JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.254.70.217

5.254.70.217 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 18%: ?

18%

ISP	GZ Systems Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS3223
Domain Name	systeam.pk
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.254.70.217

Whois 5.254.70.217

IP Abuse Reports for 5.254.70.217:

This IP address has been reported a total of 163 times from 69 distinct sources. 5.254.70.217 was first reported on August 12th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-05-21 12:00:39 (3 weeks ago)	Zimbra: Login failures from malicious IP: 5.254.70.217. Threat Score: 6.2/10 (MEDIUM). Confidence: 4 ... show more Zimbra: Login failures from malicious IP: 5.254.70.217. Threat Score: 6.2/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 77%. MITRE ATT&CK: T1083 (File and Directory Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-05-21 11:00:41 (3 weeks ago)	Zimbra: Login failures from malicious IP: 5.254.70.217. Threat Score: 6.3/10 (MEDIUM). Confidence: 4 ... show more Zimbra: Login failures from malicious IP: 5.254.70.217. Threat Score: 6.3/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 4.6/10 (Medium). CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 77%. MITRE ATT&CK: T1083 (File and Directory Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-05-21 10:00:11 (3 weeks ago)	Zimbra: Login failures from malicious IP: 5.254.70.217. Threat Score: 4.9/10 (MEDIUM). Reported by T ... show more Zimbra: Login failures from malicious IP: 5.254.70.217. Threat Score: 4.9/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
Anonymous	2026-05-15 18:19:42 (4 weeks ago)	Credential Stuffing attacks against Microsoft 365	Brute-Force
🇳🇱 i-turnradio.nl	2026-05-04 08:07:18 (1 month ago)	2026-05-04 @ 10:07:18 (CET) ~ Blocked for trying to access: /owa/auth.owa	Web App Attack
Anonymous	2026-04-24 19:05:33 (1 month ago)	Failed Wordpress Logins	Web App Attack
🇫🇷 mrcrassi	2026-04-17 01:11:13 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /owa/auth.owa UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 GabrielJST	2026-04-06 21:07:06 (2 months ago)	(imapd) Failed IMAP login from 5.254.70.217 (-)	Brute-Force
Anonymous	2026-04-05 08:34:03 (2 months ago)	BruteForce IMAP/POP3/SMTP	Brute-Force
🇮🇹 Progetto1	2026-04-03 17:24:04 (2 months ago)	Mail - Multiple failed login attempts	Brute-Force Exploited Host
🇺🇸 mnsf	2026-03-29 10:05:01 (2 months ago)	Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 octageeks.com	2026-03-19 04:08:27 (2 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇩🇪 LRob.fr	2026-03-17 12:30:18 (2 months ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇩🇪 LRob.fr	2026-03-17 06:15:10 (2 months ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 zeitschel.net	2026-03-15 15:55:26 (2 months ago)	2026-03-15 16:55:25 Unauthorized /owa/auth.owa	Hacking Web App Attack

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇾 185.148.195.113

🇩🇪 167.94.146.59

🇺🇸 137.184.108.76

🇫🇷 135.125.29.132

🇫🇷 104.28.196.55

🇺🇸 100.29.192.79

🇩🇪 64.89.163.86

🇲🇦 41.142.161.78

🇺🇸 216.73.217.122

🇺🇸 198.46.199.116

🇬🇧 185.166.43.93

🇺🇸 156.239.253.250

🇭🇰 152.32.171.99

🇻🇳 125.212.244.35

🇰🇷 125.138.175.113

🇨🇳 123.207.99.233

🇯🇵 111.238.174.6

🇪🇸 94.73.52.18

🇷🇺 92.37.143.205

🇳🇱 91.92.40.5