City: unknown
Region: unknown
Country: United States
Internet Service Provider: Rethem Hosting LLC
Hostname: unknown
Organization: Rethem Hosting LLC
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | 104.152.52.38 - - - [15/Apr/2020:03:56:51 +0000] "GET / HTTP/1.0" 404 162 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" "-" "-" |
2020-04-15 14:22:47 |
| attackspam | 11.04.2020 14.25.19;The network attack Scan.Generic.PortScan.TCP has been blocked.;Tcp from 104.152.52.38 to port 27017;Tcp;104.152.52.38;27017;04/11/2020 14:25:19 11.04.2020 14.25.17;The network attack Scan.Generic.PortScan.TCP has been blocked.;Tcp from 104.152.52.38 to port 8092;Tcp;104.152.52.38;8092;04/11/2020 14:25:17 11.04.2020 14.25.16;The network attack Scan.Generic.PortScan.TCP has been blocked.;Tcp from 104.152.52.38 to port 264;Tcp;104.152.52.38;264;04/11/2020 14:25:16 |
2020-04-12 00:11:01 |
| attackspam | Mar 27 16:09:15 debian-2gb-nbg1-2 kernel: \[7580825.550362\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.152.52.38 DST=195.201.40.59 LEN=28 TOS=0x00 PREC=0x00 TTL=240 ID=27510 PROTO=UDP SPT=59945 DPT=31337 LEN=8 |
2020-03-28 02:19:57 |
| attackspam | Attempts against Pop3/IMAP |
2020-02-16 06:38:38 |
| attackbots | Automatic report - Banned IP Access |
2020-01-03 14:56:34 |
| attackspam | Scanning for open ports |
2019-11-27 03:40:13 |
| attack | Sep 30 05:55:34 raspberrypi sshd\[24264\]: Did not receive identification string from 104.152.52.38 ... |
2019-09-30 15:35:54 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.152.52.231 | botsattackproxy | Bot attacker IP |
2025-03-25 13:44:38 |
| 104.152.52.145 | botsattackproxy | Vulnerability Scanner |
2025-03-20 13:41:36 |
| 104.152.52.100 | spamattackproxy | VoIP blacklist IP |
2025-03-14 22:09:59 |
| 104.152.52.139 | attack | Brute-force attacker IP |
2025-03-10 13:45:36 |
| 104.152.52.219 | botsattackproxy | Bot attacker IP |
2025-03-04 13:55:48 |
| 104.152.52.124 | botsattackproxy | Vulnerability Scanner |
2025-02-26 17:12:59 |
| 104.152.52.146 | botsattackproxy | Bot attacker IP |
2025-02-21 12:31:03 |
| 104.152.52.161 | botsattackproxy | Vulnerability Scanner |
2025-02-05 14:00:57 |
| 104.152.52.176 | botsattackproxy | Botnet DB Scanner |
2025-01-20 14:03:26 |
| 104.152.52.141 | botsattack | Vulnerability Scanner |
2025-01-09 22:45:15 |
| 104.152.52.165 | botsattackproxy | Bot attacker IP |
2024-09-24 16:44:08 |
| 104.152.52.226 | botsattackproxy | Vulnerability Scanner |
2024-08-28 12:46:53 |
| 104.152.52.142 | spambotsattack | Vulnerability Scanner |
2024-08-26 12:47:13 |
| 104.152.52.116 | spamattack | Compromised IP |
2024-07-06 14:07:26 |
| 104.152.52.204 | attack | Bad IP |
2024-07-01 12:36:27 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.38
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34508
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.152.52.38. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019040900 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 09 18:35:05 +08 2019
;; MSG SIZE rcvd: 117
38.52.152.104.in-addr.arpa domain name pointer internettl.org.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
38.52.152.104.in-addr.arpa name = internettl.org.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 220.191.160.42 | attackspambots | suspicious action Wed, 04 Mar 2020 13:30:23 -0300 |
2020-03-05 01:45:00 |
| 167.99.70.191 | attackbots | Wordpress attack |
2020-03-05 02:09:34 |
| 78.130.167.162 | attack | 1583328879 - 03/04/2020 14:34:39 Host: 78.130.167.162/78.130.167.162 Port: 445 TCP Blocked |
2020-03-05 02:04:09 |
| 51.91.8.222 | attackbotsspam | Mar 4 07:55:53 wbs sshd\[22805\]: Invalid user redmine from 51.91.8.222 Mar 4 07:55:53 wbs sshd\[22805\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.ip-51-91-8.eu Mar 4 07:55:56 wbs sshd\[22805\]: Failed password for invalid user redmine from 51.91.8.222 port 47764 ssh2 Mar 4 08:03:53 wbs sshd\[23571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.ip-51-91-8.eu user=sys Mar 4 08:03:55 wbs sshd\[23571\]: Failed password for sys from 51.91.8.222 port 53790 ssh2 |
2020-03-05 02:10:04 |
| 71.246.210.34 | attack | $f2bV_matches |
2020-03-05 01:51:19 |
| 91.126.44.74 | attackbotsspam | Honeypot attack, port: 5555, PTR: cli-5b7e2c4a.wholesale.adamo.es. |
2020-03-05 01:37:34 |
| 45.136.110.135 | attackspambots | Attempt to attack host OS, exploiting network vulnerabilities, on 04-03-2020 13:35:09. |
2020-03-05 01:31:24 |
| 142.93.83.218 | attackbotsspam | Mar 4 09:23:31 NPSTNNYC01T sshd[28847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.83.218 Mar 4 09:23:33 NPSTNNYC01T sshd[28847]: Failed password for invalid user spark from 142.93.83.218 port 45148 ssh2 Mar 4 09:25:23 NPSTNNYC01T sshd[29064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.83.218 ... |
2020-03-05 02:03:42 |
| 120.29.226.6 | attack | failed_logins |
2020-03-05 01:53:51 |
| 71.19.218.14 | attack | Honeypot attack, port: 5555, PTR: 71-19-218-14.ip.twinvalley.net. |
2020-03-05 01:57:29 |
| 42.112.68.38 | attackbots | Honeypot attack, port: 81, PTR: PTR record not found |
2020-03-05 01:54:17 |
| 220.191.173.222 | attackbots | Honeypot hit. |
2020-03-05 01:44:08 |
| 201.111.74.109 | attackspambots | suspicious action Wed, 04 Mar 2020 10:34:56 -0300 |
2020-03-05 01:40:18 |
| 92.222.88.102 | attack | $f2bV_matches |
2020-03-05 02:02:29 |
| 213.212.255.140 | attackbots | frenzy |
2020-03-05 02:07:32 |