104.152.52.237

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Scan port	2023-09-07 12:34:09
attack	Scan port	2023-09-07 12:33:55

Comments on same subnet:

IP	Type	Details	Datetime
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.237
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51844
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.152.52.237.			IN	A

;; AUTHORITY SECTION:
.			162	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023090601 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 07 12:33:54 CST 2023
;; MSG SIZE  rcvd: 107

Host info

237.52.152.104.in-addr.arpa domain name pointer internettl.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
237.52.152.104.in-addr.arpa	name = internettl.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.160.45	attackspam	Unauthorised access (Aug 16) SRC=92.118.160.45 LEN=44 TTL=243 ID=65022 TCP DPT=139 WINDOW=1024 SYN	2019-08-16 07:21:59
92.118.37.74	attackspambots	Aug 16 00:35:30 h2177944 kernel: \[4232241.918521\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=39012 PROTO=TCP SPT=46525 DPT=55428 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:36:12 h2177944 kernel: \[4232283.265607\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=33227 PROTO=TCP SPT=46525 DPT=11784 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:39:07 h2177944 kernel: \[4232458.119892\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=60196 PROTO=TCP SPT=46525 DPT=55772 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:40:23 h2177944 kernel: \[4232534.609295\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=8591 PROTO=TCP SPT=46525 DPT=57955 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 16 00:44:41 h2177944 kernel: \[4232792.515087\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.118.37.74 DST=85.214.117.9 L	2019-08-16 07:10:12
165.227.154.59	attackbotsspam	Aug 15 13:25:22 wbs sshd\[18738\]: Invalid user tucker from 165.227.154.59 Aug 15 13:25:22 wbs sshd\[18738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.154.59 Aug 15 13:25:24 wbs sshd\[18738\]: Failed password for invalid user tucker from 165.227.154.59 port 48476 ssh2 Aug 15 13:29:31 wbs sshd\[19471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.154.59 user=root Aug 15 13:29:34 wbs sshd\[19471\]: Failed password for root from 165.227.154.59 port 40374 ssh2	2019-08-16 07:34:46
111.241.69.88	attackbotsspam	23/tcp [2019-08-15]1pkt	2019-08-16 06:59:49
207.154.243.255	attack	Jul 1 05:20:02 vtv3 sshd\[24187\]: Invalid user monitoring from 207.154.243.255 port 60556 Jul 1 05:20:02 vtv3 sshd\[24187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 Jul 1 05:20:04 vtv3 sshd\[24187\]: Failed password for invalid user monitoring from 207.154.243.255 port 60556 ssh2 Jul 1 05:22:00 vtv3 sshd\[25335\]: Invalid user ehasco from 207.154.243.255 port 55802 Jul 1 05:22:00 vtv3 sshd\[25335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 Jul 1 05:32:57 vtv3 sshd\[30837\]: Invalid user test from 207.154.243.255 port 49668 Jul 1 05:32:57 vtv3 sshd\[30837\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.243.255 Jul 1 05:32:59 vtv3 sshd\[30837\]: Failed password for invalid user test from 207.154.243.255 port 49668 ssh2 Jul 1 05:34:25 vtv3 sshd\[31424\]: Invalid user murai from 207.154.243.255 port 38314 Jul 1 05:34:2	2019-08-16 07:25:07
190.88.212.34	attack	5431/tcp [2019-08-15]1pkt	2019-08-16 07:24:15
164.132.62.233	attackbotsspam	2019-08-15T23:03:49.116723abusebot-2.cloudsearch.cf sshd\[28734\]: Invalid user rq from 164.132.62.233 port 46062	2019-08-16 07:18:23
36.89.225.63	attackbotsspam	445/tcp 445/tcp [2019-08-15]2pkt	2019-08-16 06:55:07
114.41.14.60	attackbotsspam	23/tcp 23/tcp [2019-08-15]2pkt	2019-08-16 07:14:40
128.14.136.158	attack	2019-08-15T22:45:11.267285abusebot.cloudsearch.cf sshd\[9324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.14.136.158 user=root	2019-08-16 07:15:13
61.161.237.38	attack	Aug 15 11:16:31 wbs sshd\[6599\]: Invalid user ice from 61.161.237.38 Aug 15 11:16:31 wbs sshd\[6599\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.161.237.38 Aug 15 11:16:33 wbs sshd\[6599\]: Failed password for invalid user ice from 61.161.237.38 port 40454 ssh2 Aug 15 11:19:33 wbs sshd\[6856\]: Invalid user itk from 61.161.237.38 Aug 15 11:19:33 wbs sshd\[6856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.161.237.38	2019-08-16 06:52:15
51.158.74.14	attackspam	Aug 15 12:36:09 tdfoods sshd\[5646\]: Invalid user al from 51.158.74.14 Aug 15 12:36:09 tdfoods sshd\[5646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.74.14 Aug 15 12:36:12 tdfoods sshd\[5646\]: Failed password for invalid user al from 51.158.74.14 port 51786 ssh2 Aug 15 12:40:45 tdfoods sshd\[6155\]: Invalid user git from 51.158.74.14 Aug 15 12:40:45 tdfoods sshd\[6155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.74.14	2019-08-16 06:54:47
181.62.255.67	attackbots	445/tcp 445/tcp 445/tcp [2019-08-15]3pkt	2019-08-16 07:08:36
120.14.164.90	attackspambots	23/tcp [2019-08-15]1pkt	2019-08-16 07:05:00
170.83.155.210	attackspam	Aug 16 01:31:03 vps647732 sshd[11035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.83.155.210 Aug 16 01:31:05 vps647732 sshd[11035]: Failed password for invalid user rishi from 170.83.155.210 port 52150 ssh2 ...	2019-08-16 07:31:27

Recently Reported IPs

39.165.241.75	1.145.166.94	84.54.51.149	114.101.84.48
199.192.29.17	114.219.251.137	167.172.106.14	111.36.106.236
112.12.214.86	13.196.240.101	116.162.171.251	113.195.56.145
180.122.46.196	114.103.99.94	223.88.63.120	122.239.249.116
245.129.212.111	224.117.231.228	0.202.199.147	36.153.137.74