JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.152.52.64

104.152.52.64 was found in our database!

This IP was reported 1,433 times. Confidence of Abuse is 100%: ?

100%

ISP	Rethem Hosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14987
Hostname(s)	internettl.org
Domain Name	rethemhosting.net
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.152.52.64

Whois 104.152.52.64

IP Abuse Reports for 104.152.52.64:

This IP address has been reported a total of 1,433 times from 321 distinct sources. 104.152.52.64 was first reported on November 26th 2020, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-08 12:25:15 (10 hours ago)	ICS Labs identified 104.152.52.64 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇬🇧 gbzret4d	2026-06-08 09:10:01 (13 hours ago)	Honeypot [uk-production01]: Large payload (1487 bytes); 49641 [2], 8749 [2], 2973 [2], 8952 [2], 842 ... show more Honeypot [uk-production01]: Large payload (1487 bytes); 49641 [2], 8749 [2], 2973 [2], 8952 [2], 8421 [2], 49836 [2] TCP show less	Bad Web Bot
🇧🇷 ludarkstar99	2026-06-08 07:55:11 (15 hours ago)	Blocked by os-abuseipdb; 848 hits, proto=tcp, ports=101,102,103,106,109,112,113,114,116,117,118,119, ... show more Blocked by os-abuseipdb; 848 hits, proto=tcp, ports=101,102,103,106,109,112,113,114,116,117,118,119,12,120,121,1 show less	Port Scan Hacking
🇩🇪 anycast_ac	2026-06-08 04:21:29 (18 hours ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8000 (generic).	DDoS Attack IoT Targeted Brute-Force
🇳🇱 donarev419	2026-06-08 04:07:28 (18 hours ago)	Port scan detected on port 18000 (connection without data transfer)	Port Scan
🇩🇪 anycast_ac	2026-06-08 04:02:06 (19 hours ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/9999 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/9999 (generic). Commands captured: $ show less	DDoS Attack IoT Targeted Brute-Force
🇩🇪 Axel	2026-06-08 00:45:35 (22 hours ago)	[2026-06-08 00:45:33 UTC] Honeypot Alt HTTP Proxy connection attempt \| AXFRA HONEYPOT	Web App Attack
🇬🇧 gbzret4d	2026-06-07 19:21:54 (1 day ago)	Honeypot [uk-production01]: Large payload (1487 bytes); 8744 [3], 8652 [3], 49860 [1], 49081 [1] TCP	Bad Web Bot
🇬🇧 gbzret4d	2026-06-07 07:34:01 (1 day ago)	Honeypot [uk-production01]: SSH handshake/banner (12 bytes of payload); 8384 [1], 49396 [1], 2863 [1 ... show more Honeypot [uk-production01]: SSH handshake/banner (12 bytes of payload); 8384 [1], 49396 [1], 2863 [1], 49849 [1] TCP show less	SSH
🇳🇱 donarev419	2026-06-07 02:29:44 (1 day ago)	Connection to port 2097 with data transfer. Data preview: �	Port Scan Hacking
🇬🇧 gbzret4d	2026-06-06 20:58:05 (2 days ago)	Honeypot [uk-production01]: SSH handshake/banner (12 bytes of payload); 8728 [3], 49758 [3], 8766 [2 ... show more Honeypot [uk-production01]: SSH handshake/banner (12 bytes of payload); 8728 [3], 49758 [3], 8766 [2], 2076 [1], 8549 [1], 2413 [1] TCP show less	SSH
Anonymous	2026-06-06 13:54:46 (2 days ago)	postfix	Email Spam Web App Attack
🇳🇱 donarev419	2026-06-06 07:16:36 (2 days ago)	Connection to port 3208 with data transfer. Data preview:	Port Scan Hacking
🇩🇪 anycast_ac	2026-06-06 04:42:57 (2 days ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8081 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8081 (generic). Commands captured: $ SSH-2.0-Go show less	DDoS Attack IoT Targeted Brute-Force
🇳🇱 donarev419	2026-06-06 04:28:49 (2 days ago)	Port scan detected on port 4449 (connection without data transfer)	Port Scan

Showing 1 to 15 of 1433 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.138

🇩🇪 213.209.159.56

🇰🇷 203.142.160.143

🇮🇩 163.7.11.155

🇧🇪 104.155.51.30

🇨🇳 101.89.141.184

🇺🇸 13.58.246.218

🇩🇪 159.195.83.49

🇭🇰 152.32.174.171

🇩🇪 128.1.34.69

🇨🇳 121.224.78.164

🇱🇹 81.30.98.142

🇯🇵 40.126.13.9

🇨🇱 34.176.44.39

🇱🇹 81.30.98.62

🇹🇭 49.48.98.42

🇧🇷 45.4.179.3

🇨🇳 42.123.124.192

🇮🇩 36.77.1.200

🇪🇪 31.59.160.12