JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.248.130.209

104.248.130.209 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 6%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.248.130.209

Whois 104.248.130.209

IP Abuse Reports for 104.248.130.209:

This IP address has been reported a total of 51 times from 44 distinct sources. 104.248.130.209 was first reported on January 30th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 centurion	2026-04-16 04:49:31 (1 month ago)	Blocked by UFW on ns02 [8080/tcp] Source port: 61011 TTL: 247 Packet length: 44 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [8080/tcp] Source port: 61011 TTL: 247 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 MPL	2026-04-16 04:15:01 (1 month ago)	tcp/80	Port Scan
🇺🇸 xmission.com	2026-04-13 04:36:57 (2 months ago)	Blocked by UFW (TCP on 80) Source port: 61004 TTL: 238 Packet length: 44 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 61004 TTL: 238 Packet length: 44 TOS: 0x08 This report (for 104.248.130.209) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇨🇭 4server	2026-04-10 14:58:15 (2 months ago)	[FriApr1016:58:12.5253922026][security2:error][pid4096564:tid4096587][client104.248.130.209:0]ModSec ... show more [FriApr1016:58:12.5253922026][security2:error][pid4096564:tid4096587][client104.248.130.209:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(filemanager\\|wp-file-manager\\|elfinder\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"420\"][id\"980500\"][msg\"WordPressfilemanagerexploitattempt\"][hostname\"edelhaut.ch\"][uri\"/wp-admin/plugins.php\"][unique_id\"adkQBMFyClxwpLjfW1ktOgAAAJU\"] show less	Hacking Web App Attack
🇹🇷 sh97	2026-03-30 03:51:16 (2 months ago)	tr01: SSH Brute Force from 104.248.130.209 at 2026-03-30 09:21:16 IST	Brute-Force SSH
🇹🇷 sh97	2026-03-30 02:04:32 (2 months ago)	tr01: SSH Brute Force from 104.248.130.209 at 2026-03-30 07:34:32 IST	Brute-Force SSH
🇹🇷 sh97	2026-03-28 13:22:24 (2 months ago)	tr01: SSH Brute Force from 104.248.130.209 at 2026-03-28 18:52:23 IST	Brute-Force SSH
🇹🇷 sh97	2026-03-23 20:23:47 (2 months ago)	tr01: SSH Brute Force from 104.248.130.209 at 2026-03-24 01:53:47 IST	Brute-Force SSH
🇮🇹 iStitch07	2026-03-15 08:00:31 (2 months ago)	SSH Brute-force	Brute-Force
🇫🇷 Xargana	2026-03-15 07:55:18 (2 months ago)	Fail2Ban ban for sshd	Brute-Force SSH
🇹🇷 sh97	2026-03-15 07:55:11 (2 months ago)	tr01: SSH Brute Force from 104.248.130.209 at 2026-03-15 13:25:10 IST	Brute-Force SSH
🇩🇪 ITSNF	2026-03-15 07:55:11 (2 months ago)	PBK Mar 15 08:53:17 websrv01 sshd[4085162]: Failed password for root from 104.248.130.209 port 34936 ... show more PBK Mar 15 08:53:17 websrv01 sshd[4085162]: Failed password for root from 104.248.130.209 port 34936 ssh2 Mar 15 08:54:12 websrv01 sshd[4085194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.209 user=root Mar 15 08:54:14 websrv01 sshd[4085194]: Failed password for root from 104.248.130.209 port 50154 ssh2 Mar 15 08:55:09 websrv01 sshd[4085351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.209 user=root Mar 15 08:55:11 websrv01 sshd[4085351]: Failed password for root from 104.248.130.209 port 53736 ssh2 show less	Brute-Force SSH
🇩🇪 MU-star.net	2026-03-15 07:55:07 (2 months ago)	2026-03-15T16:53:12.579016 mustar-kr-mayo sshd[3040624]: Failed password for root from 104.248.130.2 ... show more 2026-03-15T16:53:12.579016 mustar-kr-mayo sshd[3040624]: Failed password for root from 104.248.130.209 port 45380 ssh2 2026-03-15T16:54:08.034872 mustar-kr-mayo sshd[3040627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.209 user=root 2026-03-15T16:54:10.518874 mustar-kr-mayo sshd[3040627]: Failed password for root from 104.248.130.209 port 60428 ssh2 2026-03-15T16:55:04.538126 mustar-kr-mayo sshd[3040633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.209 user=root 2026-03-15T16:55:06.042887 mustar-kr-mayo sshd[3040633]: Failed password for root from 104.248.130.209 port 54108 ssh2 ... show less	Hacking Brute-Force SSH
Anonymous	2026-03-15 07:53:31 (2 months ago)	Mar 15 07:51:32 f2b auth.info sshd[764357]: Failed password for root from 104.248.130.209 port 39316 ... show more Mar 15 07:51:32 f2b auth.info sshd[764357]: Failed password for root from 104.248.130.209 port 39316 ssh2 Mar 15 07:52:32 f2b auth.info sshd[764360]: Failed password for root from 104.248.130.209 port 44322 ssh2 Mar 15 07:53:30 f2b auth.info sshd[764363]: Failed password for root from 104.248.130.209 port 52180 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-03-15 07:51:35 (2 months ago)	Cowrie Honeypot: Brute Force attempt with root/123456	Brute-Force SSH

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.49

🇬🇧 195.206.182.206

🇧🇷 177.174.89.99

🇮🇳 168.144.95.137

🇨🇦 85.217.149.47

🇱🇹 78.58.219.59

🇺🇸 35.170.205.140

🇺🇸 4.246.117.137

🇬🇧 217.146.80.99

🇲🇦 196.119.27.86

🇩🇪 185.176.94.38

🇺🇸 172.253.9.221

🇳🇱 91.92.40.23

🇲🇾 47.254.229.107

🇧🇷 191.233.234.186

🇲🇽 186.96.158.180

🇫🇮 95.216.252.68

🇮🇪 52.17.80.24

🇺🇸 2607:f8b0:4023:1004::12e

🇲🇽 187.191.48.4