AbuseIPDB » 104.248.207.60
104.248.207.60 was found in our database!
This IP was reported 11 times. Confidence of
Abuse
is 0%: ?
| ISP |
DigitalOcean, LLC
|
| Usage Type |
Data Center/Web Hosting/Transit
|
| ASN |
AS14061
|
| Domain Name |
digitalocean.com
|
| Country |
๐ณ๐ฑ
Netherlands
|
| City |
Amsterdam, North Holland
|
IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
IP Abuse Reports for 104.248.207.60:
This IP address has been reported a total of
11
times from
9 distinct
sources.
104.248.207.60 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
| Reporter |
IoA Timestamp (UTC)
|
Comment |
Categories |
|
|
Anonymous
|
|
"Proxies that are used for attacking
https://pastebin.com/JZr9dSDT"
|
Open Proxy
|
|
|
Anonymous
|
|
"Proxies that are used for attacking
https://pastebin.com/JZr9dSDT"
|
Open Proxy
|
|
|
๐ช๐ธ
el-brujo
|
|
Proxies digitalstress[.]su used for attacking
|
DDoS Attack
|
|
|
๐จ๐ญ
mitigated.network
|
|
2024-04-01 11:15:26: Minecraft server scan detected from 104.248.207.60 on port 25565 of vps-6085
|
Port Scan
Hacking
|
|
|
๐ฉ๐ช
Packets-Decreaser.NET
|
|
Incoming Layer 7 Flood Detected
|
DDoS Attack
Web Spam
|
|
|
๐ฉ๐ช
CommanderRoot
|
|
HTTP request flood, even after hitting rate limiting
|
DDoS Attack
Web Spam
|
|
|
๐ฉ๐ช
Packets-Decreaser.NET
|
|
Incoming Layer 7 Flood Detected
|
DDoS Attack
Web Spam
|
|
|
๐ฎ๐ฉ
hermawan
|
|
[Tue Dec 26 22:46:08.485593 2023] [security2:error] [pid 41031:tid 140527966086720] [client 104.248. ...
show more
[Tue Dec 26 22:46:08.485593 2023] [security2:error] [pid 41031:tid 140527966086720] [client 104.248.207.60:42188] [client 104.248.207.60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "X-Forwarded-For" at REQUEST_HEADERS_NAMES:X-Forwarded-For. [file "/etc/modsecurity/coreruleset-3.3.5/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "28"] [id "440005"] [msg "BAD REQUEST_HEADERS_NAMES - Detected and Blocked"] [data "Matched Data: X-Forwarded-For found within REQUEST_HEADERS_NAMES:X-Forwarded-For: X-Forwarded-For request_line = GET /administrator/index.php HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/administrator/index.php"] [unique_id "ZYr1QJBjIoHOXDuv92Sj_AAAATQ"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[41121] [iw63lKPgshw] [ZYr1QJBjIoHOXDuv92Sj_AAAATQ] keep_alive=[0] [2023-12-26 22:46:08.485600] [R:ZYr1QJBjIoHOXDuv92Sj_AAAATQ] UA:'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0'
...
show less
|
Hacking
Web App Attack
|
|
|
๐ง๐ท
odd.rip
|
|
Found on a public proxy website
|
Open Proxy
|
|
|
๐ฒ๐ฉ
iHost
|
|
*Port Scan* detected from 104.248.207.60 (NL/Netherlands/-). 3 hits in the last 296 seconds; Ports: ...
show more
*Port Scan* detected from 104.248.207.60 (NL/Netherlands/-). 3 hits in the last 296 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT; Logs: Apr 13 22:06:48 web1 kernel: Firewall: *TCP_IN Blocked* IN=ens2f0 OUT= MAC=ac:16:2d:99:fc:fc:00:08:e3:ff:fc:28:08:00 SRC=104.248.207.60 DST=31.131.1.14 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=23392 PROTO=TCP SPT=40757 DPT=4567 WINDOW=1024 RES=0x00 SYN URGP=0
Apr 13 22:07:50 web1 kernel: Firewall: *TCP_IN Blocked* IN=ens2f0 OUT= MAC=ac:16:2d:99:fc:fc:00:08:e3:ff:fc:28:08:00 SRC=104.248.207.60 DST=31.131.1.14 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=49068 PROTO=TCP SPT=40818 DPT=81 WINDOW=1024 RES=0x00 SYN URGP=0
Apr 13 22:08:51 web1 kernel: Firewall: *TCP_IN Blocked* IN=ens2f0 OUT= MAC=ac:16:2d:99:fc:fc:00:08:e3:ff:fc:28:08:00 SRC=104.248.207.60 DST=31.131.1.14 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=31140 PROTO=TCP SPT=40880 DPT=554 WINDOW=1024 RES=0x00 SYN URGP=0
show less
|
Port Scan
|
|
|
Anonymous
|
|
port scan and connect, tcp 80 (http)
|
Port Scan
|
|
Showing 1 to
11
of 11 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: