104.152.52.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Rethem Hosting LLC

Hostname: unknown

Organization: Rethem Hosting LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[MultiHost/MultiPort scan (19)] tcp/106, tcp/110, tcp/111, tcp/113, tcp/119, tcp/135, tcp/139, tcp/1433, tcp/21, tcp/22, tcp/23, tcp/26, tcp/3306, tcp/37, tcp/445, tcp/5060, tcp/554, tcp/79, tcp/88 [scan/connect: 38 time(s)] *(RWIN=14600)(08041230)	2019-08-04 23:39:02

Type

Details

Datetime

attack

[MultiHost/MultiPort scan (19)] tcp/106, tcp/110, tcp/111, tcp/113, tcp/119, tcp/135, tcp/139, tcp/1433, tcp/21, tcp/22, tcp/23, tcp/26, tcp/3306, tcp/37, tcp/445, tcp/5060, tcp/554, tcp/79, tcp/88
[scan/connect: 38 time(s)]
*(RWIN=14600)(08041230)

2019-08-04 23:39:02

Comments on same subnet:

IP	Type	Details	Datetime
104.152.52.231	botsattackproxy	Bot attacker IP	2025-03-25 13:44:38
104.152.52.145	botsattackproxy	Vulnerability Scanner	2025-03-20 13:41:36
104.152.52.100	spamattackproxy	VoIP blacklist IP	2025-03-14 22:09:59
104.152.52.139	attack	Brute-force attacker IP	2025-03-10 13:45:36
104.152.52.219	botsattackproxy	Bot attacker IP	2025-03-04 13:55:48
104.152.52.124	botsattackproxy	Vulnerability Scanner	2025-02-26 17:12:59
104.152.52.146	botsattackproxy	Bot attacker IP	2025-02-21 12:31:03
104.152.52.161	botsattackproxy	Vulnerability Scanner	2025-02-05 14:00:57
104.152.52.176	botsattackproxy	Botnet DB Scanner	2025-01-20 14:03:26
104.152.52.141	botsattack	Vulnerability Scanner	2025-01-09 22:45:15
104.152.52.165	botsattackproxy	Bot attacker IP	2024-09-24 16:44:08
104.152.52.226	botsattackproxy	Vulnerability Scanner	2024-08-28 12:46:53
104.152.52.142	spambotsattack	Vulnerability Scanner	2024-08-26 12:47:13
104.152.52.116	spamattack	Compromised IP	2024-07-06 14:07:26
104.152.52.204	attack	Bad IP	2024-07-01 12:36:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.152.52.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43116
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.152.52.5.			IN	A

;; AUTHORITY SECTION:
.			324	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061502 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 16 09:50:49 CST 2019
;; MSG SIZE  rcvd: 116

Host info

5.52.152.104.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 5.52.152.104.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.29.89.15	attack	2020-08-19T14:32:15+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-08-19 20:37:43
103.70.204.206	attack	Unauthorized connection attempt from IP address 103.70.204.206 on Port 445(SMB)	2020-08-19 20:44:01
107.152.200.93	attackbots	(From daddario.fern@gmail.com) Hi, We're wondering if you've ever considered taking the content from higleychiropractic.com and converting it into videos to promote on social media platforms such as Youtube? It's another 'rod in the pond' in terms of traffic generation, as so many people use Youtube. You can read a bit more about the software here: https://bit.ly/326uaHS Kind Regards, Fern	2020-08-19 20:26:57
188.212.183.27	attack	Unauthorized connection attempts	2020-08-19 20:58:43
111.229.139.95	attackbotsspam	$f2bV_matches	2020-08-19 21:03:25
40.89.146.250	spam	Repeated varied Ads from the same source. Never signed up for or indicated an interest in anything related to what they are sending me.	2020-08-19 20:37:05
144.34.193.83	attack	Aug 19 08:23:22 NPSTNNYC01T sshd[18919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.193.83 Aug 19 08:23:24 NPSTNNYC01T sshd[18919]: Failed password for invalid user xmr from 144.34.193.83 port 36802 ssh2 Aug 19 08:32:17 NPSTNNYC01T sshd[19585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.193.83 ...	2020-08-19 20:34:37
111.231.226.68	attackspam	Aug 19 14:43:53 abendstille sshd\[17631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.226.68 user=root Aug 19 14:43:55 abendstille sshd\[17631\]: Failed password for root from 111.231.226.68 port 60914 ssh2 Aug 19 14:47:53 abendstille sshd\[21545\]: Invalid user neu from 111.231.226.68 Aug 19 14:47:53 abendstille sshd\[21545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.226.68 Aug 19 14:47:55 abendstille sshd\[21545\]: Failed password for invalid user neu from 111.231.226.68 port 47558 ssh2 ...	2020-08-19 21:01:16
49.232.193.51	attackbotsspam	Port Scan ...	2020-08-19 20:46:40
104.144.228.226	attack	(From daddario.fern@gmail.com) Hi, We're wondering if you've ever considered taking the content from higleychiropractic.com and converting it into videos to promote on social media platforms such as Youtube? It's another 'rod in the pond' in terms of traffic generation, as so many people use Youtube. You can read a bit more about the software here: https://bit.ly/326uaHS Kind Regards, Fern	2020-08-19 20:28:45
111.229.163.149	attack	Aug 19 17:58:13 dhoomketu sshd[2484435]: Invalid user ff from 111.229.163.149 port 44520 Aug 19 17:58:13 dhoomketu sshd[2484435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.163.149 Aug 19 17:58:13 dhoomketu sshd[2484435]: Invalid user ff from 111.229.163.149 port 44520 Aug 19 17:58:15 dhoomketu sshd[2484435]: Failed password for invalid user ff from 111.229.163.149 port 44520 ssh2 Aug 19 18:02:04 dhoomketu sshd[2484549]: Invalid user tos from 111.229.163.149 port 56858 ...	2020-08-19 20:54:47
199.227.138.238	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-08-19 20:56:34
111.231.143.71	attackbotsspam	Aug 19 12:32:13 *** sshd[714]: Invalid user yvonne from 111.231.143.71	2020-08-19 20:36:43
167.99.49.115	attackspambots	Aug 19 14:32:05 cosmoit sshd[20023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.49.115	2020-08-19 20:52:10
37.187.124.209	attackbotsspam	Invalid user minecraft from 37.187.124.209 port 37555	2020-08-19 20:25:55

Recently Reported IPs

85.209.0.155	4.172.175.168	185.234.17.62	5.34.240.179
59.175.158.203	43.226.124.208	5.195.196.164	14.0.61.240
142.147.111.47	202.62.53.95	203.170.84.161	103.10.125.165
34.234.93.89	157.240.8.54	79.100.200.15	82.137.13.47
185.181.164.122	115.22.157.242	34.87.16.239	189.135.25.229