JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.91.186.139

197.91.186.139 was found in our database!

This IP was reported 373 times. Confidence of Abuse is 51%: ?

51%

ISP	Dimension Data
Usage Type	Fixed Line ISP
ASN	AS20011
Hostname(s)	197-91-186-139.mweb.ipv4.as20011.net
Domain Name	global.ntt
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.91.186.139

Whois 197.91.186.139

IP Abuse Reports for 197.91.186.139:

This IP address has been reported a total of 373 times from 54 distinct sources. 197.91.186.139 was first reported on July 26th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 vtchost.com	2026-06-27 21:44:48 (1 day ago)	Jun 27 23:44:47 vtchost kernel: [138247.372042] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:1 ... show more Jun 27 23:44:47 vtchost kernel: [138247.372042] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:47:2d:08:00 SRC=197.91.186.139 DST=161.97.181.152 LEN=52 TOS=0x00 PREC=0x00 TTL=113 ID=12303 DF PROTO=TCP SPT=60445 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 thecocasio	2026-06-26 05:19:48 (3 days ago)	PortSentry honeypot: unsolicited TCP connection to closed decoy port 445 (SMB) on a host running no ... show more PortSentry honeypot: unsolicited TCP connection to closed decoy port 445 (SMB) on a host running no such service. Automated port-scan detection at 2026-06-26T05:19:47Z. show less	Port Scan
🇫🇷 geeek	2026-06-20 21:41:26 (1 week ago)	Port scanning: 445 TCP Blocked	Port Scan
Anonymous	2026-06-17 13:18:52 (1 week ago)	Unauthorized access (tcp/445/smb)	Port Scan
🇫🇷 TheHoneyPotter	2026-06-15 01:14:42 (2 weeks ago)	Honeypot [fc-honeypot]: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-Abu ... show more Honeypot [fc-honeypot]: SMB traffic on port 445 Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking
Anonymous	2026-06-13 09:32:56 (2 weeks ago)	Unauthorized access (tcp/445/smb)	Port Scan
🇫🇷 vtchost.com	2026-06-12 16:10:17 (2 weeks ago)	Jun 12 18:10:17 vtchost kernel: [31910.553869] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11 ... show more Jun 12 18:10:17 vtchost kernel: [31910.553869] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:2a:b3:08:00 SRC=197.91.186.139 DST=161.97.181.152 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=20632 DF PROTO=TCP SPT=56813 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 RAP	2026-06-10 23:30:17 (2 weeks ago)	2026-06-10 23:30:17 UTC Unauthorized activity to TCP port 445. SMB	Port Scan
🇦🇺 dyln	2026-06-09 05:55:44 (2 weeks ago)	Dyls honeypot brute-force: SMB (4 total hits)	Brute-Force
🇬🇧 PeravixGroup	2026-06-06 03:27:57 (3 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 sthoyer.de	2026-06-05 11:49:41 (3 weeks ago)	Jun 5 13:49:40 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more Jun 5 13:49:40 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=197.91.186.139 DST=173.212.223.67 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=17186 DF PROTO=TCP SPT=62804 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 sumnone	2026-05-29 09:31:30 (1 month ago)	Port probing on unauthorized port 445	Port Scan Hacking Exploited Host
🇩🇪 Nerdscave Hosting	2026-05-27 12:26:43 (1 month ago)	[SMB Honeypot Report] Timestamp: 2026-05-27 12:26:13 UTC Port: 54239 No credentials captured Attack ... show more [SMB Honeypot Report] Timestamp: 2026-05-27 12:26:13 UTC Port: 54239 No credentials captured Attack Type: Unauthorized SMB connection attempt show less	Brute-Force Port Scan Hacking
🇬🇧 Birdo	2026-05-25 18:28:54 (1 month ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
Anonymous	2026-05-24 17:49:31 (1 month ago)	2026-05-24 17:49:31 warning[1335995]: host [197.91.186.139]: unauthorized access attempted ... show more 2026-05-24 17:49:31 warning[1335995]: host [197.91.186.139]: unauthorized access attempted: / show less	Port Scan Brute-Force

Showing 1 to 15 of 373 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.225

🇩🇪 195.230.103.245

🇺🇸 103.143.231.24

🇻🇳 103.109.31.229

🇺🇸 96.60.250.30

🇳🇱 91.92.40.233

🇷🇺 62.109.22.180

🇮🇪 52.169.217.131

🇧🇷 45.205.1.241

🇺🇸 18.207.89.138

🇺🇸 18.206.252.118

🇬🇧 213.166.84.62

🇧🇴 200.105.190.247

🇪🇹 196.190.180.18

🇺🇸 158.94.187.139

🇰🇷 116.123.150.231

🇱🇹 81.30.98.158

🇺🇸 66.132.195.92

🇧🇪 35.240.58.50

🇺🇸 18.205.150.207