104.152.52.16 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Rethem Hosting LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Port Scan detected! ...	2020-05-24 05:30:34

Comments on same subnet:

IP	Type	Details	Datetime
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22147
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.152.52.16.			IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102801 1800 900 604800 86400

;; Query time: 278 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 02:11:15 CST 2019
;; MSG SIZE  rcvd: 117

Host info

16.52.152.104.in-addr.arpa domain name pointer internettl.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
16.52.152.104.in-addr.arpa	name = internettl.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.249.21.130	attack	SSH Brute-Forcing (server1)	2020-05-20 22:43:14
220.117.115.10	attackspambots	2020-05-20T10:54:05.098877ionos.janbro.de sshd[84673]: Invalid user zbr from 220.117.115.10 port 41958 2020-05-20T10:54:07.294590ionos.janbro.de sshd[84673]: Failed password for invalid user zbr from 220.117.115.10 port 41958 ssh2 2020-05-20T10:56:41.187664ionos.janbro.de sshd[84675]: Invalid user ytv from 220.117.115.10 port 56280 2020-05-20T10:56:41.256052ionos.janbro.de sshd[84675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.117.115.10 2020-05-20T10:56:41.187664ionos.janbro.de sshd[84675]: Invalid user ytv from 220.117.115.10 port 56280 2020-05-20T10:56:43.795180ionos.janbro.de sshd[84675]: Failed password for invalid user ytv from 220.117.115.10 port 56280 ssh2 2020-05-20T10:59:17.148430ionos.janbro.de sshd[84678]: Invalid user cwo from 220.117.115.10 port 42378 2020-05-20T10:59:17.457409ionos.janbro.de sshd[84678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.117.115.10 2020-05-20T10:59 ...	2020-05-20 22:45:08
219.150.93.157	attackbotsspam	383. On May 17 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 219.150.93.157.	2020-05-20 22:45:37
218.92.0.138	attackbots	2020-05-20T14:34:23.611113shield sshd\[22264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.138 user=root 2020-05-20T14:34:25.304610shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2 2020-05-20T14:34:28.006893shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2 2020-05-20T14:34:31.779231shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2 2020-05-20T14:34:35.265890shield sshd\[22264\]: Failed password for root from 218.92.0.138 port 40098 ssh2	2020-05-20 22:57:29
211.75.236.230	attack	May 20 15:08:31 onepixel sshd[504287]: Invalid user inj from 211.75.236.230 port 47546 May 20 15:08:31 onepixel sshd[504287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.75.236.230 May 20 15:08:31 onepixel sshd[504287]: Invalid user inj from 211.75.236.230 port 47546 May 20 15:08:33 onepixel sshd[504287]: Failed password for invalid user inj from 211.75.236.230 port 47546 ssh2 May 20 15:10:22 onepixel sshd[504717]: Invalid user twl from 211.75.236.230 port 46320	2020-05-20 23:26:27
113.190.242.194	attackspam	Unauthorized connection attempt from IP address 113.190.242.194 on Port 445(SMB)	2020-05-20 22:59:35
217.160.75.142	attackspam	May 20 16:44:15 dev0-dcde-rnet sshd[15520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.75.142 May 20 16:44:17 dev0-dcde-rnet sshd[15520]: Failed password for invalid user adx from 217.160.75.142 port 42240 ssh2 May 20 16:48:02 dev0-dcde-rnet sshd[15567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.75.142	2020-05-20 23:21:53
78.187.133.68	attackbotsspam	Attempted connection to port 2323.	2020-05-20 23:02:29
114.43.172.144	attack	1589960735 - 05/20/2020 09:45:35 Host: 114.43.172.144/114.43.172.144 Port: 445 TCP Blocked	2020-05-20 22:46:53
193.243.165.92	attackspambots	Attempted connection to port 22.	2020-05-20 23:14:32
208.64.33.110	attackspam	(sshd) Failed SSH login from 208.64.33.110 (US/United States/reviewsilo.uno): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 20 17:25:45 ubnt-55d23 sshd[15687]: Invalid user hhq from 208.64.33.110 port 45202 May 20 17:25:48 ubnt-55d23 sshd[15687]: Failed password for invalid user hhq from 208.64.33.110 port 45202 ssh2	2020-05-20 23:26:52
101.109.53.180	attackbots	May 20 09:25:06 b-admin sshd[20758]: Did not receive identification string from 101.109.53.180 port 59928 May 20 09:25:10 b-admin sshd[20776]: Invalid user ubnt from 101.109.53.180 port 60228 May 20 09:25:11 b-admin sshd[20776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.109.53.180 May 20 09:25:13 b-admin sshd[20776]: Failed password for invalid user ubnt from 101.109.53.180 port 60228 ssh2 May 20 09:25:13 b-admin sshd[20776]: Connection closed by 101.109.53.180 port 60228 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=101.109.53.180	2020-05-20 22:49:34
31.0.2.98	attack	Unauthorized connection attempt from IP address 31.0.2.98 on Port 445(SMB)	2020-05-20 22:47:35
89.121.202.98	attack	1589966173 - 05/20/2020 11:16:13 Host: 89.121.202.98/89.121.202.98 Port: 445 TCP Blocked	2020-05-20 23:24:22
188.212.84.196	attackbotsspam	Unauthorized connection attempt from IP address 188.212.84.196 on Port 445(SMB)	2020-05-20 23:27:17

Recently Reported IPs

171.78.165.219	189.119.207.106	126.155.206.70	106.200.245.99
132.213.170.133	117.195.121.98	160.122.207.91	113.243.72.15
36.7.124.22	111.194.246.205	178.34.156.249	103.227.51.206
47.216.213.87	25.15.10.90	136.85.1.211	215.202.65.193
182.150.2.250	208.111.162.73	138.109.230.22	83.214.255.114