172.245.154.19

Basic Info

City: Buffalo

Region: New York

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
172.245.154.135	attackspambots	Port scan detected on ports: 8080[TCP], 8080[TCP], 8080[TCP]	2020-09-14 20:47:14
172.245.154.135	attackspambots	TCP (SYN) 172.245.154.135:28437 -> port 8080, len 40	2020-09-14 12:40:06
172.245.154.135	attackbotsspam	TCP (SYN) 172.245.154.135:43236 -> port 8080, len 40	2020-09-14 04:41:42
172.245.154.128	attack	RDP Brute-Force (Grieskirchen RZ1)	2019-12-16 13:05:49

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



# start

NetRange:       172.245.0.0 - 172.245.255.255
CIDR:           172.245.0.0/16
NetName:        CC-14
NetHandle:      NET-172-245-0-0-1
Parent:         NET172 (NET-172-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   HostPapa (HOSTP-7)
RegDate:        2013-04-22
Updated:        2024-02-02
Comment:        Geofeed https://geofeeds.oniaas.io/geofeeds.csv
Ref:            https://rdap.arin.net/registry/ip/172.245.0.0



OrgName:        HostPapa
OrgId:          HOSTP-7
Address:        325 Delaware Avenue
Address:        Suite 300
City:           Buffalo
StateProv:      NY
PostalCode:     14202
Country:        US
RegDate:        2016-06-06
Updated:        2025-10-05
Ref:            https://rdap.arin.net/registry/entity/HOSTP-7


OrgAbuseHandle: NETAB23-ARIN
OrgAbuseName:   NETABUSE
OrgAbusePhone:  +1-905-315-3455 
OrgAbuseEmail:  net-abuse-global@hostpapa.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/NETAB23-ARIN

OrgTechHandle: NETTE9-ARIN
OrgTechName:   NETTECH
OrgTechPhone:  +1-905-315-3455 
OrgTechEmail:  net-tech-global@hostpapa.com
OrgTechRef:    https://rdap.arin.net/registry/entity/NETTE9-ARIN

RAbuseHandle: NETAB27-ARIN
RAbuseName:   NETABUSE-COLOCROSSING
RAbusePhone:  +1-800-518-9716 
RAbuseEmail:  abuse@colocrossing.com
RAbuseRef:    https://rdap.arin.net/registry/entity/NETAB27-ARIN

RTechHandle: NETTE11-ARIN
RTechName:   NETTECH-COLOCROSSING
RTechPhone:  +1-800-518-9716 
RTechEmail:  support@colocrossing.com
RTechRef:    https://rdap.arin.net/registry/entity/NETTE11-ARIN

# end


# start

NetRange:       172.245.154.0 - 172.245.154.255
CIDR:           172.245.154.0/24
NetName:        CC-172-245-154-0-24
NetHandle:      NET-172-245-154-0-1
Parent:         CC-14 (NET-172-245-0-0-1)
NetType:        Reassigned
OriginAS:       
Organization:   RackNerd LLC (RL-872)
RegDate:        2023-03-02
Updated:        2023-03-02
Ref:            https://rdap.arin.net/registry/ip/172.245.154.0


OrgName:        RackNerd LLC
OrgId:          RL-872
Address:        10602 N. Trademark Pkwy Suite 511
City:           Rancho Cucamonga
StateProv:      CA
PostalCode:     91730
Country:        US
RegDate:        2021-10-20
Updated:        2022-03-02
Comment:        https://www.racknerd.com
Comment:        Support is available 24x7 at support@racknerd.com
Comment:        Report abuse to: reportabuse@racknerd.com
Ref:            https://rdap.arin.net/registry/entity/RL-872


OrgAbuseHandle: RAD128-ARIN
OrgAbuseName:   RackNerd Abuse Department
OrgAbusePhone:  +1-888-881-6373 
OrgAbuseEmail:  reportabuse@racknerd.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/RAD128-ARIN

OrgTechHandle: RACKN3-ARIN
OrgTechName:   RackNerd NOC
OrgTechPhone:  +1-888-881-6373 
OrgTechEmail:  support@racknerd.com
OrgTechRef:    https://rdap.arin.net/registry/entity/RACKN3-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.245.154.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35918
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.245.154.19.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026042802 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 29 14:33:38 CST 2026
;; MSG SIZE  rcvd: 107

Host info

19.154.245.172.in-addr.arpa domain name pointer 172-245-154-19-host.colocrossing.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
19.154.245.172.in-addr.arpa	name = 172-245-154-19-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.200.50	attackspam	Sep 29 22:32:49 gw1 sshd[10431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.200.50 Sep 29 22:32:51 gw1 sshd[10431]: Failed password for invalid user shaharyar from 106.13.200.50 port 54594 ssh2 ...	2019-09-30 01:33:44
94.191.50.114	attack	Sep 29 22:15:49 areeb-Workstation sshd[18722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.50.114 Sep 29 22:15:51 areeb-Workstation sshd[18722]: Failed password for invalid user elasticsearch from 94.191.50.114 port 42948 ssh2 ...	2019-09-30 01:05:34
106.52.230.77	attackspambots	Sep 29 14:04:40 ns41 sshd[29588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.230.77	2019-09-30 01:08:19
162.13.137.98	attackspambots	Sep 28 01:18:50 xb3 sshd[18595]: Failed password for invalid user samuel from 162.13.137.98 port 50216 ssh2 Sep 28 01:18:50 xb3 sshd[18595]: Received disconnect from 162.13.137.98: 11: Bye Bye [preauth] Sep 28 01:25:13 xb3 sshd[3966]: Failed password for invalid user yash from 162.13.137.98 port 52214 ssh2 Sep 28 01:25:13 xb3 sshd[3966]: Received disconnect from 162.13.137.98: 11: Bye Bye [preauth] Sep 28 01:28:57 xb3 sshd[18910]: Failed password for invalid user josefina from 162.13.137.98 port 38534 ssh2 Sep 28 01:28:57 xb3 sshd[18910]: Received disconnect from 162.13.137.98: 11: Bye Bye [preauth] Sep 28 01:32:31 xb3 sshd[16411]: Failed password for invalid user ubuntu123 from 162.13.137.98 port 52918 ssh2 Sep 28 01:32:31 xb3 sshd[16411]: Received disconnect from 162.13.137.98: 11: Bye Bye [preauth] Sep 28 01:36:17 xb3 sshd[14289]: Failed password for invalid user ps from 162.13.137.98 port 39160 ssh2 Sep 28 01:36:17 xb3 sshd[14289]: Received disconnect from 162.13.13........ -------------------------------	2019-09-30 01:11:18
129.146.168.196	attack	$f2bV_matches	2019-09-30 00:54:50
85.31.209.101	attackspam	22/tcp 22/tcp [2019-09-29]2pkt	2019-09-30 01:12:09
223.111.184.10	attackspam	Sep 29 02:01:14 sachi sshd\[8206\]: Invalid user maui from 223.111.184.10 Sep 29 02:01:14 sachi sshd\[8206\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.184.10 Sep 29 02:01:16 sachi sshd\[8206\]: Failed password for invalid user maui from 223.111.184.10 port 58922 ssh2 Sep 29 02:04:39 sachi sshd\[8481\]: Invalid user lenny from 223.111.184.10 Sep 29 02:04:39 sachi sshd\[8481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.111.184.10	2019-09-30 01:08:52
118.36.234.144	attackspambots	Lines containing failures of 118.36.234.144 Sep 27 10:31:55 myhost sshd[6583]: Invalid user ubnt from 118.36.234.144 port 48288 Sep 27 10:31:55 myhost sshd[6583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.234.144 Sep 27 10:31:57 myhost sshd[6583]: Failed password for invalid user ubnt from 118.36.234.144 port 48288 ssh2 Sep 27 10:31:57 myhost sshd[6583]: Received disconnect from 118.36.234.144 port 48288:11: Bye Bye [preauth] Sep 27 10:31:57 myhost sshd[6583]: Disconnected from invalid user ubnt 118.36.234.144 port 48288 [preauth] Sep 27 11:38:16 myhost sshd[7303]: Invalid user ines from 118.36.234.144 port 53904 Sep 27 11:38:16 myhost sshd[7303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.36.234.144 Sep 27 11:38:19 myhost sshd[7303]: Failed password for invalid user ines from 118.36.234.144 port 53904 ssh2 Sep 27 11:38:19 myhost sshd[7303]: Received disconnect from 118......... ------------------------------	2019-09-30 01:00:51
45.12.4.126	attack	𝖦𝖾𝖿𝖾𝗅𝗂𝖼𝗂𝗍𝖾𝖾𝗋𝖽, 𝗃𝖾 𝖻𝖾𝗇𝗍 𝖾𝖾𝗇 𝖿𝗂𝗇𝖺𝗅𝗂𝗌𝗍 𝖺𝗅𝗌 𝗃𝖾 𝖻𝖾𝗏𝖾𝗌𝗍𝗂𝗀𝗍 !	2019-09-30 01:32:02
86.125.35.209	attackspam	Automatic report - Port Scan Attack	2019-09-30 00:56:27
1.54.77.54	attack	(Sep 29) LEN=40 TTL=47 ID=55915 TCP DPT=8080 WINDOW=47021 SYN (Sep 29) LEN=40 TTL=47 ID=64899 TCP DPT=8080 WINDOW=26668 SYN (Sep 29) LEN=40 TTL=47 ID=10546 TCP DPT=8080 WINDOW=5701 SYN (Sep 28) LEN=40 TTL=47 ID=17706 TCP DPT=8080 WINDOW=5701 SYN (Sep 28) LEN=40 TTL=47 ID=31635 TCP DPT=8080 WINDOW=26668 SYN (Sep 28) LEN=40 TTL=47 ID=46513 TCP DPT=8080 WINDOW=47021 SYN (Sep 27) LEN=40 TTL=47 ID=50310 TCP DPT=8080 WINDOW=5701 SYN (Sep 27) LEN=40 TTL=47 ID=27416 TCP DPT=8080 WINDOW=5701 SYN (Sep 26) LEN=40 TTL=47 ID=59744 TCP DPT=8080 WINDOW=47021 SYN (Sep 26) LEN=40 TTL=47 ID=5011 TCP DPT=8080 WINDOW=47021 SYN (Sep 25) LEN=40 TTL=50 ID=43420 TCP DPT=8080 WINDOW=5701 SYN (Sep 25) LEN=40 TTL=50 ID=24590 TCP DPT=8080 WINDOW=26668 SYN (Sep 25) LEN=40 TTL=50 ID=15497 TCP DPT=8080 WINDOW=47021 SYN (Sep 25) LEN=40 TTL=47 ID=61224 TCP DPT=8080 WINDOW=5701 SYN (Sep 25) LEN=40 TTL=47 ID=65068 TCP DPT=8080 WINDOW=5701 SYN (Sep 25) LEN=40 TTL=47 ID=14686...	2019-09-30 01:03:46
178.62.237.38	attackspam	2019-09-29T14:09:11.530443hub.schaetter.us sshd\[25852\]: Invalid user rdp from 178.62.237.38 port 33776 2019-09-29T14:09:11.539131hub.schaetter.us sshd\[25852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=matteosistisette.com 2019-09-29T14:09:13.670161hub.schaetter.us sshd\[25852\]: Failed password for invalid user rdp from 178.62.237.38 port 33776 ssh2 2019-09-29T14:13:14.879227hub.schaetter.us sshd\[25876\]: Invalid user cvsroot from 178.62.237.38 port 53933 2019-09-29T14:13:14.887257hub.schaetter.us sshd\[25876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=matteosistisette.com ...	2019-09-30 01:25:28
125.227.189.224	attackspambots	445/tcp 445/tcp 445/tcp... [2019-09-14/28]7pkt,1pt.(tcp)	2019-09-30 00:49:56
172.68.74.28	attackspam	8443/tcp 8080/tcp... [2019-07-31/09-27]15pkt,2pt.(tcp)	2019-09-30 01:10:53
183.6.155.108	attackbotsspam	"Fail2Ban detected SSH brute force attempt"	2019-09-30 01:10:38

Recently Reported IPs

2606:4700:10::6814:7277	2606:4700:10::ac43:2261	52.37.127.67	174.204.206.15
120.229.109.71	86.54.25.199	2606:4700:10::ac43:2836	2606:4700:10::6816:3616
223.104.123.228	36.103.200.210	45.197.12.121	93.179.101.155
43.153.208.49	34.62.187.246	2606:4700:10::6816:1625	121.234.219.199
2606:4700:10::6814:8349	131.103.141.18	69.3.235.157	49.7.235.5