104.248.27.192

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.27.37	attackspam	SIPVicious Scanner Detection	2020-02-23 05:43:21
104.248.27.37	attackbotsspam	Automatic report - Port Scan Attack	2020-02-09 03:28:05
104.248.27.37	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-31 05:52:18
104.248.27.238	attack	104.248.27.238 - - \[28/Nov/2019:19:01:54 +0100\] "POST /wp-login.php HTTP/1.0" 200 7411 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.27.238 - - \[28/Nov/2019:19:01:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 7226 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.27.238 - - \[28/Nov/2019:19:01:56 +0100\] "POST /wp-login.php HTTP/1.0" 200 7223 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-29 02:42:53
104.248.27.238	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-11-21 03:33:07
104.248.27.238	attackbotsspam	104.248.27.238 - - \[11/Nov/2019:08:04:51 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.27.238 - - \[11/Nov/2019:08:04:52 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-11 18:21:10
104.248.27.238	attack	Automatic report - Banned IP Access	2019-11-03 19:31:50
104.248.27.238	attackbotsspam	familiengesundheitszentrum-fulda.de 104.248.27.238 \[15/Oct/2019:05:52:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 5690 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" familiengesundheitszentrum-fulda.de 104.248.27.238 \[15/Oct/2019:05:52:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 5645 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-15 13:27:38
104.248.27.238	attack	WordPress wp-login brute force :: 104.248.27.238 0.056 BYPASS [07/Oct/2019:04:26:15 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-07 01:43:48

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       104.248.0.0 - 104.248.255.255
CIDR:           104.248.0.0/16
NetName:        DIGITALOCEAN-104-248-0-0
NetHandle:      NET-104-248-0-0-1
Parent:         NET104 (NET-104-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   DigitalOcean, LLC (DO-13)
RegDate:        2018-08-06
Updated:        2020-04-03
Comment:        Routing and Peering Policy can be found at https://www.as14061.net
Comment:        
Comment:        Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse
Ref:            https://rdap.arin.net/registry/ip/104.248.0.0



OrgName:        DigitalOcean, LLC
OrgId:          DO-13
Address:        105 Edgeview Drive, Suite 425
City:           Broomfield
StateProv:      CO
PostalCode:     80021
Country:        US
RegDate:        2012-05-14
Updated:        2025-04-11
Ref:            https://rdap.arin.net/registry/entity/DO-13


OrgNOCHandle: NOC32014-ARIN
OrgNOCName:   Network Operations Center
OrgNOCPhone:  +1-646-827-4366 
OrgNOCEmail:  noc@digitalocean.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/NOC32014-ARIN

OrgAbuseHandle: DIGIT19-ARIN
OrgAbuseName:   DigitalOcean Abuse
OrgAbusePhone:  +1-646-827-4366 
OrgAbuseEmail:  abuse@digitalocean.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/DIGIT19-ARIN

OrgTechHandle: NOC32014-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-646-827-4366 
OrgTechEmail:  noc@digitalocean.com
OrgTechRef:    https://rdap.arin.net/registry/entity/NOC32014-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.27.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28749
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.27.192.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026042000 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 23:02:12 CST 2026
;; MSG SIZE  rcvd: 107

Host info

Host 192.27.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.27.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.53.44.153	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-16 04:09:25
20.185.42.168	attackspambots	Jul 15 21:03:14 santamaria sshd\[22606\]: Invalid user ec2-user from 20.185.42.168 Jul 15 21:03:14 santamaria sshd\[22606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.185.42.168 Jul 15 21:03:16 santamaria sshd\[22606\]: Failed password for invalid user ec2-user from 20.185.42.168 port 52898 ssh2 ...	2020-07-16 03:59:06
139.59.66.101	attackspam	2020-07-15T21:10:54.391611sd-86998 sshd[2574]: Invalid user ts3server from 139.59.66.101 port 35094 2020-07-15T21:10:54.394974sd-86998 sshd[2574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.66.101 2020-07-15T21:10:54.391611sd-86998 sshd[2574]: Invalid user ts3server from 139.59.66.101 port 35094 2020-07-15T21:10:56.462045sd-86998 sshd[2574]: Failed password for invalid user ts3server from 139.59.66.101 port 35094 ssh2 2020-07-15T21:15:11.311933sd-86998 sshd[3159]: Invalid user wanghui from 139.59.66.101 port 45352 ...	2020-07-16 03:50:20
104.43.20.117	attackbotsspam	Jul 15 13:36:25 main sshd[23308]: Failed password for invalid user admin from 104.43.20.117 port 4620 ssh2	2020-07-16 04:03:45
1.164.108.79	attackspam	Unauthorized connection attempt from IP address 1.164.108.79 on Port 445(SMB)	2020-07-16 03:56:20
216.126.231.15	attack	Jul 15 20:30:42 eventyay sshd[24736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.126.231.15 Jul 15 20:30:43 eventyay sshd[24736]: Failed password for invalid user shirleen from 216.126.231.15 port 60536 ssh2 Jul 15 20:37:24 eventyay sshd[24900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.126.231.15 ...	2020-07-16 04:06:40
41.42.162.131	attackbotsspam	Unauthorized connection attempt from IP address 41.42.162.131 on Port 445(SMB)	2020-07-16 04:09:52
138.197.89.212	attackspam	Jul 15 16:28:30 firewall sshd[10328]: Invalid user user from 138.197.89.212 Jul 15 16:28:32 firewall sshd[10328]: Failed password for invalid user user from 138.197.89.212 port 38470 ssh2 Jul 15 16:36:39 firewall sshd[10494]: Invalid user samy from 138.197.89.212 ...	2020-07-16 04:13:54
106.12.106.232	attackspam	$f2bV_matches	2020-07-16 03:55:43
5.160.33.35	attackbots	Unauthorized connection attempt from IP address 5.160.33.35 on Port 445(SMB)	2020-07-16 04:06:12
40.89.165.157	attackspambots	2020-07-15T15:02:34.302790sorsha.thespaminator.com sshd[13190]: Invalid user ec2-user from 40.89.165.157 port 21636 2020-07-15T15:02:37.064934sorsha.thespaminator.com sshd[13190]: Failed password for invalid user ec2-user from 40.89.165.157 port 21636 ssh2 ...	2020-07-16 04:14:42
220.189.71.174	attackspam	MAIL: User Login Brute Force Attempt	2020-07-16 03:56:42
20.188.61.122	attackbotsspam	Jul 15 13:03:37 mail sshd\[33747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.188.61.122 user=root ...	2020-07-16 03:47:36
41.103.191.63	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-16 04:14:21
191.235.79.110	attackbots	Jul 15 20:49:48 fhem-rasp sshd[16464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.79.110 user=root Jul 15 20:49:50 fhem-rasp sshd[16464]: Failed password for root from 191.235.79.110 port 43429 ssh2 ...	2020-07-16 03:44:44

Recently Reported IPs

167.71.35.23	164.90.177.2	160.119.76.44	223.104.85.236
110.78.154.224	2606:4700:10::6814:8866	2606:4700:10::6816:353d	2606:4700:10::6816:509
2606:4700:10::6816:1095	2606:4700:10::6816:3584	2606:4700:10::ac43:2330	2606:4700:10::6816:2271
110.78.158.163	2606:4700:10::6816:2024	109.167.82.59	2606:4700:10::ac43:1425
2606:4700:10::6816:4053	34.65.42.40	13.229.203.169	13.229.203.203