104.225.154.157

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.225.154.136	attackspambots	104.225.154.136 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 7 09:47:19 server5 sshd[14395]: Failed password for root from 159.65.30.66 port 52024 ssh2 Sep 7 09:48:10 server5 sshd[14902]: Failed password for root from 139.59.10.186 port 40374 ssh2 Sep 7 09:48:08 server5 sshd[14902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.186 user=root Sep 7 09:48:34 server5 sshd[14983]: Failed password for root from 104.225.154.136 port 57664 ssh2 Sep 7 09:47:44 server5 sshd[14853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.78.11.31 user=root Sep 7 09:47:47 server5 sshd[14853]: Failed password for root from 112.78.11.31 port 44208 ssh2 IP Addresses Blocked: 159.65.30.66 (GB/United Kingdom/-) 139.59.10.186 (IN/India/-)	2020-09-08 00:32:16
104.225.154.136	attackspam	$f2bV_matches	2020-09-07 16:01:32
104.225.154.136	attackbotsspam	104.225.154.136 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 6 19:40:18 server2 sshd[30760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.175.97 user=root Sep 6 19:38:56 server2 sshd[29772]: Failed password for root from 35.226.132.241 port 38190 ssh2 Sep 6 19:40:13 server2 sshd[30587]: Failed password for root from 104.225.154.136 port 38658 ssh2 Sep 6 19:39:10 server2 sshd[30124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.45.200 user=root Sep 6 19:39:12 server2 sshd[30124]: Failed password for root from 122.51.45.200 port 48482 ssh2 IP Addresses Blocked: 183.237.175.97 (CN/China/-) 35.226.132.241 (US/United States/-)	2020-09-07 08:23:50
104.225.154.247	attackbotsspam	Invalid user martina from 104.225.154.247 port 41118	2020-09-01 17:00:45
104.225.154.247	attackbots	Invalid user morita from 104.225.154.247 port 55202	2020-08-23 13:46:11
104.225.154.136	attack	Invalid user ebaserdb from 104.225.154.136 port 36980	2020-08-20 05:51:20
104.225.154.136	attackspam	Aug 12 08:33:43 ip106 sshd[6989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.225.154.136 Aug 12 08:33:45 ip106 sshd[6989]: Failed password for invalid user a123 from 104.225.154.136 port 54346 ssh2 ...	2020-08-12 15:02:18
104.225.154.247	attackbotsspam	Failed password for root from 104.225.154.247 port 37698 ssh2	2020-08-07 12:07:36
104.225.154.247	attackbots	Aug 2 08:09:26 ny01 sshd[25269]: Failed password for root from 104.225.154.247 port 54346 ssh2 Aug 2 08:12:04 ny01 sshd[25629]: Failed password for root from 104.225.154.247 port 59440 ssh2	2020-08-02 20:27:05
104.225.154.247	attack	Invalid user somsak from 104.225.154.247 port 37848	2020-07-27 06:31:32
104.225.154.247	attack	Invalid user punit from 104.225.154.247 port 51696	2020-07-18 04:03:19
104.225.154.247	attackbots	"fail2ban match"	2020-06-28 17:59:14
104.225.154.247	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-23 16:29:07

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#



# start

NetRange:       104.225.144.0 - 104.225.159.255
CIDR:           104.225.144.0/20
NetName:        CL-1210
NetHandle:      NET-104-225-144-0-1
Parent:         NET104 (NET-104-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Cluster Logic Inc (CL-1210)
RegDate:        2017-07-20
Updated:        2024-10-15
Comment:        Geofeed https://deploy.sioru.net/geofeed/feed.csv
Comment:        Abuse desk: abuse@sioru.com or https://www.it7.net/contact/
Ref:            https://rdap.arin.net/registry/ip/104.225.144.0


OrgName:        Cluster Logic Inc
OrgId:          CL-1210
Address:        4974 Kingsway Ave
Address:        Suite 668
City:           Burnaby
StateProv:      BC
PostalCode:     V5H 4M9
Country:        CA
RegDate:        2016-10-11
Updated:        2024-11-25
Ref:            https://rdap.arin.net/registry/entity/CL-1210


OrgNOCHandle: NOC12969-ARIN
OrgNOCName:   NOC
OrgNOCPhone:  +1-408-260-5757 
OrgNOCEmail:  arin-noc@sioru.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/NOC12969-ARIN

OrgAbuseHandle: ABUSE3623-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-408-260-5757 
OrgAbuseEmail:  abuse@sioru.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE3623-ARIN

OrgTechHandle: TECHN1201-ARIN
OrgTechName:   Technical Contact
OrgTechPhone:  +1-408-260-5757 
OrgTechEmail:  arin-tech@sioru.com
OrgTechRef:    https://rdap.arin.net/registry/entity/TECHN1201-ARIN

# end


# start

NetRange:       104.225.144.0 - 104.225.159.255
CIDR:           104.225.144.0/20
NetName:        CL-104-225-144-0-20
NetHandle:      NET-104-225-144-0-2
Parent:         CL-1210 (NET-104-225-144-0-1)
NetType:        Reassigned
OriginAS:       
Customer:       IT7 Networks Inc (C06620588)
RegDate:        2017-07-21
Updated:        2017-07-21
Ref:            https://rdap.arin.net/registry/ip/104.225.144.0


CustName:       IT7 Networks Inc
Address:        530 W 6th Street
City:           Los Angeles
StateProv:      CA
PostalCode:     90014
Country:        US
RegDate:        2017-07-20
Updated:        2017-07-20
Ref:            https://rdap.arin.net/registry/entity/C06620588

OrgNOCHandle: NOC12969-ARIN
OrgNOCName:   NOC
OrgNOCPhone:  +1-408-260-5757 
OrgNOCEmail:  arin-noc@sioru.com
OrgNOCRef:    https://rdap.arin.net/registry/entity/NOC12969-ARIN

OrgAbuseHandle: ABUSE3623-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-408-260-5757 
OrgAbuseEmail:  abuse@sioru.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE3623-ARIN

OrgTechHandle: TECHN1201-ARIN
OrgTechName:   Technical Contact
OrgTechPhone:  +1-408-260-5757 
OrgTechEmail:  arin-tech@sioru.com
OrgTechRef:    https://rdap.arin.net/registry/entity/TECHN1201-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.225.154.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28860
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.225.154.157.		IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025100601 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 07 03:51:45 CST 2025
;; MSG SIZE  rcvd: 108

Host info

157.154.225.104.in-addr.arpa domain name pointer 104.225.154.157.16clouds.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
157.154.225.104.in-addr.arpa	name = 104.225.154.157.16clouds.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.218.206.107	attackspambots	11211/tcp 23/tcp 5555/tcp... [2020-04-20/06-19]32pkt,13pt.(tcp),2pt.(udp)	2020-06-20 05:17:31
86.45.85.59	attackspambots	Jun 19 22:40:49 ns382633 sshd\[13428\]: Invalid user panther from 86.45.85.59 port 52690 Jun 19 22:40:49 ns382633 sshd\[13428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.45.85.59 Jun 19 22:40:51 ns382633 sshd\[13428\]: Failed password for invalid user panther from 86.45.85.59 port 52690 ssh2 Jun 19 22:50:27 ns382633 sshd\[15057\]: Invalid user lzy from 86.45.85.59 port 54370 Jun 19 22:50:27 ns382633 sshd\[15057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.45.85.59	2020-06-20 05:20:41
47.50.246.114	attackbots	Jun 19 22:58:48 vps687878 sshd\[1623\]: Failed password for nagios from 47.50.246.114 port 34590 ssh2 Jun 19 23:02:10 vps687878 sshd\[2025\]: Invalid user administrator from 47.50.246.114 port 34506 Jun 19 23:02:10 vps687878 sshd\[2025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.50.246.114 Jun 19 23:02:12 vps687878 sshd\[2025\]: Failed password for invalid user administrator from 47.50.246.114 port 34506 ssh2 Jun 19 23:05:33 vps687878 sshd\[2287\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.50.246.114 user=root ...	2020-06-20 05:07:43
74.82.47.32	attackspam	5555/tcp 5900/tcp 631/tcp... [2020-04-22/06-19]34pkt,14pt.(tcp),1pt.(udp)	2020-06-20 05:23:56
180.76.103.27	attackspambots	Jun 19 22:25:28 dev0-dcde-rnet sshd[30331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.103.27 Jun 19 22:25:30 dev0-dcde-rnet sshd[30331]: Failed password for invalid user stuser from 180.76.103.27 port 46246 ssh2 Jun 19 22:39:41 dev0-dcde-rnet sshd[30533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.103.27	2020-06-20 05:05:45
74.82.47.27	attack	4786/tcp 8443/tcp 7547/tcp... [2020-04-21/06-19]33pkt,13pt.(tcp),2pt.(udp)	2020-06-20 05:22:15
222.186.175.154	attack	Jun 19 23:20:23 * sshd[16804]: Failed password for root from 222.186.175.154 port 54976 ssh2 Jun 19 23:20:35 * sshd[16804]: error: maximum authentication attempts exceeded for root from 222.186.175.154 port 54976 ssh2 [preauth]	2020-06-20 05:24:16
183.88.5.138	attackspambots	1592599178 - 06/19/2020 22:39:38 Host: 183.88.5.138/183.88.5.138 Port: 445 TCP Blocked	2020-06-20 05:09:01
184.105.139.112	attackbots	firewall-block, port(s): 30005/tcp	2020-06-20 05:11:29
139.255.35.181	attackbots	Invalid user tir from 139.255.35.181 port 35144	2020-06-20 05:26:52
74.82.47.15	attackspambots	27017/tcp 389/tcp 8443/tcp... [2020-04-21/06-19]42pkt,13pt.(tcp),2pt.(udp)	2020-06-20 05:30:57
85.209.0.103	attackspambots	Failed password for invalid user from 85.209.0.103 port 43770 ssh2	2020-06-20 05:25:52
110.189.108.29	attackspambots	Port scan on 2 port(s): 22 1433	2020-06-20 05:32:45
106.75.61.203	attack	500/tcp 503/tcp 502/tcp... [2020-04-22/06-19]74pkt,14pt.(tcp)	2020-06-20 05:00:54
218.78.54.80	attackbots	22009/tcp 23779/tcp 25504/tcp... [2020-04-20/06-19]17pkt,15pt.(tcp)	2020-06-20 05:06:56

Recently Reported IPs

156.245.145.10	154.216.177.108	54.167.17.103	23.218.62.190
34.105.187.163	59.34.28.215	89.187.187.72	27.207.46.241
23.94.20.102	141.145.148.117	183.7.17.206	175.27.164.113
185.189.225.158	42.236.101.228	128.203.200.49	199.167.138.119
188.177.8.184	178.246.1.99	104.248.79.25	183.200.213.183