104.152.52.243

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
botsattackproxy	Bot attacker IP	2024-05-16 18:15:14
attack	Scan port	2024-01-11 13:53:36
attack	Scan port	2023-10-18 12:49:41

Comments on same subnet:

IP	Type	Details	Datetime
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.243
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28831
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.152.52.243.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023101703 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 18 12:49:38 CST 2023
;; MSG SIZE  rcvd: 107

Host info

243.52.152.104.in-addr.arpa domain name pointer internettl.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
243.52.152.104.in-addr.arpa	name = internettl.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.207.29.72	attack	$f2bV_matches	2020-09-02 18:55:49
222.186.180.8	attackbotsspam	2020-09-02T12:46:58.128284vps773228.ovh.net sshd[18561]: Failed password for root from 222.186.180.8 port 35072 ssh2 2020-09-02T12:47:01.256080vps773228.ovh.net sshd[18561]: Failed password for root from 222.186.180.8 port 35072 ssh2 2020-09-02T12:47:04.466584vps773228.ovh.net sshd[18561]: Failed password for root from 222.186.180.8 port 35072 ssh2 2020-09-02T12:47:07.764073vps773228.ovh.net sshd[18561]: Failed password for root from 222.186.180.8 port 35072 ssh2 2020-09-02T12:47:11.419696vps773228.ovh.net sshd[18561]: Failed password for root from 222.186.180.8 port 35072 ssh2 ...	2020-09-02 18:58:12
59.110.69.62	attackspambots	TCP (SYN) 59.110.69.62:23831 -> port 23, len 44	2020-09-02 18:52:02
67.207.94.180	attack	(sshd) Failed SSH login from 67.207.94.180 (US/United States/-): 5 in the last 3600 secs	2020-09-02 18:49:15
198.71.239.50	attack	198.71.239.50 - - [01/Sep/2020:18:41:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 38248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 198.71.239.50 - - [01/Sep/2020:18:41:06 +0200] "POST /xmlrpc.php HTTP/1.1" 403 38248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-09-02 18:42:27
175.139.3.41	attack	2020-09-02T11:05:48.457068upcloud.m0sh1x2.com sshd[14929]: Invalid user zj from 175.139.3.41 port 37690	2020-09-02 19:10:26
150.109.99.68	attack	Unauthorized connection attempt detected from IP address 150.109.99.68 to port 8678 [T]	2020-09-02 18:52:58
50.63.196.14	attack	xmlrpc attack	2020-09-02 18:33:03
213.160.143.146	attack	Sep 2 02:24:32 ns41 sshd[14306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.160.143.146	2020-09-02 19:06:15
46.229.168.137	attackspambots	(mod_security) mod_security (id:980001) triggered by 46.229.168.137 (US/United States/crawl9.bl.semrush.com): 5 in the last 14400 secs; ID: rub	2020-09-02 18:48:56
103.221.36.254	attackbotsspam	Port Scan ...	2020-09-02 18:52:27
180.167.225.118	attack	Sep 2 11:57:02 plg sshd[21030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.225.118 Sep 2 11:57:04 plg sshd[21030]: Failed password for invalid user dst from 180.167.225.118 port 33218 ssh2 Sep 2 11:59:41 plg sshd[21040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.225.118 Sep 2 11:59:43 plg sshd[21040]: Failed password for invalid user angelo from 180.167.225.118 port 36876 ssh2 Sep 2 12:02:27 plg sshd[21063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.225.118 Sep 2 12:02:29 plg sshd[21063]: Failed password for invalid user cisco from 180.167.225.118 port 42134 ssh2 Sep 2 12:05:04 plg sshd[21075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.225.118 ...	2020-09-02 18:32:45
187.4.117.128	attackspam	Automatic report - XMLRPC Attack	2020-09-02 19:12:41
192.35.168.224	attackspambots	Automatic report - Banned IP Access	2020-09-02 18:59:56
111.161.74.106	attackspambots	May 3 03:20:35 ms-srv sshd[58846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.161.74.106 May 3 03:20:37 ms-srv sshd[58846]: Failed password for invalid user paresh from 111.161.74.106 port 40083 ssh2	2020-09-02 19:09:44

Recently Reported IPs

190.21.222.165	189.217.25.216	77.204.18.227	156.102.170.149
85.202.194.232	2607:f8b0:4864:20::115	65.49.1.30	2408:8720:806:100::1
18.183.243.89	77.222.98.133	123.149.77.89	93.142.30.239
35.199.191.1	112.10.236.129	169.254.69.30	200.251.115.134
117.95.201.109	83.202.79.235	198.44.248.238	43.129.254.2