JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.223.22.102

104.223.22.102 was found in our database!

This IP was reported 85 times. Confidence of Abuse is 56%: ?

56%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	104-223-22-102-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.223.22.102

Whois 104.223.22.102

IP Abuse Reports for 104.223.22.102:

This IP address has been reported a total of 85 times from 55 distinct sources. 104.223.22.102 was first reported on April 19th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 MindSolve	2026-05-02 17:12:42 (1 month ago)	2026-04-20 18:00:19.504461 [WARNING] sofia_reg.c:1798 SIP auth challenge (INVITE) on sofia profile ' ... show more 2026-04-20 18:00:19.504461 [WARNING] sofia_reg.c:1798 SIP auth challenge (INVITE) on sofia profile 'internal' for [[email protected]] from ip 104.223.22.102 show less	Fraud VoIP Hacking Brute-Force
🇹🇷 pamircil	2026-04-29 10:00:46 (1 month ago)	🍯 WinnieThePooh Honeypot : Botnet Activity (UDP/5060) 💀	Hacking Brute-Force SSH
🇫🇮 MindSolve	2026-04-23 22:25:47 (1 month ago)	2026-04-20 18:00:19.504461 [WARNING] sofia_reg.c:1798 SIP auth challenge (INVITE) on sofia profile ' ... show more 2026-04-20 18:00:19.504461 [WARNING] sofia_reg.c:1798 SIP auth challenge (INVITE) on sofia profile 'internal' for [[email protected]] from ip 104.223.22.102 show less	Fraud VoIP Hacking Brute-Force
🇷🇸 Smel	2026-04-22 06:30:03 (1 month ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 iNetWorker	2026-04-22 06:20:41 (1 month ago)	firewall-block, port(s): 5064/udp	Port Scan
🇳🇴 tmiland	2026-04-22 01:39:47 (1 month ago)	Suricata Detected 4 attacks from 104.223.22.102.; ET CINS Active Threat Intelligence Poor Reputation ... show more Suricata Detected 4 attacks from 104.223.22.102.; ET CINS Active Threat Intelligence Poor Reputation IP group 160; IP: 104.223.22.102; Ports: 9353; Direction: to_server; Trigger: CINS; Category: Misc Attack; Severity: 2 show less	Exploited Host
🇬🇧 andypiper	2026-04-22 01:02:56 (1 month ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇫🇷 Little Iguana	2026-04-21 21:44:22 (1 month ago)	trying to access non-authorized port	Port Scan
🇮🇹 matthew_eli	2026-04-21 20:45:10 (1 month ago)	Keenetic Firewall: Blocked Traffic (No Port Detected - likely UDP). Blocked 42 times in last 24h.	Port Scan
🇩🇪 phil2k	2026-04-21 20:05:16 (1 month ago)	portscan on multiple UDP ports : Firewall: Within 2026-04-19 11:01:58 - 2026-04-21 03:01:16 CEST(+02 ... show more portscan on multiple UDP ports : Firewall: Within 2026-04-19 11:01:58 - 2026-04-21 03:01:16 CEST(+0200) identified: port scan from 104.223.22.102/32 on uncommon port/s: 5061(sip-tls),5062(udp:5062),5060(sip) (3 trials) Fail2ban: Within 2026-04-19 11:01:58 - 2026-04-21 03:01:16 CEST(+0200) banned: 10 times by fail2ban[firewall]; 10 times by fail2ban[recidive] show less	Port Scan
🇩🇪 iNetWorker	2026-04-21 18:00:53 (1 month ago)	firewall-block, port(s): 5063/udp	Port Scan
🇳🇴 tmiland	2026-04-21 13:21:24 (1 month ago)	Suricata Detected 2 attacks from 104.223.22.102.; ET CINS Active Threat Intelligence Poor Reputation ... show more Suricata Detected 2 attacks from 104.223.22.102.; ET CINS Active Threat Intelligence Poor Reputation IP group 154; IP: 104.223.22.102; Ports: 10258; Direction: to_server; Trigger: CINS; Category: Misc Attack; Severity: 2 show less	Exploited Host
🇩🇪 KPS	2026-04-21 13:03:08 (1 month ago)	PortscanM	Port Scan
🇦🇹 Pingger Shikkoken	2026-04-21 12:16:34 (1 month ago)	2026-04-21T12:16:34+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-04-21T12:16:34+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=104.223.22.102 DST=152.53.50.28 LEN=491 TOS=0x00 PREC=0x00 TTL=111 ID=47374 PROTO=UDP SPT=5731 DPT=5063 LEN=471 show less	Hacking
🇨🇭 SOC [GOLINE SA]	2026-04-21 09:52:25 (1 month ago)	IDS Alert: ET CINS Active Threat Intelligence Poor Reputation IP group 154 === ATTACK === Signature: ... show more IDS Alert: ET CINS Active Threat Intelligence Poor Reputation IP group 154 === ATTACK === Signature: ET CINS Active Threat Intelligence Poor Reputation IP group 154 \| SID: 2403453 \| Severity: 2 \| Category: Misc Attack === SOURCE === IP: 104.223.22.102 (IPv4) \| Port: 7516 \| Country: United States \| ISP: Unknown \| rDNS: officelineg.com === TARGET === Host: insightvm.goline.ch \| IP: 185.54.80.24 \| Port: 5063 \| Protocol: UDP \| App: sip === RESPONSE === Time: 2026-04-21 11:52:22 \| Action: Blocked show less	Exploited Host Hacking

Showing 1 to 15 of 85 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 85.121.127.146

🇵🇹 81.193.216.17

🇧🇷 189.45.207.103

🇳🇱 185.100.232.75

🇺🇸 164.90.151.212

🇭🇺 148.135.241.66

🇺🇸 147.185.132.90

🇳🇵 110.34.30.122

🇸🇬 104.28.163.234

🇧🇷 45.205.1.5

🇺🇸 24.144.84.83

🇧🇷 189.110.191.46

🇧🇷 189.84.223.33

🇵🇭 180.191.169.33

🇳🇱 45.148.10.141

🇵🇰 202.163.76.184

🇪🇪 196.196.253.20

🇬🇧 35.203.210.254

🇰🇷 222.108.147.76

🇺🇸 195.184.76.23