JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.248.170.199

23.248.170.199 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 36%: ?

36%

ISP	Zenlayer Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21859
Domain Name	zenlayer.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.248.170.199

Whois 23.248.170.199

IP Abuse Reports for 23.248.170.199:

This IP address has been reported a total of 43 times from 24 distinct sources. 23.248.170.199 was first reported on September 5th 2025, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 threatintelligence_bvc	2026-06-10 04:35:03 (15 hours ago)		Brute-Force
Anonymous	2026-06-06 14:40:02 (4 days ago)	\| [Dangerous/Indonesia] Aggressive IP 23.248.170.199 (~30 hits). Type: DoS Defender- Web server 400 ... show more \| [Dangerous/Indonesia] Aggressive IP 23.248.170.199 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇺🇸 nyt	2026-06-06 09:57:48 (4 days ago)	Web Shell Probe	Hacking Web App Attack
🇮🇩 securejdprop	2026-05-22 10:04:40 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 23.248.170.199 performed ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 23.248.170.199 performed 'crowdsecurity/http-probing' (11 events over 3.280698717s) at 2026-05-22 10:04:39.173734315 +0000 UTC show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-05-09 11:32:44 (1 month ago)	Attempted access to sensitive endpoint (/login) detected. Automated scan or unauthorized probing.	Web App Attack
🇮🇩 sockominfo	2026-04-21 11:00:31 (1 month ago)	TheHive Threat Scoring assessment: 23.248.170.199 CVSS v3.1: 0/10 (None) CVSS Vector: CVSS:3.1/AV:un ... show more TheHive Threat Scoring assessment: 23.248.170.199 CVSS v3.1: 0/10 (None) CVSS Vector: CVSS:3.1/AV:undefined/AC:undefined/PR:undefined/UI:undefined/S:undefined/C:undefined/I:undefined/A:undefined Bayesian Probability: 80% MITRE ATT&CK: Exploit Public-Facing Application, Valid Accounts, Command and Scripting Interpreter, Application Layer Protocol, Brute Force, Account Manipulation OWASP Risk: High (L:8, I:6) Combined Score: 4.92/10 Confidence Interval: ±0.01 Status: Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇸🇬 SBSecBot	2026-04-21 10:04:00 (1 month ago)	Malicious web scanning detected with our WAF	Bad Web Bot Web App Attack
🇮🇩 sockominfo	2026-04-21 09:00:16 (1 month ago)	Webshell discovery success (Response: 200). Threat Score: 8.1/10 (HIGH). Reported by TangerangKota-C ... show more Webshell discovery success (Response: 200). Threat Score: 8.1/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Email Spam
🇮🇩 sockominfo	2026-04-21 08:00:15 (1 month ago)	Persistent Attack Attempt to CMS OPD Sites.. Threat Score: 8.7/10 (HIGH). Reported by TangerangKota- ... show more Persistent Attack Attempt to CMS OPD Sites.. Threat Score: 8.7/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-04-21 07:00:57 (1 month ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Email Spam
🇺🇸 mawan	2026-04-20 18:30:09 (1 month ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
Anonymous	2026-04-20 16:06:27 (1 month ago)	XSS Attempt	Hacking
🇸🇬 securejdprop	2026-04-17 10:32:29 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇮🇩 hermawan	2026-03-12 04:25:54 (2 months ago)	2026-03-12T02:46:56.091907+07:00 staklim-malang kernel: Ipt-PREROUCOBA:DROP IN=eth0 OUT= MAC=c4:37:7 ... show more 2026-03-12T02:46:56.091907+07:00 staklim-malang kernel: Ipt-PREROUCOBA:DROP IN=eth0 OUT= MAC=c4:37:72:f5:bf:f3:90:e2:ba:b3:7b:52:08:00 SRC=23.248.170.199 DST=103.166.156.58 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=34928 DF PROTO=TCP SPT=57787 DPT=443 WINDOW=42340 RES=0x00 SYN URGP=0 ... show less	Email Spam Hacking
🇿🇦 Tokolosh Hunters	2026-03-01 01:27:11 (3 months ago)	AutoBlockWindow-Known bad useragent query-2026-03-01 01:27:10	Bad Web Bot

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.143

🇷🇴 193.46.255.86

🇮🇷 151.233.208.154

🇺🇸 69.175.33.170

🇳🇱 45.148.10.240

🇺🇸 35.202.163.178

🇧🇪 34.38.116.87

🇺🇸 162.240.109.188

🇨🇳 116.179.37.196

🇷🇴 92.118.39.236

🇳🇱 91.92.42.86

🇳🇱 45.148.10.147

🇧🇷 45.4.179.3

🇺🇸 34.72.223.79

🇫🇷 5.189.157.28

🇧🇷 205.210.31.199

🇲🇲 103.154.241.42

🇺🇿 94.158.49.223

🇱🇹 81.30.98.158

🇺🇸 47.251.82.39