IP address

Search at other sites:
.000104.155.122.159159.122.155.104.bc.googleusercontent.com
Shodan(more info)
Passive DNS
Tags: IP in hostname Scanner
IP blacklists
Turris greylist
104.155.122.159 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-03 21:15:00.206000
Was present on blacklist at: 2025-05-10 21:15, 2025-05-11 21:15, 2025-05-12 21:15, 2025-05-13 21:15, 2025-05-14 21:15, 2025-05-15 21:15, 2025-05-16 21:15, 2025-05-17 21:15, 2025-05-18 21:15, 2025-05-22 21:15, 2025-05-24 21:15, 2025-05-26 21:15, 2025-05-30 21:15, 2025-06-01 21:15, 2025-06-03 21:15
Spamhaus XBL CBL
104.155.122.159 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2025-06-19 22:56:30.183000
Was present on blacklist at: 2025-05-15 22:56, 2025-05-22 22:56, 2025-05-29 22:56, 2025-06-05 22:56, 2025-06-12 22:56
AbuseIPDB
104.155.122.159 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-05-30 04:00:00.652000
Was present on blacklist at: 2025-05-22 04:00, 2025-05-23 04:00, 2025-05-26 04:00, 2025-05-30 04:00
CI Army
104.155.122.159 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-06-02 02:50:01.129000
Was present on blacklist at: 2025-05-30 02:50, 2025-05-31 02:50, 2025-06-01 02:50, 2025-06-02 02:50
Warden events (839)
2025-06-02
IntrusionUserCompromise (node.cfb4f7): 3
IntrusionUserCompromise+AttemptExploit (node.06f8e8): 2
2025-06-01
IntrusionUserCompromise+AttemptExploit (node.ce9a39): 1
2025-05-31
IntrusionUserCompromise (node.cfb4f7): 1
2025-05-30
ReconScanning (node.4dc198): 117
ReconScanning (node.368407): 18
2025-05-29
IntrusionUserCompromise (node.cfb4f7): 2
ReconScanning (node.368407): 36
ReconScanning (node.4dc198): 172
2025-05-28
ReconScanning (node.86eb21): 1
2025-05-27
ReconScanning (node.f90c6b): 1
2025-05-26
IntrusionUserCompromise (node.cfb4f7): 5
IntrusionUserCompromise+AttemptExploit (node.06f8e8): 3
IntrusionUserCompromise+AttemptExploit (node.980418): 1
IntrusionUserCompromise+AttemptExploit (node.9f5563): 1
2025-05-25
ReconScanning (node.f90c6b): 1
IntrusionUserCompromise (node.cfb4f7): 9
2025-05-24
ReconScanning (node.86eb21): 1
2025-05-23
IntrusionUserCompromise (node.cfb4f7): 1
2025-05-22
ReconScanning (node.4dc198): 132
ReconScanning (node.368407): 37
2025-05-21
IntrusionUserCompromise (node.cfb4f7): 1
ReconScanning (node.368407): 28
ReconScanning (node.4dc198): 149
2025-05-20
IntrusionUserCompromise (node.cfb4f7): 4
2025-05-18
IntrusionUserCompromise+AttemptExploit (node.06f8e8): 1
IntrusionUserCompromise+AttemptExploit (node.9f5563): 1
2025-05-17
IntrusionUserCompromise (node.cfb4f7): 6
2025-05-16
IntrusionUserCompromise (node.cfb4f7): 7
2025-05-15
ReconScanning (node.86eb21): 1
ReconScanning (node.f90c6b): 1
IntrusionUserCompromise (node.cfb4f7): 1
2025-05-14
IntrusionUserCompromise+AttemptExploit (node.ce9a39): 1
IntrusionUserCompromise (node.cfb4f7): 14
ReconScanning (node.f90c6b): 1
ReconScanning (node.86eb21): 1
2025-05-13
IntrusionUserCompromise+AttemptExploit (node.06f8e8): 3
IntrusionUserCompromise (node.cfb4f7): 15
2025-05-12
IntrusionUserCompromise (node.cfb4f7): 6
2025-05-11
IntrusionUserCompromise (node.cfb4f7): 22
2025-05-10
IntrusionUserCompromise+AttemptExploit (node.9f5563): 1
IntrusionUserCompromise (node.cfb4f7): 22
2025-05-09
IntrusionUserCompromise (node.cfb4f7): 7
2025-05-08
IntrusionUserCompromise+AttemptExploit (node.06f8e8): 1
DShield reports (IP summary, reports)
2025-05-09
Number of reports: 12
Distinct targets: 8
2025-05-10
Number of reports: 11
Distinct targets: 6
2025-05-12
Number of reports: 11
Distinct targets: 6
2025-05-13
Number of reports: 16
Distinct targets: 11
2025-05-16
Number of reports: 60
Distinct targets: 31
2025-05-17
Number of reports: 56
Distinct targets: 31
2025-05-21
Number of reports: 231
Distinct targets: 139
2025-05-22
Number of reports: 178
Distinct targets: 136
2025-05-23
Number of reports: 22
Distinct targets: 15
2025-05-25
Number of reports: 11
Distinct targets: 11
2025-05-26
Number of reports: 12
Distinct targets: 6
2025-05-29
Number of reports: 222
Distinct targets: 183
2025-05-30
Number of reports: 156
Distinct targets: 124
OTX pulses
[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot
Author name:georgengelmann
Pulse modified:2025-06-09 11:43:03.595000
Indicator created:2025-05-10 14:14:09
Indicator role:bruteforce
Indicator title:VNC intrusion attempt from 159.122.155.104.bc.googleusercontent.com port 51408
Indicator expiration:2025-06-09 14:00:00
Origin AS
AS396982 - GOOGLE-PRIVATE-CLOUD
BGP Prefix
104.155.112.0/20
geo
Belgium, Brussels
🕑 Europe/Brussels
hostname
159.122.155.104.bc.googleusercontent.com
hostname_class
['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database)
104.154.0.0 - 104.155.255.255
last_activity
2025-06-09 12:00:50.626000
last_warden_event
2025-06-02 12:39:16.287000
rep
0.0
reserved_range
0
ts_added
2025-05-08 22:56:21.915000
ts_last_update
2025-06-22 22:56:30.221000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses