104.152.52.68
IP Intelligence Briefing: 104.152.52.68
Date: 2026-06-12
---
**1. Core Profile**
- Risk Score: 25 (Low Risk)
- Ownership: Rethem Hosting LLC (ASN 14987, ARIN-registered)
- Geolocation: United States (city/region fields appear placeholder/uncertain)
- Network Role: Hosting provider (firewalled, no open services)
- Threat Indicators: No malicious activity detected (no blacklists, campaigns, or abuse signals).
---
**2. Observation History**
- Recent Activity (Last 30 Days):
- DNS records linked to `internettl.org` (SPF verified, no DMARC).
- BGP prefix `104.152.52.0/24` registered to Rethem Hosting.
- DNSSEC validation confirmed for reverse zone.
- No persistent threats or network anomalies detected.
---
**3. Relationships**
- Network: Directly tied to Rethem Hosting LLC (same ASN).
- DNS: Associated with `internettl.org` (SPF record found).
- Subnet: Part of `104.152.52.0/24` (71 total IPs, 39 medium-risk neighbors).
---
**4. Subnet Analysis**
- Abuse Density: 0 (low risk overall).
- Neighbor Risks:
- 39 IPs with medium risk (avg. 40).
- 32 IPs with low risk (avg. 25).
- No high-risk IPs in the subnet.
- Notable Neighbors:
- `104.152.52.60`, `104.152.52.72` (higher risk scores).
---
**5. Recommendations**
- Monitor Subnet: Track medium-risk neighbors for potential lateral movement or shared infrastructure risks.
- Validate DNS: Confirm `internettl.org`βs security posture (check for DMARC, CAA, and historical abuse).
- Network Segmentation: Ensure hosting services are isolated from internal networks to mitigate potential breaches.
- BGP Security: Verify Rethem Hostingβs BGP configurations for route hijacking resilience.
---
Conclusion:
The IP is low risk but resides in a subnet with mixed-risk neighbors. While no direct threats are detected, the hosting providerβs network warrants closer scrutiny, particularly around the associated domain and subnet activity. SOC teams should prioritize monitoring for anomalies in the `104.152.52.0/24` range and validate the security of linked domains.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
π’ Ownership & Registration
| Organization | Rethem Hosting LLC |
| ASN | AS14987 |
| Network Name | RETHEM-HOSTING |
| CIDR Block | 104.152.52.0/22 |
| RIR | ARIN |
| Country | United States |
| Abuse Contact | Available via RDAP |
π DNS Intelligence
| PTR | internettl.org |
| Forward Confirmed | No β PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | internettl.org |
π DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Present |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Not configured |
βοΈ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting β Infrastructure provider without advanced routing |
π Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | β |
| HTTP Title | β |
π TLS Certificate
| SANs | None |
| Valid From | β |
| Valid Until | β |
π― Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 0% | 0 | 0 |
| routing | 0% | 0 | 0 |
| services | 0% | 0 | 0 |
| ownership | 27% | 2 | 3 |
| reputation | 0% | 0 | 0 |
| geolocation | 13% | 1 | 1 |
| Overall | 6% | 3 | 4 |
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
π Observation Timeline π Live
| First Seen | 2026-06-04 00:30:54 UTC |
| Last Seen | 2026-06-12 23:06:21 UTC |
| Profile Built | 2026-06-12 23:48:37 UTC |
| Data Freshness | Live |
| Signal Types | 19 |
| Total Observations | 19 |
Full dossier details are available via our API.