104.219.248.58

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.219.248.45	attack	This IOC was found in a github gist: https://gist.github.com/b66feefc03dc4c17d0b7d16ca4158374 with the title "a list of ebay phishing domains that i discovered when combing through certificate data (through the .top TLD) " by ANeilan For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-06-19 22:10:29
104.219.248.88	attackbotsspam	This IOC was found in a github gist: https://gist.github.com/b66feefc03dc4c17d0b7d16ca4158374 with the title "a list of ebay phishing domains that i discovered when combing through certificate data (through the .top TLD) " by ANeilan For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-06-19 21:58:52
104.219.248.110	attack	Probing for files and paths: /old/	2020-05-23 07:29:31
104.219.248.2	attackspambots	xmlrpc attack	2019-10-19 04:00:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.219.248.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47952
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.219.248.58.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032102 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 22 06:15:17 CST 2022
;; MSG SIZE  rcvd: 107

Host info

58.248.219.104.in-addr.arpa domain name pointer server139-12.web-hosting.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.248.219.104.in-addr.arpa	name = server139-12.web-hosting.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.173.35.13	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-08-03 04:50:47
195.154.112.213	attackbots	08/02/2019-15:30:32.510183 195.154.112.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-03 04:43:00
159.203.143.58	attackspam	Aug 2 16:17:21 xtremcommunity sshd\[6364\]: Invalid user bis from 159.203.143.58 port 41184 Aug 2 16:17:21 xtremcommunity sshd\[6364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.143.58 Aug 2 16:17:23 xtremcommunity sshd\[6364\]: Failed password for invalid user bis from 159.203.143.58 port 41184 ssh2 Aug 2 16:23:28 xtremcommunity sshd\[6566\]: Invalid user admin from 159.203.143.58 port 35444 Aug 2 16:23:28 xtremcommunity sshd\[6566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.143.58 ...	2019-08-03 04:57:23
152.136.95.118	attackbots	Aug 2 22:30:26 * sshd[15708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.95.118 Aug 2 22:30:27 * sshd[15708]: Failed password for invalid user kelvin from 152.136.95.118 port 60716 ssh2	2019-08-03 04:48:36
167.71.194.222	attack	Aug 2 16:00:57 vps200512 sshd\[20696\]: Invalid user admin from 167.71.194.222 Aug 2 16:00:57 vps200512 sshd\[20696\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.194.222 Aug 2 16:00:59 vps200512 sshd\[20696\]: Failed password for invalid user admin from 167.71.194.222 port 39616 ssh2 Aug 2 16:06:26 vps200512 sshd\[20792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.194.222 user=root Aug 2 16:06:28 vps200512 sshd\[20792\]: Failed password for root from 167.71.194.222 port 34764 ssh2	2019-08-03 04:19:38
47.91.90.132	attack	Aug 2 21:26:43 eventyay sshd[13511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.91.90.132 Aug 2 21:26:46 eventyay sshd[13511]: Failed password for invalid user test from 47.91.90.132 port 53318 ssh2 Aug 2 21:31:24 eventyay sshd[14751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.91.90.132 ...	2019-08-03 04:23:52
189.240.94.115	attack	2019-08-02T22:31:42.911349 sshd[22355]: Invalid user conradina. from 189.240.94.115 port 4340 2019-08-02T22:31:42.927136 sshd[22355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.240.94.115 2019-08-02T22:31:42.911349 sshd[22355]: Invalid user conradina. from 189.240.94.115 port 4340 2019-08-02T22:31:45.316728 sshd[22355]: Failed password for invalid user conradina. from 189.240.94.115 port 4340 ssh2 2019-08-02T22:36:51.854335 sshd[22395]: Invalid user subhana from 189.240.94.115 port 4341 ...	2019-08-03 04:55:14
139.199.60.110	attack	Aug 3 02:06:34 areeb-Workstation sshd\[26652\]: Invalid user jenkins from 139.199.60.110 Aug 3 02:06:34 areeb-Workstation sshd\[26652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.60.110 Aug 3 02:06:36 areeb-Workstation sshd\[26652\]: Failed password for invalid user jenkins from 139.199.60.110 port 54300 ssh2 ...	2019-08-03 04:48:57
206.81.27.137	attackspam	loopsrockreggae.com 206.81.27.137 \[02/Aug/2019:21:33:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" loopsrockreggae.com 206.81.27.137 \[02/Aug/2019:21:33:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 5583 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-03 04:18:05
114.7.120.10	attack	Aug 2 21:34:18 microserver sshd[50757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 user=root Aug 2 21:34:20 microserver sshd[50757]: Failed password for root from 114.7.120.10 port 47466 ssh2 Aug 2 21:39:51 microserver sshd[52143]: Invalid user xena from 114.7.120.10 port 45172 Aug 2 21:39:51 microserver sshd[52143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 Aug 2 21:39:53 microserver sshd[52143]: Failed password for invalid user xena from 114.7.120.10 port 45172 ssh2 Aug 2 21:50:45 microserver sshd[54509]: Invalid user range from 114.7.120.10 port 40457 Aug 2 21:50:45 microserver sshd[54509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.7.120.10 Aug 2 21:50:47 microserver sshd[54509]: Failed password for invalid user range from 114.7.120.10 port 40457 ssh2 Aug 2 21:56:13 microserver sshd[55568]: Invalid user whois from 114.7.120.10 port	2019-08-03 04:15:54
148.70.100.235	attackspambots	Aug 2 19:06:07 shared07 sshd[20438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.100.235 user=r.r Aug 2 19:06:10 shared07 sshd[20438]: Failed password for r.r from 148.70.100.235 port 42692 ssh2 Aug 2 19:06:10 shared07 sshd[20438]: Received disconnect from 148.70.100.235 port 42692:11: Bye Bye [preauth] Aug 2 19:06:10 shared07 sshd[20438]: Disconnected from 148.70.100.235 port 42692 [preauth] Aug 2 19:12:53 shared07 sshd[21748]: Invalid user user from 148.70.100.235 Aug 2 19:12:53 shared07 sshd[21748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.100.235 Aug 2 19:12:54 shared07 sshd[21748]: Failed password for invalid user user from 148.70.100.235 port 38276 ssh2 Aug 2 19:12:57 shared07 sshd[21748]: Received disconnect from 148.70.100.235 port 38276:11: Bye Bye [preauth] Aug 2 19:12:57 shared07 sshd[21748]: Disconnected from 148.70.100.235 port 38276 [preauth] ........ -------------------------------	2019-08-03 04:58:43
199.36.111.220	attackbots	Honeypot attack, port: 445, PTR: 220-111-36-199.reverse.instavps.net.	2019-08-03 04:24:52
27.128.169.31	attack	Aug 2 22:16:04 vps647732 sshd[22890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.169.31 Aug 2 22:16:06 vps647732 sshd[22890]: Failed password for invalid user sales1 from 27.128.169.31 port 45070 ssh2 ...	2019-08-03 04:24:20
165.22.118.101	attackbots	Aug 2 23:27:08 docs sshd\[6649\]: Invalid user admin from 165.22.118.101Aug 2 23:27:11 docs sshd\[6649\]: Failed password for invalid user admin from 165.22.118.101 port 48268 ssh2Aug 2 23:31:53 docs sshd\[6724\]: Invalid user psanborn from 165.22.118.101Aug 2 23:31:55 docs sshd\[6724\]: Failed password for invalid user psanborn from 165.22.118.101 port 44532 ssh2Aug 2 23:36:37 docs sshd\[6814\]: Invalid user support from 165.22.118.101Aug 2 23:36:38 docs sshd\[6814\]: Failed password for invalid user support from 165.22.118.101 port 41088 ssh2 ...	2019-08-03 04:51:45
222.186.52.124	attack	Aug 2 13:52:59 cac1d2 sshd\[16270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.124 user=root Aug 2 13:53:02 cac1d2 sshd\[16270\]: Failed password for root from 222.186.52.124 port 50930 ssh2 Aug 2 13:53:04 cac1d2 sshd\[16270\]: Failed password for root from 222.186.52.124 port 50930 ssh2 ...	2019-08-03 04:53:42

Recently Reported IPs

104.218.234.249	104.22.0.30	104.22.1.30	104.22.12.91
104.22.13.91	104.22.14.219	104.22.15.219	104.22.20.216
179.63.224.66	195.3.246.167	104.22.20.82	104.22.21.216
104.22.21.82	104.22.26.249	104.22.27.249	104.22.30.108
104.22.31.108	104.22.34.252	104.22.35.252	104.22.35.64