JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.223.101.104

159.223.101.104 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 87%: ?

87%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	North Bergen, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.223.101.104

Whois 159.223.101.104

IP Abuse Reports for 159.223.101.104:

This IP address has been reported a total of 19 times from 16 distinct sources. 159.223.101.104 was first reported on February 8th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-21 15:16:00 (2 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 27019 [14] TCP	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-21 04:32:42 (12 hours ago)	Honeypot hit: Empty payload (likely service probe); 9203 [14] TCP	Port Scan
🇳🇱 donarev419	2026-06-21 01:44:44 (15 hours ago)	Connection to port 10086 with data transfer. Data preview:	Port Scan Hacking
🇺🇸 drewf.ink	2026-06-21 00:12:11 (17 hours ago)	[00:12] Port scanning. Port(s) scanned: TCP/9300	Port Scan
🇬🇧 gbzret4d	2026-06-20 19:57:51 (21 hours ago)	Honeypot [uk-production01]: Unauthorized traffic (4 bytes of payload); 15672 [13] TCP	Port Scan
🇦🇪 abusiveIntelligence	2026-06-20 15:20:00 (1 day ago)	RDP connect attempt: Nmap Scanner	Brute-Force
🇫🇷 TheHoneyPotter	2026-06-20 13:41:02 (1 day ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 1434 [12] TCP Reported by: https://git ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 1434 [12] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 guldkage	2026-06-20 12:11:52 (1 day ago)	Unauthorized connection attempt detected from IP address 159.223.101.104 to port 1434 (ger-03) [h]	Brute-Force Exploited Host
🇧🇷 somosbr	2026-06-20 08:03:13 (1 day ago)	[2026-06-20T08:03:13Z] Unsolicited scan from 159.223.101.104 to port 300/tcp	Port Scan
🇩🇪 _ArminS_	2026-06-20 07:51:48 (1 day ago)	SP-Scan 31845:9300 detected 2026.06.20 09:51:48 blocked until 2026.08.09 02:54:35	Port Scan
🇩🇪 Axel	2026-06-20 05:52:38 (1 day ago)	[2026-06-20 05:52:38 UTC] Honeypot Elasticsearch Alt connection attempt \| AXFRA HONEYPOT	Hacking
🇩🇪 dispaisyenterprises	2026-06-20 02:57:56 (1 day ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (5 bytes of payload); 8087 [7] TCP Reported by DisP ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (5 bytes of payload); 8087 [7] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
Anonymous	2026-06-19 21:59:31 (1 day ago)	Heralding honeypot: mysql on port 3306	Brute-Force
🇨🇦 dpinse	2026-06-19 18:03:58 (1 day ago)	Honeypot [honeypot-ca-sensor1]: MSSQL traffic (on 1433) without login credentials	Port Scan
🇺🇸 drewf.ink	2026-06-19 14:05:40 (2 days ago)	[14:05] Port scanning. Port(s) scanned: TCP/5984	Port Scan

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇸🇬 172.217.47.25

🇳🇿 103.75.11.188

🇨🇳 222.129.37.92

🇮🇩 103.59.94.61

🇧🇬 94.155.124.98

🇸🇬 43.159.51.254

🇰🇷 43.155.134.4

🇨🇳 27.17.182.108

🇺🇸 20.169.107.174

🇺🇸 2a04:c300:400::1ce

🇫🇷 176.171.152.211

🇸🇬 165.154.200.48

🇺🇸 134.122.125.153

🇧🇬 78.128.114.102

🇺🇸 76.33.73.139

🇮🇳 2401:4900:8823:396b:f4e6:df21:1a69:8b03

🇩🇪 167.94.146.46

🇨🇳 153.0.82.52

🇸🇬 152.42.177.64