AbuseIPDB » 104.152.52.57

104.152.52.57 was found in our database!

This IP was reported 1,544 times. Confidence of Abuse is 100%: ?

100%
ISP Rethem Hosting LLC
Usage Type Data Center/Web Hosting/Transit
ASN AS14987
Hostname(s) internettl.org
Domain Name rethemhosting.net
Country πŸ‡ΊπŸ‡Έ United States of America
City Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.152.52.57
Whois 104.152.52.57

IP Abuse Reports for 104.152.52.57:

This IP address has been reported a total of 1,544 times from 333 distinct sources. 104.152.52.57 was first reported on , and the most recent report was .

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter IoA Timestamp (UTC) Comment Categories
πŸ‡³πŸ‡± donarev419
Connection to port 2989 with data transfer. Data preview: SSH-2.0-Go
Port Scan Hacking
πŸ‡¬πŸ‡§ gbzret4d
SSH
πŸ‡³πŸ‡΅ radheykrishna.com.np
Port Scan
πŸ‡ΊπŸ‡Έ donarev419
Connection to port 500 with data transfer. Data preview:
Port Scan Hacking
πŸ‡³πŸ‡± donarev419
Connection to port 4449 with data transfer. Data preview:
Port Scan Hacking
πŸ‡©πŸ‡ͺ anycast_ac
[mirai-detector honeypot] Inbound attack against our honeypot on tcp/9090 (generic).
DDoS Attack IoT Targeted Brute-Force
πŸ‡ΊπŸ‡Έ sandra361
Port Scan
πŸ‡¬πŸ‡§ andypiper
CrowdSec ban for AbuseIPDB Top List
Brute-Force Web App Attack
πŸ‡©πŸ‡ͺ Axel
[2026-06-06 01:00:32 UTC] Honeypot Elasticsearch Alt connection attempt | AXFRA HONEYPOT
Hacking
πŸ‡ΊπŸ‡Έ Xarcotic
SSH login on honeypot.
Brute-Force SSH
πŸ‡«πŸ‡· Elysium Security
Mass port scanning on a whole network
Port Scan
πŸ‡ΊπŸ‡Έ LockBlock
2026-06-05 17:26:03: Port scan detected from 104.152.52.57 on port 119 of racknerd-e7e1a9
Port Scan
πŸ‡¦πŸ‡Ί LiftUp Hosting
Honeypot hit: Unauthorized traffic (3 bytes of payload); 30705 [3], 3352 [1] TCP
Port Scan
πŸ‡²πŸ‡³ Public CSIRT/CC of Mongolia
Honeypot hit: Large payload (1487 bytes); 3471 [1] TCP
Hacking
πŸ‡ΈπŸ‡¬ drewf.ink
[00:21] Port scanning. Port(s) scanned: TCP/3306
Port Scan

Showing 1 to 15 of 1544 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

πŸ‡¬πŸ‡§ 193.163.125.141
πŸ‡¨πŸ‡­ 85.5.148.125
πŸ‡ΊπŸ‡Έ 64.62.197.198
πŸ‡­πŸ‡° 47.86.242.120
πŸ‡³πŸ‡± 45.148.10.141
πŸ‡ΊπŸ‡Έ 20.168.122.61
πŸ‡¨πŸ‡³ 182.112.79.207
πŸ‡¨πŸ‡³ 180.113.208.17
πŸ‡§πŸ‡· 152.32.200.213
πŸ‡©πŸ‡ͺ 116.203.204.171
πŸ‡ΊπŸ‡Έ 66.132.186.219
πŸ‡ΊπŸ‡Έ 66.132.172.148
πŸ‡©πŸ‡ͺ 43.228.157.16
πŸ‡ͺπŸ‡¨ 38.10.145.6
πŸ‡ΉπŸ‡Ό 34.81.72.185
πŸ‡ΊπŸ‡Έ 18.219.4.169
πŸ‡ΊπŸ‡Έ 207.90.244.2
πŸ‡ΊπŸ‡Έ 172.236.119.165
πŸ‡ΊπŸ‡Έ 162.216.150.9
πŸ‡ΊπŸ‡Έ 54.163.171.176