JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.152.52.59

104.152.52.59 was found in our database!

This IP was reported 1,518 times. Confidence of Abuse is 100%: ?

100%

ISP	Rethem Hosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14987
Hostname(s)	internettl.org
Domain Name	rethemhosting.net
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.152.52.59

Whois 104.152.52.59

IP Abuse Reports for 104.152.52.59:

This IP address has been reported a total of 1,518 times from 328 distinct sources. 104.152.52.59 was first reported on November 26th 2020, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-07 07:34:05 (7 hours ago)	Honeypot [uk-production01]: Unauthorized traffic (3 bytes of payload); 49396 [3], 49775 [2], 8919 [1 ... show more Honeypot [uk-production01]: Unauthorized traffic (3 bytes of payload); 49396 [3], 49775 [2], 8919 [1], 49112 [1], 2863 [1] TCP show less	Port Scan
🇫🇷 Petre 21_ip	2026-06-07 05:58:04 (9 hours ago)	2026-06-07T07:58:03.355177+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-07T07:58:03.355177+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=104.152.52.59 DST=155.133.26.57 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=12931 PROTO=TCP SPT=51883 DPT=6309 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇳🇱 donarev419	2026-06-07 02:29:53 (12 hours ago)	Connection to port 3608 with data transfer. Data preview: SSH-2.0-Go	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-06 23:33:50 (15 hours ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 gbzret4d	2026-06-06 20:58:10 (17 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 8395 [2], 8949 [2], 8273 [1], 4975 ... show more Honeypot [uk-production01]: Empty payload (likely service probe); 8395 [2], 8949 [2], 8273 [1], 49758 [1], 8766 [1], 2890 [1] TCP show less	Port Scan
🇺🇸 cybsecaoccol	2026-06-06 15:15:01 (23 hours ago)	Malware/IPS Threat Detection - EMEA	Hacking Bad Web Bot Exploited Host Web App Attack
🇺🇸 donarev419	2026-06-06 07:15:33 (1 day ago)	Connection to port 500 with data transfer. Data preview: POST / HTTP/1.1 Host: 107.175.212.44:500 ... show more Connection to port 500 with data transfer. Data preview: POST / HTTP/1.1 Host: 107.175.212.44:500 User-Agent: curl/7.61.1 Accept: / Content-Type: appli show less	Port Scan Hacking
🇩🇪 anycast_ac	2026-06-06 04:42:55 (1 day ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8081 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8081 (generic). Commands captured: $ GET / HTTP/1.1 show less	DDoS Attack IoT Targeted Brute-Force
🇳🇱 donarev419	2026-06-06 04:28:59 (1 day ago)	Connection to port 4449 with data transfer. Data preview: POST /wsman HTTP/1.1 Connection: close U ... show more Connection to port 4449 with data transfer. Data preview: POST /wsman HTTP/1.1 Connection: close User-Agent: Microsoft WinRM Client Content-Length: 8 Host show less	Port Scan Hacking
🇩🇪 anycast_ac	2026-06-06 04:25:48 (1 day ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8081 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8081 (generic). Commands captured: $ Ê show less	DDoS Attack IoT Targeted Brute-Force
🇺🇸 sandra361	2026-06-06 02:09:26 (1 day ago)	Port scan detected: 18 attempts across 9 ports (2002,2200,2372,325,344,5141,5304,847,8527). \| Eviden ... show more Port scan detected: 18 attempts across 9 ports (2002,2200,2372,325,344,5141,5304,847,8527). \| Evidence: REAPER_TARPIT:IN=enp1s0 OUT= SRC=104.152.52.59 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=17437 DF PROTO=TCP SPT=60127 DPT=8527 WINDOW=29200 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 Axel	2026-06-06 01:00:33 (1 day ago)	[2026-06-06 01:00:32 UTC] Honeypot Elasticsearch Alt connection attempt \| AXFRA HONEYPOT	Hacking
🇺🇸 Xarcotic	2026-06-06 00:26:15 (1 day ago)	SSH login on honeypot.	Brute-Force SSH
🇺🇸 LockBlock	2026-06-05 17:26:06 (1 day ago)	2026-06-05 17:26:06: Port scan detected from 104.152.52.59 on port 119 of racknerd-e7e1a9	Port Scan
🇸🇬 drewf.ink	2026-06-05 00:23:45 (2 days ago)	[00:23] Port scanning. Port(s) scanned: TCP/3306	Port Scan

Showing 1 to 15 of 1518 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.210.77.100

🇫🇷 91.196.152.109

🇬🇧 2a06:4880:6000::74

🇫🇷 2a01:cb0a:8044:ea95:bc58:9e84:e7fa:2a57

🇺🇸 172.253.244.152

🇭🇰 165.154.45.135

🇧🇷 152.67.39.50

🇻🇳 116.118.44.131

🇨🇭 104.244.76.136

🇮🇩 69.5.23.222

🇺🇸 66.132.195.100

🇵🇰 43.246.221.69

🇨🇳 43.226.39.182

🇻🇳 14.225.7.70

🇰🇷 217.142.141.66

🇸🇳 196.207.228.92

🇳🇴 193.90.12.122

🇸🇬 168.144.141.128

🇨🇳 117.48.216.110

🇺🇸 107.174.163.130