104.152.52.30 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Rethem Hosting LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	05:14:10 Probable ASCEND Probe 104.152.52.30, 42357->> 05:23:30 UDP Loop 104.152.52.30, 42357->>	2019-10-29 15:51:48

Comments on same subnet:

IP	Type	Details	Datetime
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61015
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.152.52.30.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042900 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 16:31:01 +08 2019
;; MSG SIZE  rcvd: 117

Host info

30.52.152.104.in-addr.arpa domain name pointer internettl.org.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
30.52.152.104.in-addr.arpa	name = internettl.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.112.73.65	attackspam	Automatic report - Port Scan Attack	2020-02-10 01:03:51
103.236.152.8	attack	1581255307 - 02/09/2020 14:35:07 Host: 103.236.152.8/103.236.152.8 Port: 445 TCP Blocked	2020-02-10 00:45:27
124.204.51.162	attackbots	Feb 9 16:59:10 mout sshd[8781]: Invalid user vwr from 124.204.51.162 port 6281	2020-02-10 01:01:21
122.117.47.104	attackbotsspam	23/tcp [2020-02-09]1pkt	2020-02-10 01:04:57
222.186.30.248	attackbots	Feb 9 17:59:39 localhost sshd\[30578\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.248 user=root Feb 9 17:59:40 localhost sshd\[30578\]: Failed password for root from 222.186.30.248 port 32891 ssh2 Feb 9 17:59:42 localhost sshd\[30578\]: Failed password for root from 222.186.30.248 port 32891 ssh2	2020-02-10 01:12:54
62.4.28.175	attackbotsspam	Repeated brute force against a port	2020-02-10 01:17:50
128.199.75.69	attackspam	Feb 9 18:16:54 dedicated sshd[661]: Invalid user lsg from 128.199.75.69 port 40565	2020-02-10 01:18:13
80.82.65.74	attackspambots	Automatic report - Port Scan	2020-02-10 01:20:23
201.95.228.52	attackspam	Automatic report - Port Scan Attack	2020-02-10 01:00:55
165.227.212.156	attackbots	Feb 9 20:32:01 areeb-Workstation sshd[16476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.212.156 Feb 9 20:32:03 areeb-Workstation sshd[16476]: Failed password for invalid user nxw from 165.227.212.156 port 39706 ssh2 ...	2020-02-10 01:18:26
31.210.211.114	attackbotsspam	Feb 9 17:44:40 ns3042688 sshd\[18606\]: Invalid user sjd from 31.210.211.114 Feb 9 17:44:40 ns3042688 sshd\[18606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.210.211.114 Feb 9 17:44:42 ns3042688 sshd\[18606\]: Failed password for invalid user sjd from 31.210.211.114 port 35062 ssh2 Feb 9 17:48:26 ns3042688 sshd\[18835\]: Invalid user xaz from 31.210.211.114 Feb 9 17:48:26 ns3042688 sshd\[18835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.210.211.114 ...	2020-02-10 00:55:39
80.82.78.100	attackspam	80.82.78.100 was recorded 24 times by 12 hosts attempting to connect to the following ports: 50323,3,49161. Incident counter (4h, 24h, all-time): 24, 143, 17868	2020-02-10 00:47:48
46.42.129.120	attack	445/tcp [2020-02-09]1pkt	2020-02-10 00:49:36
220.142.173.149	attack	23/tcp [2020-02-09]1pkt	2020-02-10 00:42:27
156.204.201.57	attackbotsspam	23/tcp [2020-02-09]1pkt	2020-02-10 00:59:05

Recently Reported IPs

164.147.103.52	218.92.0.141	36.71.232.243	107.170.202.18
85.94.32.43	42.200.150.157	81.218.196.175	118.163.203.164
123.232.125.198	41.204.27.41	209.141.47.92	179.189.253.122
162.248.16.14	50.240.188.72	92.63.194.52	205.70.247.73
147.128.207.252	123.206.174.21	208.204.52.200	112.167.53.215