weeks ago)	Dyls honeypot brute-force: SMB (73 total hits)	Brute-Force
🇺🇸 TPI-Abuse	2025-10-12 04:27:52 (8 months ago)	(mod_security) mod_security (id:217291) triggered by 183.199.157.196 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:217291) triggered by 183.199.157.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 00:27:47.893574 2025] [security2:error] [pid 10324:tid 10324] [client 183.199.157.196:32755] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n\|\\\\r)" at ARGS_NAMES:\\r\\na\\r\\nm. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)\|\|kountz.org\|F\|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr\\x5cna\\x5cr\\x5cnm: \\x0d\\x0aa\\x0d\\x0am"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "kountz.org"] [uri "/calendar.php"] [unique_id "aOsuQ-wl_JzA5BYOKv661gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2025-09-30 14:42:38 (8 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.142

🇺🇸 74.7.241.19

🇨🇿 46.135.109.64

🇧🇼 41.216.214.29

🇯🇵 20.189.201.13

🇩🇪 194.187.176.205

🇩🇪 172.71.172.13

🇨🇳 111.227.78.3

🇯🇵 104.46.220.175

🇨🇦 67.71.55.209

🇳🇱 45.156.128.134

🇸🇬 45.78.194.186

🇮🇳 203.145.143.163

🇳🇱 195.178.110.108

🇮🇳 182.95.110.42

🇮🇳 103.38.219.22

🇪🇸 77.74.229.158

🇺🇸 72.153.231.16

🇬🇧 193.163.125.40

🇸🇾 185.216.132.243