104.131.22.150

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 104.131.22.150 to port 2220 [J]	2020-01-25 02:49:31
attackspam	Unauthorized connection attempt detected from IP address 104.131.22.150 to port 2220 [J]	2020-01-21 04:40:11
attackbots	Unauthorized connection attempt detected from IP address 104.131.22.150 to port 2220 [J]	2020-01-12 22:14:47
attackbotsspam	Jan 11 08:51:37 ns381471 sshd[28210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.22.150 Jan 11 08:51:39 ns381471 sshd[28210]: Failed password for invalid user kxi from 104.131.22.150 port 42076 ssh2	2020-01-11 20:37:05

Comments on same subnet:

IP	Type	Details	Datetime
104.131.22.18	attackbotsspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 02:55:40
104.131.22.18	attackspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 18:53:43
104.131.22.18	attack	digital ocean sponsor and attack. YAY! Jail. 104.131.22.18 - - [11/Aug/2020:12:04:27 -0400] "GET /wp-login.php HTTP/1.1" 404 809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0 0 "off:-:-" 197 1499	2020-08-12 03:17:00
104.131.221.38	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-19 20:30:57
104.131.221.118	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 22:45:52
104.131.221.197	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 21:18:48
104.131.222.45	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-13 19:11:03
104.131.221.38	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-10 23:34:18
104.131.224.81	attackspam	detected by Fail2Ban	2020-04-05 18:52:23
104.131.224.81	attack	Mar 31 01:06:53 ns381471 sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Mar 31 01:06:55 ns381471 sshd[30702]: Failed password for invalid user wo from 104.131.224.81 port 41894 ssh2	2020-03-31 07:36:23
104.131.224.81	attack	Mar 30 01:01:26 vps647732 sshd[29167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Mar 30 01:01:28 vps647732 sshd[29167]: Failed password for invalid user hkcfpsmtp from 104.131.224.81 port 57981 ssh2 ...	2020-03-30 07:23:36
104.131.221.236	attackbots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-26 23:10:31
104.131.224.81	attackspambots	SSH login attempts @ 2020-03-17 22:46:26	2020-03-22 03:34:20
104.131.221.208	attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-17 02:27:41
104.131.223.156	attackspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-12 01:48:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.22.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49686
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.22.150.			IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011002 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 20:36:59 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 150.22.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 150.22.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.102.68.188	attackspambots	Unauthorized connection attempt detected from IP address 117.102.68.188 to port 22	2020-01-11 07:19:59
70.113.222.187	attack	Honeypot attack, port: 81, PTR: cpe-70-113-222-187.stx.res.rr.com.	2020-01-11 07:16:06
180.179.196.84	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:29:14
77.243.27.181	attack	Jan 10 22:09:57 grey postfix/smtpd\[31080\]: NOQUEUE: reject: RCPT from unknown\[77.243.27.181\]: 554 5.7.1 Service unavailable\; Client host \[77.243.27.181\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=77.243.27.181\; from=\ to=\ proto=ESMTP helo=\<\[77.243.27.181\]\> ...	2020-01-11 07:11:38
117.247.190.142	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-01-11 07:13:04
185.10.62.51	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:01:56
24.237.99.120	attack	Automatic report - SSH Brute-Force Attack	2020-01-11 07:21:42
124.123.80.83	attackspam	Honeypot attack, port: 445, PTR: broadband.actcorp.in.	2020-01-11 07:10:26
14.29.215.5	attackbotsspam	Jan 7 20:37:37 toyboy sshd[21508]: Invalid user jdg from 14.29.215.5 Jan 7 20:37:37 toyboy sshd[21508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.215.5 Jan 7 20:37:39 toyboy sshd[21508]: Failed password for invalid user jdg from 14.29.215.5 port 43189 ssh2 Jan 7 20:37:40 toyboy sshd[21508]: Received disconnect from 14.29.215.5: 11: Bye Bye [preauth] Jan 7 20:43:43 toyboy sshd[21972]: Invalid user elasticsearch from 14.29.215.5 Jan 7 20:43:43 toyboy sshd[21972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.215.5 Jan 7 20:43:44 toyboy sshd[21972]: Failed password for invalid user elasticsearch from 14.29.215.5 port 56783 ssh2 Jan 7 20:43:45 toyboy sshd[21972]: Received disconnect from 14.29.215.5: 11: Bye Bye [preauth] Jan 7 20:44:54 toyboy sshd[22037]: Invalid user vyk from 14.29.215.5 Jan 7 20:44:54 toyboy sshd[22037]: pam_unix(sshd:auth): authentication failur........ -------------------------------	2020-01-11 06:59:06
83.194.121.130	attackspam	Honeypot attack, port: 445, PTR: lfbn-ncy-1-27-130.w83-194.abo.wanadoo.fr.	2020-01-11 06:55:46
210.109.111.76	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 06:56:57
107.182.187.34	attackspam	Jan 10 21:58:50 xeon sshd[10292]: Failed password for root from 107.182.187.34 port 36860 ssh2	2020-01-11 07:08:26
1.236.151.31	attackspambots	Jan 10 23:42:32 mout sshd[31797]: Failed password for invalid user qki from 1.236.151.31 port 42278 ssh2 Jan 10 23:47:01 mout sshd[32291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.236.151.31 user=root Jan 10 23:47:04 mout sshd[32291]: Failed password for root from 1.236.151.31 port 51562 ssh2	2020-01-11 07:09:21
198.211.123.183	attackbots	Jan 10 18:48:29 : SSH login attempts with invalid user	2020-01-11 07:23:57
36.74.93.182	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-11 07:19:39

Recently Reported IPs

63.82.233.204	168.86.43.252	125.212.226.54	107.129.104.82
195.189.75.157	1.145.97.163	212.63.11.195	7.203.27.194
106.229.104.65	44.29.46.213	53.68.180.59	80.78.166.234
10.243.72.228	66.181.210.218	85.72.250.162	97.176.114.190
129.52.68.240	140.99.42.183	241.143.222.169	188.61.238.215