72.52.145.22 - IPInfo

Basic Info

City: Lansing

Region: Michigan

Country: United States

Internet Service Provider: Liquid Web L.L.C

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	fail2ban	2020-04-02 16:49:31
attackbotsspam	Nov 11 22:41:07 hosting sshd[15110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22 user=root Nov 11 22:41:09 hosting sshd[15110]: Failed password for root from 72.52.145.22 port 48746 ssh2 ...	2019-11-12 03:53:12
attackbots	Nov 8 17:16:06 vps647732 sshd[32323]: Failed password for root from 72.52.145.22 port 44186 ssh2 ...	2019-11-09 00:29:30
attackbotsspam	Nov 3 20:02:16 v22019058497090703 sshd[23815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22 Nov 3 20:02:18 v22019058497090703 sshd[23815]: Failed password for invalid user frond from 72.52.145.22 port 55046 ssh2 Nov 3 20:06:01 v22019058497090703 sshd[24077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22 ...	2019-11-04 03:22:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 72.52.145.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52286
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;72.52.145.22.			IN	A

;; AUTHORITY SECTION:
.			331	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110301 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 03:22:45 CST 2019
;; MSG SIZE  rcvd: 116

Host info

22.145.52.72.in-addr.arpa domain name pointer deny.icanhasdomin.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.145.52.72.in-addr.arpa	name = deny.icanhasdomin.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.54.17.235	attack	Feb 17 17:38:53 ns382633 sshd\[29354\]: Invalid user ionut from 106.54.17.235 port 54256 Feb 17 17:38:53 ns382633 sshd\[29354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.17.235 Feb 17 17:38:54 ns382633 sshd\[29354\]: Failed password for invalid user ionut from 106.54.17.235 port 54256 ssh2 Feb 17 17:57:13 ns382633 sshd\[420\]: Invalid user charlotte from 106.54.17.235 port 51258 Feb 17 17:57:13 ns382633 sshd\[420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.17.235	2020-02-18 01:34:41
157.230.112.34	attackbotsspam	(sshd) Failed SSH login from 157.230.112.34 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 17 15:07:11 elude sshd[25228]: Invalid user webmaster from 157.230.112.34 port 56370 Feb 17 15:07:14 elude sshd[25228]: Failed password for invalid user webmaster from 157.230.112.34 port 56370 ssh2 Feb 17 15:26:07 elude sshd[26403]: Invalid user ejin from 157.230.112.34 port 47462 Feb 17 15:26:09 elude sshd[26403]: Failed password for invalid user ejin from 157.230.112.34 port 47462 ssh2 Feb 17 15:28:55 elude sshd[26535]: Invalid user hadoop from 157.230.112.34 port 47486	2020-02-18 01:06:13
213.48.235.142	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 01:46:36
2.228.163.157	attackspambots	Feb 17 03:33:30 hpm sshd\[13193\]: Invalid user arma from 2.228.163.157 Feb 17 03:33:30 hpm sshd\[13193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it Feb 17 03:33:32 hpm sshd\[13193\]: Failed password for invalid user arma from 2.228.163.157 port 33120 ssh2 Feb 17 03:37:02 hpm sshd\[13544\]: Invalid user ftpuser from 2.228.163.157 Feb 17 03:37:02 hpm sshd\[13544\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it	2020-02-18 01:15:25
118.174.77.83	attackspam	23/tcp [2020-02-17]1pkt	2020-02-18 01:18:23
186.88.162.163	attackbotsspam	20/2/17@08:36:22: FAIL: Alarm-Network address from=186.88.162.163 ...	2020-02-18 01:46:02
213.48.232.188	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 01:49:10
97.84.211.29	attack	5500/tcp 52869/tcp [2019-12-19/2020-02-17]2pkt	2020-02-18 01:20:09
111.40.160.218	attackspam	$f2bV_matches	2020-02-18 01:31:38
114.35.119.41	attackbotsspam	23/tcp [2020-02-17]1pkt	2020-02-18 01:14:58
36.74.78.244	attackspam	445/tcp 445/tcp 445/tcp [2020-02-17]3pkt	2020-02-18 01:11:41
114.38.63.123	attackspambots	DATE:2020-02-17 14:36:51, IP:114.38.63.123, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-18 01:28:11
201.184.65.170	attackspambots	1581946620 - 02/17/2020 14:37:00 Host: 201.184.65.170/201.184.65.170 Port: 445 TCP Blocked	2020-02-18 01:18:00
5.135.198.62	attack	Feb 17 13:19:35 prox sshd[7812]: Failed password for root from 5.135.198.62 port 37857 ssh2 Feb 17 13:36:31 prox sshd[21890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.198.62	2020-02-18 01:41:19
218.92.0.173	attackbots	Feb 17 18:19:17 ns381471 sshd[6199]: Failed password for root from 218.92.0.173 port 57707 ssh2 Feb 17 18:19:31 ns381471 sshd[6199]: error: maximum authentication attempts exceeded for root from 218.92.0.173 port 57707 ssh2 [preauth]	2020-02-18 01:23:56

Recently Reported IPs

56.107.64.131	117.67.11.190	89.176.146.59	96.55.165.248
45.224.105.211	45.178.1.15	65.52.141.253	125.109.109.121
109.188.134.44	85.68.22.6	3.254.34.45	108.169.158.205
60.88.119.80	110.247.78.89	70.2.255.201	185.26.99.79
128.12.156.5	61.74.224.23	123.21.86.22	14.228.77.170