JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.248.194.189

104.248.194.189 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 11%: ?

11%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.248.194.189

Whois 104.248.194.189

IP Abuse Reports for 104.248.194.189:

This IP address has been reported a total of 97 times from 73 distinct sources. 104.248.194.189 was first reported on December 15th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-05 01:22:04 (1 month ago)	ThreatBook Intelligence: vpn_proxy,Dynamic IP more details on https://threatbook.io/ip/104.248.194.1 ... show more ThreatBook Intelligence: vpn_proxy,Dynamic IP more details on https://threatbook.io/ip/104.248.194.189 2026-05-04 14:04:02 / 2026-05-04 14:04:03 /favicon.ico show less	Web App Attack
🇯🇵 demonsword	2026-05-04 20:17:18 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: icanhazip.com:443 show less	Open Proxy Port Scan
🇩🇪 iNetWorker	2026-05-04 05:21:01 (1 month ago)	firewall-block, port(s): 8443/tcp	Port Scan
🇩🇪 Admins@FBN	2026-03-22 04:46:47 (3 months ago)	FW-PortScan: Traffic Blocked srcport=61002 dstport=8808	Port Scan
🇺🇸 RAP	2026-03-22 01:26:37 (3 months ago)	2026-03-22 01:26:37 UTC Unauthorized activity to TCP port 8089. Web App	Port Scan Web App Attack
🇺🇸 MPL	2026-03-22 01:24:41 (3 months ago)	tcp/8888 (2 or more attempts)	Port Scan
🇪🇸 masterguru	2026-03-06 22:32:13 (3 months ago)	(sshd) Failed SSH login from 104.248.194.189 (NL/The Netherlands/-): 5 in the last 3600 secs (0-167)	Hacking
🇹🇷 rtbh.com.tr	2026-01-22 12:11:09 (5 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2026-01-16 23:28:10 (5 months ago)		Brute-Force Web App Attack
🇩🇪 JustPlayer	2026-01-15 03:50:25 (5 months ago)	2026-01-15T03:48:23.827714+00:00 de-milk-fsn01-100 sshd[694056]: Invalid user postgres from 104.248. ... show more 2026-01-15T03:48:23.827714+00:00 de-milk-fsn01-100 sshd[694056]: Invalid user postgres from 104.248.194.189 port 52864 2026-01-15T03:48:54.044491+00:00 de-milk-fsn01-100 sshd[694357]: Invalid user postgres from 104.248.194.189 port 43042 2026-01-15T03:49:24.286972+00:00 de-milk-fsn01-100 sshd[694719]: Invalid user pi from 104.248.194.189 port 42436 2026-01-15T03:49:54.875155+00:00 de-milk-fsn01-100 sshd[695025]: Invalid user pi from 104.248.194.189 port 60898 2026-01-15T03:50:24.655690+00:00 de-milk-fsn01-100 sshd[695400]: Invalid user pi from 104.248.194.189 port 46536 ... show less	Brute-Force SSH
Anonymous	2026-01-15 03:41:19 (5 months ago)	2026-01-15T11:37:43.015957+08:00 TPHK sshd[2165802]: Invalid user oracle from 104.248.194.189 port 4 ... show more 2026-01-15T11:37:43.015957+08:00 TPHK sshd[2165802]: Invalid user oracle from 104.248.194.189 port 44428 2026-01-15T11:38:13.394367+08:00 TPHK sshd[2166168]: Invalid user oracle from 104.248.194.189 port 34900 2026-01-15T11:38:44.240045+08:00 TPHK sshd[2166582]: Invalid user oracle from 104.248.194.189 port 56442 2026-01-15T11:39:15.611118+08:00 TPHK sshd[2167150]: Invalid user oracle from 104.248.194.189 port 56734 2026-01-15T11:39:47.220379+08:00 TPHK sshd[2167590]: Invalid user oracle from 104.248.194.189 port 47544 2026-01-15T11:40:18.434749+08:00 TPHK sshd[2167975]: Invalid user postgres from 104.248.194.189 port 48338 2026-01-15T11:40:48.492174+08:00 TPHK sshd[2168386]: Invalid user postgres from 104.248.194.189 port 36034 2026-01-15T11:41:18.560360+08:00 TPHK sshd[2168738]: Invalid user postgres from 104.248.194.189 port 42646 ... show less	Brute-Force SSH
🇳🇱 Brict IT	2026-01-15 03:40:24 (5 months ago)	2026-01-15T04:40:24.118912+01:00 sshd[2669115]: Connection closed by invalid user 104.248.194.189 po ... show more 2026-01-15T04:40:24.118912+01:00 sshd[2669115]: Connection closed by invalid user 104.248.194.189 port [preauth] show less	Brute-Force SSH
🇩🇪 JustPlayer	2026-01-15 03:25:28 (5 months ago)	2026-01-15T04:25:27.363439+01:00 de-milk-fsn01 sshd[3444950]: Invalid user user from 104.248.194.189 ... show more 2026-01-15T04:25:27.363439+01:00 de-milk-fsn01 sshd[3444950]: Invalid user user from 104.248.194.189 port 57362 ... show less	Brute-Force SSH
Anonymous	2026-01-15 03:25:25 (5 months ago)	Jan 15 04:24:24 prisma sshd[233527]: Failed password for invalid user user from 104.248.194.189 port ... show more Jan 15 04:24:24 prisma sshd[233527]: Failed password for invalid user user from 104.248.194.189 port 37112 ssh2 Jan 15 04:24:54 prisma sshd[233936]: Invalid user user from 104.248.194.189 port 56384 Jan 15 04:24:54 prisma sshd[233936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.194.189 Jan 15 04:24:56 prisma sshd[233936]: Failed password for invalid user user from 104.248.194.189 port 56384 ssh2 Jan 15 04:25:24 prisma sshd[234274]: Invalid user user from 104.248.194.189 port 46512 ... show less	Brute-Force SSH
🇩🇪 mueslo	2026-01-15 03:25:13 (5 months ago)	2026-01-15T05:24:44.681066+02:00 hyperion sshd-session[2078301]: Failed password for invalid user us ... show more 2026-01-15T05:24:44.681066+02:00 hyperion sshd-session[2078301]: Failed password for invalid user user from 104.248.194.189 port 42846 ssh2 2026-01-15T05:24:42.493319+02:00 hyperion sshd-session[2078301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.194.189 2026-01-15T05:24:42.497036+02:00 hyperion sshd-session[2078301]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.194.189 user=user 2026-01-15T05:24:44.681066+02:00 hyperion sshd-session[2078301]: Failed password for invalid user user from 104.248.194.189 port 42846 ssh2 2026-01-15T05:25:12.496797+02:00 hyperion sshd-session[2078366]: Invalid user user from 104.248.194.189 port 34978 2026-01-15T05:25:12.496797+02:00 hyperion sshd-session[2078366]: Invalid user user from 104.248.194.189 port 34978 show less	Brute-Force SSH

Showing 1 to 15 of 97 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 160.202.39.131

🇺🇸 35.202.102.230

🇮🇪 207.254.22.207

🇺🇸 205.210.31.48

🇫🇷 194.163.150.184

🇩🇪 167.94.146.74

🇺🇸 165.154.235.9

🇷🇺 152.32.228.20

🇨🇳 110.249.202.90

🇺🇸 64.62.156.66

🇺🇦 46.149.191.249

🇧🇷 45.164.251.106

🇸🇬 45.82.78.102

🇳🇵 202.51.92.219

🇿🇦 197.91.144.153

🇺🇸 195.184.76.175

🇮🇳 152.32.156.158

🇺🇸 148.153.159.182

🇸🇬 145.223.131.159

🇱🇻 81.30.98.158