JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.166.189.226

104.166.189.226 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 0%: ?

ISP	Zenlayer Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21859
Domain Name	zenlayer.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.166.189.226

Whois 104.166.189.226

IP Abuse Reports for 104.166.189.226:

This IP address has been reported a total of 54 times from 45 distinct sources. 104.166.189.226 was first reported on February 23rd 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-28 06:02:11 (3 months ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 octageeks.com	2026-02-28 05:08:59 (3 months ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇹🇷 rtbh.com.tr	2026-02-20 20:11:39 (3 months ago)	list.rtbh.com.tr report: udp/5060	Brute-Force
🇩🇪 KPS	2026-02-20 18:47:51 (3 months ago)	PortscanM	Port Scan
🇩🇪 Tamsweb	2026-02-20 17:44:10 (3 months ago)	Unauthorized connection attempt or scan from 104.166.189.226 on port 5060 ...	Port Scan
🇩🇪 iNetWorker	2026-02-20 14:40:29 (3 months ago)	firewall-block, port(s): 5060/udp	Port Scan
🇩🇪 Admins@FBN	2026-02-20 14:20:29 (3 months ago)	FW-PortScan: Traffic Blocked srcport=5060 dstport=5060	Port Scan
Anonymous	2026-02-20 14:03:34 (3 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇧🇷 SOC Blue Team	2026-02-20 13:48:46 (3 months ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇧🇷 chronos	2026-02-20 12:54:47 (3 months ago)	Network port scanning. \| Proto: UDP \| Port: 5060 \| Location: The Netherlands, Amsterdam	Port Scan
🇬🇧 OptimusGO	2026-02-20 11:33:06 (3 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-02-20 11:33:05 UTC Log evidence: 02/20/2026-11:33:05.106455 [] [1:2008578:4] ET SCAN Sipvicious Scan [] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 104.166.189.226:5060 -> 185.127.18.66:5060 02/20/2026-11:33:05.106455 [] [1:2011716:3] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [] [Classification: Attempted Information Leak] [Priority: 2] {UDP} 104.166.189.226:5060 -> 185.127.18.66:5060 show less	Port Scan Brute-Force
🇦🇩 bakunin1848	2026-02-20 11:30:04 (3 months ago)	Firewall IPS Detection on 20-02-2026 at 12:30:04	Port Scan Exploited Host
🇨🇭 SOC [GOLINE SA]	2026-02-20 11:26:21 (3 months ago)	IDS Alert: ET SCAN Sipvicious User-Agent Detected (friendly-scanner) === ATTACK === Signature: ET SC ... show more IDS Alert: ET SCAN Sipvicious User-Agent Detected (friendly-scanner) === ATTACK === Signature: ET SCAN Sipvicious User-Agent Detected (friendly-scanner) \| SID: 2011716 \| Severity: 2 \| Category: Attempted Information Leak === SOURCE === IP: 104.166.189.226 (IPv4) \| Port: 5060 \| Country: Netherlands \| ISP: RIPE \| rDNS: None === TARGET === Host: wireguard.goline.ch \| IP: 185.54.80.7 \| Port: 5060 \| Protocol: UDP \| App: failed === RESPONSE === Time: 2026-02-20 12:26:20 \| Action: Blocked show less	Port Scan
🇸🇮 cheatmaster.store	2026-02-20 08:11:32 (3 months ago)	UFW blocked IP 104.166.189.226 - Location: Amsterdam, NL - ISP: AS21859 Zenlayer Inc - Failed SSH at ... show more UFW blocked IP 104.166.189.226 - Location: Amsterdam, NL - ISP: AS21859 Zenlayer Inc - Failed SSH attempts show less	Brute-Force SSH
🇧🇾 StatsMe	2026-02-19 21:54:14 (3 months ago)	2026-02-19T05:58:50.596202+0300 ET SCAN Sipvicious Scan	Port Scan

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:150:13a5::100:16

🇬🇧 217.154.35.203

🇩🇪 194.88.98.86

🇩🇪 192.109.200.220

🇻🇳 160.30.113.59

🇺🇸 138.68.238.72

🇵🇪 38.25.98.221

🇺🇸 20.102.115.137

🇷🇺 217.8.226.227

🇰🇷 211.187.7.14

🇨🇳 183.56.243.176

🇮🇹 172.213.25.203

🇰🇷 118.39.230.40

🇺🇸 96.78.175.36

🇺🇦 91.228.122.153

🇭🇺 84.0.60.153

🇰🇷 59.12.212.38

🇳🇱 52.232.19.79

🇸🇬 47.84.138.34

🇨🇳 39.165.63.169