72.52.145.22 - IPInfo

Basic Info

City: Lansing

Region: Michigan

Country: United States

Internet Service Provider: Liquid Web L.L.C

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	fail2ban	2020-04-02 16:49:31
attackbotsspam	Nov 11 22:41:07 hosting sshd[15110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22 user=root Nov 11 22:41:09 hosting sshd[15110]: Failed password for root from 72.52.145.22 port 48746 ssh2 ...	2019-11-12 03:53:12
attackbots	Nov 8 17:16:06 vps647732 sshd[32323]: Failed password for root from 72.52.145.22 port 44186 ssh2 ...	2019-11-09 00:29:30
attackbotsspam	Nov 3 20:02:16 v22019058497090703 sshd[23815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22 Nov 3 20:02:18 v22019058497090703 sshd[23815]: Failed password for invalid user frond from 72.52.145.22 port 55046 ssh2 Nov 3 20:06:01 v22019058497090703 sshd[24077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.52.145.22 ...	2019-11-04 03:22:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 72.52.145.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52286
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;72.52.145.22.			IN	A

;; AUTHORITY SECTION:
.			331	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110301 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 03:22:45 CST 2019
;; MSG SIZE  rcvd: 116

Host info

22.145.52.72.in-addr.arpa domain name pointer deny.icanhasdomin.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.145.52.72.in-addr.arpa	name = deny.icanhasdomin.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.167	attack	Jun 4 20:20:06 server sshd[12985]: Failed none for root from 222.186.175.167 port 54650 ssh2 Jun 4 20:20:08 server sshd[12985]: Failed password for root from 222.186.175.167 port 54650 ssh2 Jun 4 20:20:14 server sshd[12985]: Failed password for root from 222.186.175.167 port 54650 ssh2	2020-06-05 02:31:14
92.47.31.3	attackspambots	Port scan on 1 port(s): 4899	2020-06-05 02:20:38
107.180.122.7	attackspam	Automatic report - XMLRPC Attack	2020-06-05 02:35:59
134.209.41.198	attack	Jun 4 11:56:11 ip-172-31-62-245 sshd\[23556\]: Failed password for root from 134.209.41.198 port 38914 ssh2\ Jun 4 11:57:44 ip-172-31-62-245 sshd\[23574\]: Failed password for root from 134.209.41.198 port 37776 ssh2\ Jun 4 11:59:20 ip-172-31-62-245 sshd\[23603\]: Failed password for root from 134.209.41.198 port 36276 ssh2\ Jun 4 12:00:58 ip-172-31-62-245 sshd\[23634\]: Failed password for root from 134.209.41.198 port 35138 ssh2\ Jun 4 12:02:30 ip-172-31-62-245 sshd\[23667\]: Failed password for root from 134.209.41.198 port 33648 ssh2\	2020-06-05 02:34:12
14.253.191.89	attackbots	1591272138 - 06/04/2020 14:02:18 Host: 14.253.191.89/14.253.191.89 Port: 445 TCP Blocked	2020-06-05 02:39:16
162.144.79.223	attackbotsspam	162.144.79.223 - - [04/Jun/2020:16:43:50 +0200] "GET /wp-login.php HTTP/1.1" 200 6161 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.79.223 - - [04/Jun/2020:16:43:54 +0200] "POST /wp-login.php HTTP/1.1" 200 6346 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.144.79.223 - - [04/Jun/2020:16:43:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-05 02:08:10
36.67.106.109	attackbotsspam	2020-06-04T08:31:04.491812linuxbox-skyline sshd[135533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.67.106.109 user=root 2020-06-04T08:31:06.428493linuxbox-skyline sshd[135533]: Failed password for root from 36.67.106.109 port 60478 ssh2 ...	2020-06-05 01:59:10
36.237.203.142	attack	Jun 4 15:03:20 debian kernel: [174763.732795] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=36.237.203.142 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=47 ID=6806 PROTO=TCP SPT=29944 DPT=23 WINDOW=34102 RES=0x00 SYN URGP=0	2020-06-05 01:58:45
106.12.95.45	attackbots	prod11 ...	2020-06-05 02:24:45
60.250.164.169	attack	Jun 4 11:05:12 propaganda sshd[12244]: Connection from 60.250.164.169 port 37178 on 10.0.0.160 port 22 rdomain "" Jun 4 11:05:12 propaganda sshd[12244]: Connection closed by 60.250.164.169 port 37178 [preauth]	2020-06-05 02:07:56
46.44.201.212	attackspam	2020-06-04T18:02:06.455138shield sshd\[28421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.44.201.212 user=root 2020-06-04T18:02:08.660960shield sshd\[28421\]: Failed password for root from 46.44.201.212 port 46139 ssh2 2020-06-04T18:05:12.308957shield sshd\[29977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.44.201.212 user=root 2020-06-04T18:05:14.052566shield sshd\[29977\]: Failed password for root from 46.44.201.212 port 16289 ssh2 2020-06-04T18:08:31.762460shield sshd\[31546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.44.201.212 user=root	2020-06-05 02:16:49
182.61.105.104	attack	Jun 4 18:50:18 cloud sshd[31888]: Failed password for root from 182.61.105.104 port 52776 ssh2	2020-06-05 02:31:38
82.81.223.111	attackspam	Automatic report - Port Scan Attack	2020-06-05 02:13:04
89.234.157.254	attackbotsspam	2020-06-04T22:02:35.329846luisaranguren sshd[3845346]: Failed password for root from 89.234.157.254 port 41436 ssh2 2020-06-04T22:02:37.388101luisaranguren sshd[3845346]: Connection closed by authenticating user root 89.234.157.254 port 41436 [preauth] ...	2020-06-05 02:25:17
185.153.199.51	attackspambots	Unauthorized connection attempt detected from IP address 185.153.199.51 to port 5906	2020-06-05 02:35:37

Recently Reported IPs

56.107.64.131	117.67.11.190	89.176.146.59	96.55.165.248
45.224.105.211	45.178.1.15	65.52.141.253	125.109.109.121
109.188.134.44	85.68.22.6	3.254.34.45	108.169.158.205
60.88.119.80	110.247.78.89	70.2.255.201	185.26.99.79
128.12.156.5	61.74.224.23	123.21.86.22	14.228.77.170