104.131.22.150

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 104.131.22.150 to port 2220 [J]	2020-01-25 02:49:31
attackspam	Unauthorized connection attempt detected from IP address 104.131.22.150 to port 2220 [J]	2020-01-21 04:40:11
attackbots	Unauthorized connection attempt detected from IP address 104.131.22.150 to port 2220 [J]	2020-01-12 22:14:47
attackbotsspam	Jan 11 08:51:37 ns381471 sshd[28210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.22.150 Jan 11 08:51:39 ns381471 sshd[28210]: Failed password for invalid user kxi from 104.131.22.150 port 42076 ssh2	2020-01-11 20:37:05

Comments on same subnet:

IP	Type	Details	Datetime
104.131.22.18	attackbotsspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 02:55:40
104.131.22.18	attackspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 18:53:43
104.131.22.18	attack	digital ocean sponsor and attack. YAY! Jail. 104.131.22.18 - - [11/Aug/2020:12:04:27 -0400] "GET /wp-login.php HTTP/1.1" 404 809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0 0 "off:-:-" 197 1499	2020-08-12 03:17:00
104.131.221.38	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-19 20:30:57
104.131.221.118	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 22:45:52
104.131.221.197	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 21:18:48
104.131.222.45	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-13 19:11:03
104.131.221.38	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-10 23:34:18
104.131.224.81	attackspam	detected by Fail2Ban	2020-04-05 18:52:23
104.131.224.81	attack	Mar 31 01:06:53 ns381471 sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Mar 31 01:06:55 ns381471 sshd[30702]: Failed password for invalid user wo from 104.131.224.81 port 41894 ssh2	2020-03-31 07:36:23
104.131.224.81	attack	Mar 30 01:01:26 vps647732 sshd[29167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Mar 30 01:01:28 vps647732 sshd[29167]: Failed password for invalid user hkcfpsmtp from 104.131.224.81 port 57981 ssh2 ...	2020-03-30 07:23:36
104.131.221.236	attackbots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-26 23:10:31
104.131.224.81	attackspambots	SSH login attempts @ 2020-03-17 22:46:26	2020-03-22 03:34:20
104.131.221.208	attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-17 02:27:41
104.131.223.156	attackspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-12 01:48:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.22.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49686
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.22.150.			IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011002 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 20:36:59 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 150.22.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 150.22.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.201.145	attack	11/22/2019-07:28:43.038391 159.203.201.145 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-22 15:33:47
36.72.212.44	attackspam	Automatic report - XMLRPC Attack	2019-11-22 15:48:10
61.48.192.222	attackbotsspam	Telnet Server BruteForce Attack	2019-11-22 15:46:32
122.224.214.18	attackspambots	Nov 22 07:29:17 icinga sshd[13250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.214.18 Nov 22 07:29:19 icinga sshd[13250]: Failed password for invalid user hamster from 122.224.214.18 port 60280 ssh2 ...	2019-11-22 15:15:32
182.61.15.70	attackbotsspam	F2B jail: sshd. Time: 2019-11-22 08:03:59, Reported by: VKReport	2019-11-22 15:20:14
221.181.24.246	attackspambots	F2B jail: sshd. Time: 2019-11-22 08:23:35, Reported by: VKReport	2019-11-22 15:33:13
203.151.43.167	attack	2019-11-22T07:24:17.403307struts4.enskede.local sshd\[7143\]: Invalid user anderson from 203.151.43.167 port 59538 2019-11-22T07:24:17.411846struts4.enskede.local sshd\[7143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.151.43.167 2019-11-22T07:24:20.949830struts4.enskede.local sshd\[7143\]: Failed password for invalid user anderson from 203.151.43.167 port 59538 ssh2 2019-11-22T07:28:14.539750struts4.enskede.local sshd\[7163\]: Invalid user carme from 203.151.43.167 port 39386 2019-11-22T07:28:14.547735struts4.enskede.local sshd\[7163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.151.43.167 ...	2019-11-22 15:17:01
54.36.189.105	attack	Nov 22 06:29:02 web8 sshd\[7113\]: Invalid user user from 54.36.189.105 Nov 22 06:29:02 web8 sshd\[7113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.189.105 Nov 22 06:29:04 web8 sshd\[7113\]: Failed password for invalid user user from 54.36.189.105 port 42266 ssh2 Nov 22 06:29:07 web8 sshd\[7113\]: Failed password for invalid user user from 54.36.189.105 port 42266 ssh2 Nov 22 06:29:10 web8 sshd\[7113\]: Failed password for invalid user user from 54.36.189.105 port 42266 ssh2	2019-11-22 15:21:35
69.131.84.33	attackbotsspam	Nov 22 07:22:09 ns382633 sshd\[10386\]: Invalid user kare from 69.131.84.33 port 52600 Nov 22 07:22:09 ns382633 sshd\[10386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.131.84.33 Nov 22 07:22:11 ns382633 sshd\[10386\]: Failed password for invalid user kare from 69.131.84.33 port 52600 ssh2 Nov 22 07:29:15 ns382633 sshd\[11495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.131.84.33 user=root Nov 22 07:29:17 ns382633 sshd\[11495\]: Failed password for root from 69.131.84.33 port 51692 ssh2	2019-11-22 15:17:26
118.44.105.123	attack	Unauthorized access or intrusion attempt detected from Bifur banned IP	2019-11-22 15:36:18
160.3.232.130	attack	Automatic report - Port Scan Attack	2019-11-22 15:49:41
42.112.6.211	attackspambots	Unauthorised access (Nov 22) SRC=42.112.6.211 LEN=60 TTL=110 ID=15308 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 22) SRC=42.112.6.211 LEN=60 TTL=110 ID=24798 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-22 15:16:23
35.230.91.250	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-11-22 15:40:20
218.161.81.55	attack	port scan and connect, tcp 81 (hosts2-ns)	2019-11-22 15:23:19
180.167.137.103	attackspambots	Nov 22 09:05:09 server sshd\[32701\]: Invalid user menig from 180.167.137.103 port 49575 Nov 22 09:05:09 server sshd\[32701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.137.103 Nov 22 09:05:11 server sshd\[32701\]: Failed password for invalid user menig from 180.167.137.103 port 49575 ssh2 Nov 22 09:09:23 server sshd\[30445\]: Invalid user fiann from 180.167.137.103 port 44516 Nov 22 09:09:23 server sshd\[30445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.137.103	2019-11-22 15:25:21

Recently Reported IPs

63.82.233.204	168.86.43.252	125.212.226.54	107.129.104.82
195.189.75.157	1.145.97.163	212.63.11.195	7.203.27.194
106.229.104.65	44.29.46.213	53.68.180.59	80.78.166.234
10.243.72.228	66.181.210.218	85.72.250.162	97.176.114.190
129.52.68.240	140.99.42.183	241.143.222.169	188.61.238.215