Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Lansing

Region: Michigan

Country: United States

Internet Service Provider: Liquid Web L.L.C

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspam
fail2ban
2020-04-02 16:49:31
attackbotsspam
Nov 11 22:41:07 hosting sshd[15110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22  user=root
Nov 11 22:41:09 hosting sshd[15110]: Failed password for root from 72.52.145.22 port 48746 ssh2
...
2019-11-12 03:53:12
attackbots
Nov  8 17:16:06 vps647732 sshd[32323]: Failed password for root from 72.52.145.22 port 44186 ssh2
...
2019-11-09 00:29:30
attackbotsspam
Nov  3 20:02:16 v22019058497090703 sshd[23815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22
Nov  3 20:02:18 v22019058497090703 sshd[23815]: Failed password for invalid user frond from 72.52.145.22 port 55046 ssh2
Nov  3 20:06:01 v22019058497090703 sshd[24077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22
...
2019-11-04 03:22:49
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 72.52.145.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52286
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;72.52.145.22.			IN	A

;; AUTHORITY SECTION:
.			331	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110301 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 03:22:45 CST 2019
;; MSG SIZE  rcvd: 116
Host info
22.145.52.72.in-addr.arpa domain name pointer deny.icanhasdomin.org.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.145.52.72.in-addr.arpa	name = deny.icanhasdomin.org.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
106.54.17.235 attack
Feb 17 17:38:53 ns382633 sshd\[29354\]: Invalid user ionut from 106.54.17.235 port 54256
Feb 17 17:38:53 ns382633 sshd\[29354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.17.235
Feb 17 17:38:54 ns382633 sshd\[29354\]: Failed password for invalid user ionut from 106.54.17.235 port 54256 ssh2
Feb 17 17:57:13 ns382633 sshd\[420\]: Invalid user charlotte from 106.54.17.235 port 51258
Feb 17 17:57:13 ns382633 sshd\[420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.17.235
2020-02-18 01:34:41
157.230.112.34 attackbotsspam
(sshd) Failed SSH login from 157.230.112.34 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 17 15:07:11 elude sshd[25228]: Invalid user webmaster from 157.230.112.34 port 56370
Feb 17 15:07:14 elude sshd[25228]: Failed password for invalid user webmaster from 157.230.112.34 port 56370 ssh2
Feb 17 15:26:07 elude sshd[26403]: Invalid user ejin from 157.230.112.34 port 47462
Feb 17 15:26:09 elude sshd[26403]: Failed password for invalid user ejin from 157.230.112.34 port 47462 ssh2
Feb 17 15:28:55 elude sshd[26535]: Invalid user hadoop from 157.230.112.34 port 47486
2020-02-18 01:06:13
213.48.235.142 attack
MultiHost/MultiPort Probe, Scan, Hack -
2020-02-18 01:46:36
2.228.163.157 attackspambots
Feb 17 03:33:30 hpm sshd\[13193\]: Invalid user arma from 2.228.163.157
Feb 17 03:33:30 hpm sshd\[13193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it
Feb 17 03:33:32 hpm sshd\[13193\]: Failed password for invalid user arma from 2.228.163.157 port 33120 ssh2
Feb 17 03:37:02 hpm sshd\[13544\]: Invalid user ftpuser from 2.228.163.157
Feb 17 03:37:02 hpm sshd\[13544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2-228-163-157.ip192.fastwebnet.it
2020-02-18 01:15:25
118.174.77.83 attackspam
23/tcp
[2020-02-17]1pkt
2020-02-18 01:18:23
186.88.162.163 attackbotsspam
20/2/17@08:36:22: FAIL: Alarm-Network address from=186.88.162.163
...
2020-02-18 01:46:02
213.48.232.188 attack
MultiHost/MultiPort Probe, Scan, Hack -
2020-02-18 01:49:10
97.84.211.29 attack
5500/tcp 52869/tcp
[2019-12-19/2020-02-17]2pkt
2020-02-18 01:20:09
111.40.160.218 attackspam
$f2bV_matches
2020-02-18 01:31:38
114.35.119.41 attackbotsspam
23/tcp
[2020-02-17]1pkt
2020-02-18 01:14:58
36.74.78.244 attackspam
445/tcp 445/tcp 445/tcp
[2020-02-17]3pkt
2020-02-18 01:11:41
114.38.63.123 attackspambots
DATE:2020-02-17 14:36:51, IP:114.38.63.123, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)
2020-02-18 01:28:11
201.184.65.170 attackspambots
1581946620 - 02/17/2020 14:37:00 Host: 201.184.65.170/201.184.65.170 Port: 445 TCP Blocked
2020-02-18 01:18:00
5.135.198.62 attack
Feb 17 13:19:35 prox sshd[7812]: Failed password for root from 5.135.198.62 port 37857 ssh2
Feb 17 13:36:31 prox sshd[21890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.198.62
2020-02-18 01:41:19
218.92.0.173 attackbots
Feb 17 18:19:17 ns381471 sshd[6199]: Failed password for root from 218.92.0.173 port 57707 ssh2
Feb 17 18:19:31 ns381471 sshd[6199]: error: maximum authentication attempts exceeded for root from 218.92.0.173 port 57707 ssh2 [preauth]
2020-02-18 01:23:56

Recently Reported IPs

56.107.64.131 117.67.11.190 89.176.146.59 96.55.165.248
45.224.105.211 45.178.1.15 65.52.141.253 125.109.109.121
109.188.134.44 85.68.22.6 3.254.34.45 108.169.158.205
60.88.119.80 110.247.78.89 70.2.255.201 185.26.99.79
128.12.156.5 61.74.224.23 123.21.86.22 14.228.77.170