104.152.52.215

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port scan	2024-03-11 13:46:24

Comments on same subnet:

IP	Type	Details	Datetime
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.215
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10050
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.152.52.215.			IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023052900 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 29 20:16:11 CST 2023
;; MSG SIZE  rcvd: 107

Host info

215.52.152.104.in-addr.arpa domain name pointer internettl.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
215.52.152.104.in-addr.arpa	name = internettl.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.164.48.84	attackbots	Jun 29 00:43:11 localhost sshd\[21988\]: Invalid user admin from 112.164.48.84 port 33884 Jun 29 00:43:12 localhost sshd\[21988\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.164.48.84 ...	2019-06-29 15:53:11
210.211.99.243	attack	2019-06-29T09:15:12.243450test01.cajus.name sshd\[23659\]: Invalid user zimbra from 210.211.99.243 port 38172 2019-06-29T09:15:12.268395test01.cajus.name sshd\[23659\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.211.99.243 2019-06-29T09:15:14.609469test01.cajus.name sshd\[23659\]: Failed password for invalid user zimbra from 210.211.99.243 port 38172 ssh2	2019-06-29 15:48:34
186.37.115.25	attackspam	SSH Brute Force, server-1 sshd[6679]: Failed password for invalid user hekz from 186.37.115.25 port 55814 ssh2	2019-06-29 15:46:28
218.92.0.195	attack	Jun 29 05:54:17 vmi181237 sshd\[21964\]: refused connect from 218.92.0.195 \(218.92.0.195\) Jun 29 05:56:17 vmi181237 sshd\[21984\]: refused connect from 218.92.0.195 \(218.92.0.195\) Jun 29 05:58:17 vmi181237 sshd\[22001\]: refused connect from 218.92.0.195 \(218.92.0.195\) Jun 29 06:00:05 vmi181237 sshd\[22031\]: refused connect from 218.92.0.195 \(218.92.0.195\) Jun 29 06:01:41 vmi181237 sshd\[22045\]: refused connect from 218.92.0.195 \(218.92.0.195\)	2019-06-29 15:51:48
173.239.37.159	attackspambots	Jun 28 23:03:48 ip-172-31-62-245 sshd\[8759\]: Invalid user nas from 173.239.37.159\ Jun 28 23:03:50 ip-172-31-62-245 sshd\[8759\]: Failed password for invalid user nas from 173.239.37.159 port 57012 ssh2\ Jun 28 23:06:59 ip-172-31-62-245 sshd\[8777\]: Invalid user smon from 173.239.37.159\ Jun 28 23:07:02 ip-172-31-62-245 sshd\[8777\]: Failed password for invalid user smon from 173.239.37.159 port 39596 ssh2\ Jun 28 23:08:28 ip-172-31-62-245 sshd\[8779\]: Invalid user fo from 173.239.37.159\	2019-06-29 15:19:32
109.228.109.178	attackbotsspam	Jun 28 23:01:13 sanyalnet-cloud-vps3 sshd[17709]: Connection from 109.228.109.178 port 41098 on 45.62.248.66 port 22 Jun 28 23:01:14 sanyalnet-cloud-vps3 sshd[17709]: Address 109.228.109.178 maps to adsl-109-228-l11698.crnagora.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 28 23:01:14 sanyalnet-cloud-vps3 sshd[17709]: Invalid user admin from 109.228.109.178 Jun 28 23:01:14 sanyalnet-cloud-vps3 sshd[17709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.228.109.178 Jun 28 23:01:16 sanyalnet-cloud-vps3 sshd[17709]: Failed password for invalid user admin from 109.228.109.178 port 41098 ssh2 Jun 28 23:01:17 sanyalnet-cloud-vps3 sshd[17709]: Failed password for invalid user admin from 109.228.109.178 port 41098 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=109.228.109.178	2019-06-29 15:34:34
59.55.44.27	attackspambots	2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.55.44.27	2019-06-29 15:56:22
77.247.110.151	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-06-29 15:10:29
159.203.111.100	attack	Jun 29 03:00:39 MK-Soft-VM5 sshd\[19583\]: Invalid user animaux from 159.203.111.100 port 50136 Jun 29 03:00:39 MK-Soft-VM5 sshd\[19583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.111.100 Jun 29 03:00:42 MK-Soft-VM5 sshd\[19583\]: Failed password for invalid user animaux from 159.203.111.100 port 50136 ssh2 ...	2019-06-29 15:11:15
121.202.28.73	attackbots	" "	2019-06-29 15:57:11
113.172.22.123	attackbotsspam	Jun 29 01:12:34 master sshd[22283]: Failed password for invalid user admin from 113.172.22.123 port 54043 ssh2	2019-06-29 15:31:37
112.14.32.207	attackspambots	Jun 7 09:37:58 mercury auth[27085]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=josh@learnargentinianspanish.com rhost=112.14.32.207 ...	2019-06-29 15:33:27
183.89.82.33	attack	Jun 29 00:57:38 master sshd[22263]: Failed password for invalid user admin from 183.89.82.33 port 33747 ssh2	2019-06-29 15:28:41
91.98.28.90	attackbots	Unauthorised access (Jun 29) SRC=91.98.28.90 LEN=40 PREC=0x20 TTL=240 ID=49175 TCP DPT=445 WINDOW=1024 SYN	2019-06-29 15:07:27
201.216.193.65	attack	Jun 29 08:06:16 mail sshd\[16935\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.216.193.65 user=root Jun 29 08:06:18 mail sshd\[16935\]: Failed password for root from 201.216.193.65 port 43443 ssh2 ...	2019-06-29 15:51:25

Recently Reported IPs

18.130.19.70	212.58.76.121	210.140.225.108	27.0.62.154
165.227.188.42	60.235.32.166	36.248.99.14	81.240.160.48
45.82.243.90	1.10.252.240	8.113.64.85	117.180.184.233
220.119.221.65	122.43.154.15	210.182.93.70	220.132.20.25
84.253.57.206	136.72.219.204	125.130.2.206	209.171.85.173