52.172.157.44 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Aug 24) SRC=52.172.157.44 LEN=40 TTL=237 ID=58938 TCP DPT=1433 WINDOW=1024 SYN	2020-08-25 03:33:56
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 39 - port: 1433 proto: TCP cat: Misc Attack	2020-07-05 22:21:26
attackbotsspam	Port probing on unauthorized port 445	2020-06-02 05:59:28

Type

Details

Datetime

attack

Unauthorised access (Aug 24) SRC=52.172.157.44 LEN=40 TTL=237 ID=58938 TCP DPT=1433 WINDOW=1024 SYN

2020-08-25 03:33:56

attackbots

ET CINS Active Threat Intelligence Poor Reputation IP group 39 - port: 1433 proto: TCP cat: Misc Attack

2020-07-05 22:21:26

attackbotsspam

Port probing on unauthorized port 445

2020-06-02 05:59:28

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.172.157.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52886
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.172.157.44.			IN	A

;; AUTHORITY SECTION:
.			578	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060101 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 05:59:25 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 44.157.172.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 44.157.172.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.209.204.18	attack	Aug 2 22:18:33 srv-4 sshd\[823\]: Invalid user admin from 82.209.204.18 Aug 2 22:18:33 srv-4 sshd\[823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.209.204.18 Aug 2 22:18:36 srv-4 sshd\[823\]: Failed password for invalid user admin from 82.209.204.18 port 53949 ssh2 ...	2019-08-03 11:56:54
159.89.182.139	attackspam	Attempt to access prohibited URL /wp-login.php	2019-08-03 11:49:14
140.143.230.161	attackbots	Aug 2 22:11:10 lnxmysql61 sshd[4804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.230.161	2019-08-03 11:25:58
106.52.230.77	attackspam	Aug 3 00:45:32 dedicated sshd[12903]: Invalid user cmsftp from 106.52.230.77 port 35658	2019-08-03 11:14:57
171.80.208.130	attack	2019-08-02T21:19:06.374845mail01 postfix/smtpd[2563]: warning: unknown[171.80.208.130]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-08-02T21:19:25.412493mail01 postfix/smtpd[1051]: warning: unknown[171.80.208.130]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-08-02T21:19:39.140356mail01 postfix/smtpd[2563]: warning: unknown[171.80.208.130]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-08-03 11:23:26
87.237.235.37	attackbots	Aug 3 02:45:48 web1 sshd\[20110\]: Invalid user gowclan from 87.237.235.37 Aug 3 02:45:48 web1 sshd\[20110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.237.235.37 Aug 3 02:45:50 web1 sshd\[20110\]: Failed password for invalid user gowclan from 87.237.235.37 port 55536 ssh2 Aug 3 02:50:53 web1 sshd\[20362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.237.235.37 user=root Aug 3 02:50:54 web1 sshd\[20362\]: Failed password for root from 87.237.235.37 port 46776 ssh2	2019-08-03 11:32:42
125.161.137.183	attack	Aug 3 04:31:31 debian sshd\[5868\]: Invalid user fileshare from 125.161.137.183 port 22850 Aug 3 04:31:31 debian sshd\[5868\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.161.137.183 ...	2019-08-03 11:45:41
124.65.152.14	attackspam	Aug 3 06:29:37 server sshd\[1238\]: Invalid user bitbucket123 from 124.65.152.14 port 34904 Aug 3 06:29:37 server sshd\[1238\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.65.152.14 Aug 3 06:29:39 server sshd\[1238\]: Failed password for invalid user bitbucket123 from 124.65.152.14 port 34904 ssh2 Aug 3 06:34:35 server sshd\[22996\]: Invalid user markh from 124.65.152.14 port 58575 Aug 3 06:34:35 server sshd\[22996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.65.152.14	2019-08-03 11:38:25
117.119.84.34	attackspambots	Aug 2 22:52:38 [host] sshd[23613]: Invalid user yp from 117.119.84.34 Aug 2 22:52:38 [host] sshd[23613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.119.84.34 Aug 2 22:52:40 [host] sshd[23613]: Failed password for invalid user yp from 117.119.84.34 port 37502 ssh2	2019-08-03 11:28:47
49.205.223.223	attack	445/tcp [2019-08-02]1pkt	2019-08-03 11:45:02
93.152.159.11	attackbotsspam	Aug 2 14:08:17 *** sshd[6096]: Failed password for invalid user prashant from 93.152.159.11 port 59632 ssh2	2019-08-03 11:32:23
200.181.214.208	attack	5431/tcp [2019-08-02]1pkt	2019-08-03 11:16:26
85.198.111.6	attackspambots	[portscan] Port scan	2019-08-03 11:56:29
191.53.57.49	attack	Aug 2 14:18:46 mailman postfix/smtpd[32014]: warning: unknown[191.53.57.49]: SASL PLAIN authentication failed: authentication failure	2019-08-03 11:50:28
106.12.36.21	attackbots	Aug 3 01:55:42 dedicated sshd[21849]: Invalid user ela from 106.12.36.21 port 36078	2019-08-03 11:40:03

Recently Reported IPs

96.175.1.12	124.49.38.108	185.218.251.223	63.177.122.189
160.52.226.199	90.27.222.111	87.105.207.185	166.57.174.73
142.99.130.205	50.187.146.192	74.125.209.3	201.143.0.108
174.171.211.119	199.108.24.173	75.66.199.237	45.120.160.138
104.186.105.147	200.205.91.138	177.41.252.87	123.21.140.145