JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.231.254.192

103.231.254.192 was found in our database!

This IP was reported 487 times. Confidence of Abuse is 32%: ?

32%

ISP	System
Usage Type	Data Center/Web Hosting/Transit
ASN	AS133380
Hostname(s)	103.231.254.192.layerdns.cloud
Domain Name	layerstack.com
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.231.254.192

Whois 103.231.254.192

IP Abuse Reports for 103.231.254.192:

This IP address has been reported a total of 487 times from 196 distinct sources. 103.231.254.192 was first reported on December 22nd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-06-24 12:01:27 (2 days ago)	SecLedge detected suspicious activity. Score: 200.04. Sensor: T-Pot.	Brute-Force
🇫🇷 Fasetech	2026-05-17 07:42:51 (1 month ago)	SecLedge detected suspicious activity. Score: 200.04. Sensor: T-Pot.	Brute-Force
🇮🇳 evicky2002	2026-05-05 06:00:00 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=86, sources=1)	Hacking Brute-Force SSH
🇦🇹 urnilxfgbez	2026-05-02 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 security.rdmc.fr	2026-05-02 21:23:47 (1 month ago)	Port Scan Attack proto:TCP src:34877 dst:23	Port Scan
🇺🇸 SuperCores Hosting	2026-05-02 16:47:20 (1 month ago)	[2026-05-02 16:47:20.628635] TELNET/23 Unautorized connection, Suspicious Mirai Botnet.	IoT Targeted Brute-Force Hacking Port Scan DDoS Attack
🇫🇷 sthoyer.de	2026-05-02 13:34:14 (1 month ago)	May 2 15:34:12 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f ... show more May 2 15:34:12 sthoyer kernel: [IPTables-Block] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=103.231.254.192 DST=173.212.223.67 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=50866 PROTO=TCP SPT=34877 DPT=23 WINDOW=48653 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇹🇷 Threat.live	2026-05-02 13:00:08 (1 month ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 RAP	2026-05-02 02:31:51 (1 month ago)	2026-05-02 02:31:51 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2026-05-02 01:05:01 (1 month ago)	IP & Port Scan.	SSH Port Scan Brute-Force
🇺🇸 RAP	2026-05-01 21:38:23 (1 month ago)	2026-05-01 21:38:23 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 RAP	2026-05-01 17:21:02 (1 month ago)	2026-05-01 17:21:02 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 sefinek.net	2026-05-01 09:52:22 (1 month ago)	Blocked by UFW on NY01 [23/tcp] \| SPT: 34877 \| TTL: 46 \| LEN: 40 \| TOS: 0x08 • Reported by: github.c ... show more Blocked by UFW on NY01 [23/tcp] \| SPT: 34877 \| TTL: 46 \| LEN: 40 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan IoT Targeted
Anonymous	2026-05-01 09:24:31 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 SSP	2026-05-01 09:10:01 (1 month ago)	Automatic report from iptables firewall - detected malicious activity	DDoS Attack Brute-Force SSH Web App Attack Port Scan Hacking

Showing 1 to 15 of 487 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 158.69.215.39

🇺🇸 107.175.69.109

🇺🇸 43.135.135.17

🇺🇾 190.135.0.129

🇫🇮 88.214.2.87

🇫🇷 85.217.140.52

🇪🇸 85.208.191.254

🇺🇸 74.128.240.109

🇳🇱 45.148.10.152

🇮🇩 202.46.68.249

🇺🇾 186.55.31.55

🇮🇩 182.3.71.222

🇵🇰 154.192.135.48

🇦🇴 105.168.176.163

🇺🇸 104.12.19.114

🇮🇩 103.187.165.26

🇦🇴 102.213.34.99

🇺🇸 85.208.96.196

🇸🇬 192.161.171.70

🇵🇦 190.140.114.5