JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.248.25.225

104.248.25.225 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 83%: ?

83%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.248.25.225

Whois 104.248.25.225

IP Abuse Reports for 104.248.25.225:

This IP address has been reported a total of 81 times from 58 distinct sources. 104.248.25.225 was first reported on November 22nd 2020, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 Kitki30.com	2026-05-23 03:41:25 (3 weeks ago)	Entered FTP Tarpit	FTP Brute-Force Port Scan Brute-Force
🇷🇺 DZBOT	2026-05-22 21:23:35 (3 weeks ago)	DZBOT. Brute-force users SMTP	Brute-Force
Anonymous	2026-05-22 19:36:02 (3 weeks ago)	Unauthorized SSH login attempts	Brute-Force SSH
Anonymous	2026-05-22 08:02:55 (3 weeks ago)	Web attack	Bad Web Bot Web App Attack
🇦🇪 abusiveIntelligence	2026-05-22 04:20:00 (3 weeks ago)	RDP connect attempt: Nmap Scanner	Brute-Force
🇺🇸 donarev419	2026-05-22 03:36:13 (3 weeks ago)	Port scan detected on port 445 (connection without data transfer)	Port Scan
Anonymous	2026-05-22 01:31:27 (3 weeks ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇩🇪 manuelisus	2026-05-21 17:23:37 (3 weeks ago)	Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +20: http_no_user_agent, +10: ... show more Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +20: http_no_user_agent, +10: hosting_provider_digital, +15: cloud_provider_DigitalOcean show less	Web App Attack Hacking
🇬🇧 seniorlinuxadmin	2026-05-21 10:29:56 (3 weeks ago)	104.248.25.225 - - [21/May/2026:11:29:55 +0100] "GET / HTTP/1.0" 403 158 "-" "-"	Port Scan Web App Attack
🇺🇸 gu-alvareza	2026-05-21 07:05:18 (3 weeks ago)	Nmap.Script.Scanner	Port Scan
🇦🇪 abusiveIntelligence	2026-05-21 01:39:00 (3 weeks ago)	RDP connect attempt: Nmap Scanner	Brute-Force
🇲🇹 neilcaruana	2026-05-20 18:22:47 (3 weeks ago)	Sentinel detected an attack on port [5060]	Hacking
🇨🇦 Slackin' Jack	2026-05-20 16:58:53 (3 weeks ago)	Triggered honeypot on port 23. (104.248.25.225)	Port Scan
🇨🇳 Peter Yu	2026-05-20 12:21:00 (3 weeks ago)		Bad Web Bot Web App Attack
🇫🇷 BULLSEYE	2026-05-20 10:43:21 (3 weeks ago)	Automated IMAP security detection from MailEnable logs. Observed patterns: LOGIN fails=0, AUTHENTICA ... show more Automated IMAP security detection from MailEnable logs. Observed patterns: LOGIN fails=0, AUTHENTICATE fails=0, Scanner/Probe=4; Score=8 (weights: login=2, auth=2, scan=2). Top: SCAN:EMPTY_UNKN=3, SCAN:HTTP_PROBE=1 (possible service probing/scanning). Traffic characteristics strongly indicate automated malicious activity against IMAP. show less	Port Scan Brute-Force

Showing 1 to 15 of 81 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 190.108.79.142

🇫🇷 161.97.170.17

🇨🇳 116.237.3.158

🇷🇺 91.211.236.106

🇭🇰 199.45.154.179

🇧🇷 172.233.25.72

🇮🇳 157.20.211.83

🇯🇵 140.83.33.115

🇻🇳 116.101.123.227

🇺🇸 107.175.156.151

🇷🇴 80.94.92.186

🇺🇸 69.63.218.92

🇺🇸 67.21.70.131

🇧🇷 45.164.251.67

🇬🇧 45.82.76.121

🇩🇪 3.127.39.67

🇦🇹 185.104.63.74

🇵🇰 182.189.92.162

🇺🇸 170.231.251.169

🇰🇷 118.37.214.187