Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Marau

Region: Bahia

Country: Brazil

Internet Service Provider: Florestawii Telecom Servicos de Comunicacao Ltda M

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attack
Spam to target mail address hacked/leaked/bought from Kachingle
2019-10-27 12:02:08
attackspam
Oct 16 13:36:24 our-server-hostname postfix/smtpd[15335]: connect from unknown[45.172.79.232]
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct 16 13:36:29 our-server-hostname postfix/smtpd[15335]: lost connection after RCPT from unknown[45.172.79.232]
Oct 16 13:36:29 our-server-hostname postfix/smtpd[15335]: disconnect from unknown[45.172.79.232]
Oct 16 14:44:48 our-server-hostname postfix/smtpd[20452]: connect from unknown[45.172.79.232]
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct 16 14:44:58 our-server-hostname postfix/smtpd[20452]: lost connection after RCPT from unknown[45.172.79.232]
Oct 16 14:44:58 our-server-hostname postfix/smtpd[20452]: disconnect from unknown[45.172.79.232]
Oct 16 14:51:24 our-server-hostname postfix/smtpd[21800]: connect from unknown[45.172.79.232]
Oct x@x
Oct x@x
Oct x@x
Oct x@x
Oct 16 14:51:32 our-server-hostname postfix/smtpd[19088]: connect from unknown[45.172.79.232]
Oct x@x
Oct x@x
Oct x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=
2019-10-17 03:54:44
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.172.79.232
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52558
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.172.79.232.			IN	A

;; AUTHORITY SECTION:
.			430	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101601 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 17 03:54:41 CST 2019
;; MSG SIZE  rcvd: 117
Host info
Host 232.79.172.45.in-addr.arpa not found: 2(SERVFAIL)
Nslookup info:
;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 232.79.172.45.in-addr.arpa: SERVFAIL
Related IP info:
Related comments:
IP Type Details Datetime
152.136.97.217 attack
Oct  2 20:24:59 Server1 sshd[17048]: Invalid user wellington from 152.136.97.217 port 52798
Oct  2 20:24:59 Server1 sshd[17048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.97.217
Oct  2 20:25:01 Server1 sshd[17048]: Failed password for invalid user wellington from 152.136.97.217 port 52798 ssh2
Oct  2 20:25:01 Server1 sshd[17048]: Connection closed by invalid user wellington 152.136.97.217 port 52798 [preauth]
Oct  2 20:25:02 Server1 sshd[17050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.97.217  user=r.r


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=152.136.97.217
2020-10-03 06:53:06
106.37.108.162 attack
1433/tcp 1433/tcp 1433/tcp...
[2020-09-17/10-01]4pkt,1pt.(tcp)
2020-10-03 06:20:26
209.141.35.79 attackbotsspam
scans 2 times in preceeding hours on the ports (in chronological order) 11211 1900
2020-10-03 06:32:59
95.133.161.54 attackspambots
445/tcp 445/tcp 445/tcp
[2020-09-15/10-01]3pkt
2020-10-03 06:23:43
14.226.41.164 attackbots
445/tcp 445/tcp
[2020-09-18/10-01]2pkt
2020-10-03 06:17:57
45.148.121.92 attack
45.148.121.92 was recorded 5 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 11, 60
2020-10-03 06:54:22
104.248.141.235 attackspambots
104.248.141.235 - - [02/Oct/2020:19:40:21 +0200] "GET /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:19:40:23 +0200] "GET /wp-login.php HTTP/1.1" 404 878 "http://mail.tuxlinux.eu/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-10-03 06:25:08
64.227.38.229 attack
Oct  1 22:41:15 ajax sshd[27267]: Failed password for root from 64.227.38.229 port 50874 ssh2
2020-10-03 06:14:50
187.188.107.115 attackspam
Oct  3 00:45:33 pornomens sshd\[8500\]: Invalid user admin from 187.188.107.115 port 58337
Oct  3 00:45:33 pornomens sshd\[8500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.107.115
Oct  3 00:45:35 pornomens sshd\[8500\]: Failed password for invalid user admin from 187.188.107.115 port 58337 ssh2
...
2020-10-03 06:50:50
211.103.4.100 attackspam
DATE:2020-10-02 17:06:09, IP:211.103.4.100, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)
2020-10-03 06:32:40
122.155.223.59 attackspam
SSH Invalid Login
2020-10-03 06:48:46
81.18.134.18 attack
Unauthorised access (Oct  2) SRC=81.18.134.18 LEN=52 TTL=118 ID=15089 DF TCP DPT=445 WINDOW=8192 SYN
2020-10-03 06:36:03
111.230.231.196 attackspambots
Oct  2 15:37:57 corona-Z97-D3H sshd[67013]: Invalid user 83.143.220.151 from 111.230.231.196 port 57630
...
2020-10-03 06:20:02
120.236.214.164 attackbots
Found on   CINS badguys     / proto=6  .  srcport=42747  .  dstport=1433  .     (1930)
2020-10-03 06:19:41
123.30.149.76 attackbots
$f2bV_matches
2020-10-03 06:49:02

Recently Reported IPs

1.150.90.143 88.22.248.122 172.199.11.18 113.86.38.190
182.18.208.21 187.105.4.105 147.232.115.112 164.154.50.53
100.200.23.28 69.21.18.47 47.26.229.208 86.105.75.216
100.36.226.83 145.18.95.174 121.165.84.73 148.75.174.105
92.43.185.254 189.32.106.47 65.64.41.77 18.139.142.80