212.70.149.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Kingdom of Great Britain and Northern Ireland

运营商(isp): Global Communication Net Plc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Oct 14 01:52:52 relay postfix/smtpd\[25669\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:53:17 relay postfix/smtpd\[21341\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:53:42 relay postfix/smtpd\[21341\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:54:07 relay postfix/smtpd\[25312\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:54:32 relay postfix/smtpd\[25312\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-14 07:56:35
attackbots	Oct 13 15:48:52 relay postfix/smtpd\[25889\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:49:17 relay postfix/smtpd\[32223\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:49:42 relay postfix/smtpd\[404\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:50:07 relay postfix/smtpd\[25889\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 15:50:32 relay postfix/smtpd\[27643\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 21:52:30
attackbotsspam	Oct 13 07:05:52 relay postfix/smtpd\[29742\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:06:17 relay postfix/smtpd\[28363\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:06:42 relay postfix/smtpd\[28832\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:07:07 relay postfix/smtpd\[28831\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:07:33 relay postfix/smtpd\[28365\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 13:17:55
attackbotsspam	Oct 12 23:59:36 baraca dovecot: auth-worker(20873): passwd(nkuya@net.ua,212.70.149.52): unknown user Oct 13 00:00:26 baraca dovecot: auth-worker(20873): passwd(nloman@net.ua,212.70.149.52): unknown user Oct 13 01:00:48 baraca dovecot: auth-worker(25104): passwd(ntp@uscompall.com@net.ua,212.70.149.52): unknown user Oct 13 01:01:14 baraca dovecot: auth-worker(25104): passwd(ntunay@net.ua,212.70.149.52): unknown user Oct 13 01:01:38 baraca dovecot: auth-worker(25104): passwd(nu@net.ua,212.70.149.52): unknown user Oct 13 01:02:04 baraca dovecot: auth-worker(25104): passwd(nub@net.ua,212.70.149.52): unknown user ...	2020-10-13 06:03:46
attack	Oct 12 18:11:59 srv01 postfix/smtpd\[30039\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 18:12:01 srv01 postfix/smtpd\[26240\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 18:12:05 srv01 postfix/smtpd\[630\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 18:12:07 srv01 postfix/smtpd\[652\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 18:12:24 srv01 postfix/smtpd\[30039\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 00:14:23
attackspam	Oct 12 09:34:31 galaxy event: galaxy/lswi: smtp: magnos@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 12 09:34:57 galaxy event: galaxy/lswi: smtp: magnum@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 12 09:35:22 galaxy event: galaxy/lswi: smtp: magnus@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 12 09:35:47 galaxy event: galaxy/lswi: smtp: magomos@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 12 09:36:12 galaxy event: galaxy/lswi: smtp: magretc@uni-potsdam.de [212.70.149.52] authentication failure using internet password ...	2020-10-12 15:36:57
attackspam	Oct 11 23:44:19 mail postfix/smtpd\[9037\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 12 00:14:28 mail postfix/smtpd\[10009\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 12 00:14:52 mail postfix/smtpd\[9719\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 12 00:15:17 mail postfix/smtpd\[9719\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-12 06:16:41
attack	Oct 11 08:14:38 relay postfix/smtpd\[18366\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 08:15:02 relay postfix/smtpd\[17177\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: VXNlcm5hbWU6 Oct 11 08:15:29 relay postfix/smtpd\[21070\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 08:15:54 relay postfix/smtpd\[18366\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 08:16:19 relay postfix/smtpd\[19339\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-11 14:22:29
attack	Oct 11 01:37:04 cho postfix/smtpd[399362]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 01:37:29 cho postfix/smtpd[399154]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 01:37:55 cho postfix/smtpd[399362]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 01:38:20 cho postfix/smtpd[398781]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 01:38:46 cho postfix/smtpd[398781]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-11 07:46:06
attackbots	Oct 10 16:11:52 srv01 postfix/smtpd\[1854\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 16:11:54 srv01 postfix/smtpd\[31394\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 16:11:58 srv01 postfix/smtpd\[2166\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 16:12:00 srv01 postfix/smtpd\[2173\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 16:12:17 srv01 postfix/smtpd\[2185\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-10 22:17:56
attack	Oct 10 07:41:39 mail postfix/smtpd\[21467\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:11:53 mail postfix/smtpd\[22564\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:12:19 mail postfix/smtpd\[22440\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 10 08:12:44 mail postfix/smtpd\[22566\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-10-10 14:11:37
attack	Oct 9 22:27:03 v32401 postfix/smtpd\[791\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: authentication failure Oct 9 22:27:17 v32401 postfix/smtpd\[1139\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: authentication failure ...	2020-10-10 04:29:22
attackbotsspam	Oct 9 14:23:36 baraca dovecot: auth-worker(89273): passwd(apanteles@net.ua,212.70.149.52): unknown user Oct 9 14:24:02 baraca dovecot: auth-worker(89273): passwd(apantesis@net.ua,212.70.149.52): unknown user Oct 9 14:24:27 baraca dovecot: auth-worker(89273): passwd(apaone@net.ua,212.70.149.52): unknown user Oct 9 14:24:53 baraca dovecot: auth-worker(89273): passwd(aparada@net.ua,212.70.149.52): unknown user Oct 9 15:25:26 baraca dovecot: auth-worker(97404): passwd(aptproxy@net.ua,212.70.149.52): unknown user Oct 9 15:25:52 baraca dovecot: auth-worker(97404): passwd(apulian@net.ua,212.70.149.52): unknown user ...	2020-10-09 20:27:03
attackbotsspam	Oct 9 06:10:54 galaxy event: galaxy/lswi: smtp: alhagi@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 9 06:11:19 galaxy event: galaxy/lswi: smtp: alhambresque@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 9 06:11:45 galaxy event: galaxy/lswi: smtp: ali@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 9 06:12:10 galaxy event: galaxy/lswi: smtp: ali@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 9 06:12:35 galaxy event: galaxy/lswi: smtp: aliakcay@uni-potsdam.de [212.70.149.52] authentication failure using internet password ...	2020-10-09 12:14:19
attack	Oct 8 20:36:39 srv01 postfix/smtpd\[27459\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 20:36:41 srv01 postfix/smtpd\[3802\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 20:36:45 srv01 postfix/smtpd\[3242\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 20:36:47 srv01 postfix/smtpd\[6060\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 8 20:37:04 srv01 postfix/smtpd\[6060\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-09 02:38:58
attackspambots	Oct 7 14:16:50 srv01 postfix/smtpd\[31341\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 14:16:53 srv01 postfix/smtpd\[29602\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 14:16:57 srv01 postfix/smtpd\[22435\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 14:16:59 srv01 postfix/smtpd\[27691\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 14:17:16 srv01 postfix/smtpd\[31341\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-07 20:22:22
attackspambots	Oct 7 06:03:41 cho postfix/smtpd[148349]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 06:04:02 cho postfix/smtpd[148249]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 06:04:31 cho postfix/smtpd[148349]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 06:04:52 cho postfix/smtpd[148249]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 7 06:05:20 cho postfix/smtpd[148349]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-07 12:05:59
attackbots	$f2bV_matches	2020-10-07 04:20:15
attackbots	Oct 6 14:13:07 v22019058497090703 postfix/smtpd[30095]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 14:13:33 v22019058497090703 postfix/smtpd[30095]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 14:14:04 v22019058497090703 postfix/smtpd[30095]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-06 20:24:17
attack	2020-10-06 07:02:22 dovecot_login authenticator failed for $User$ \[212.70.149.52\]: 535 Incorrect authentication data $set_id=maude@org.ua$2020-10-06 07:02:48 dovecot_login authenticator failed for $User$ \[212.70.149.52\]: 535 Incorrect authentication data $set_id=jenifer@org.ua$2020-10-06 07:03:13 dovecot_login authenticator failed for $User$ \[212.70.149.52\]: 535 Incorrect authentication data $set_id=therese@org.ua$ ...	2020-10-06 12:03:31
attackbots	Oct 6 00:40:20 srv01 postfix/smtpd\[6813\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 00:40:27 srv01 postfix/smtpd\[17215\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 00:40:28 srv01 postfix/smtpd\[17220\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 00:40:29 srv01 postfix/smtpd\[17015\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 6 00:40:47 srv01 postfix/smtpd\[17181\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-06 06:44:20
attack	Rude login attack (2456 tries in 1d)	2020-10-05 22:53:25
attackspam	Oct 4 23:20:36 cho postfix/smtpd[9850]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:21:01 cho postfix/smtpd[9850]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:21:27 cho postfix/smtpd[9897]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:21:53 cho postfix/smtpd[9897]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 23:22:18 cho postfix/smtpd[9850]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-05 05:25:24
attack	Oct 4 14:04:21 srv01 postfix/smtpd\[31255\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:04:23 srv01 postfix/smtpd\[31267\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:04:28 srv01 postfix/smtpd\[32304\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:04:30 srv01 postfix/smtpd\[32306\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:04:47 srv01 postfix/smtpd\[31255\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-04 21:19:57
attackspam	Oct 4 06:55:59 cho postfix/smtpd[4169103]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 06:56:24 cho postfix/smtpd[4168489]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 06:56:49 cho postfix/smtpd[4168489]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 06:57:15 cho postfix/smtpd[4169103]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 06:57:40 cho postfix/smtpd[4168489]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-04 13:06:32
attackspam	abuse-sasl	2020-10-03 03:49:50
attack	abuse-sasl	2020-10-03 02:36:42
attack	2971 times SMTP brute-force	2020-10-02 23:08:23
attack	Oct 2 13:35:47 galaxy event: galaxy/lswi: smtp: agenda@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 2 13:36:12 galaxy event: galaxy/lswi: smtp: dbs@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 2 13:36:38 galaxy event: galaxy/lswi: smtp: lic@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 2 13:37:03 galaxy event: galaxy/lswi: smtp: spaces@uni-potsdam.de [212.70.149.52] authentication failure using internet password Oct 2 13:37:28 galaxy event: galaxy/lswi: smtp: ntp1@uni-potsdam.de [212.70.149.52] authentication failure using internet password ...	2020-10-02 19:39:14
attackspam	Oct 2 10:07:25 srv01 postfix/smtpd\[31579\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 10:07:27 srv01 postfix/smtpd\[31879\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 10:07:31 srv01 postfix/smtpd\[31886\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 10:07:32 srv01 postfix/smtpd\[31894\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 10:07:50 srv01 postfix/smtpd\[31579\]: warning: unknown\[212.70.149.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-02 16:13:48

相同子网IP讨论:

IP	类型	评论内容	时间
212.70.149.134	attack	Hack	2024-03-01 15:04:53
212.70.149.72	bots	Apr 21 11:17:27 mail dovecot: auth: passwd-file(tata@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:17:29 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:18:31 mail postfix/smtps/smtpd[1933]: connect from unknown[212.70.149.72] Apr 21 11:18:41 mail postfix/smtps/smtpd[1933]: Anonymous TLS connection established from unknown[212.70.149.72]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 21 11:19:09 mail dovecot: auth: passwd-file(cent@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:19:11 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection rate 1/60s for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection count 1 for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max cache size 1 at Apr 21 11:13:35	2022-04-21 11:27:10
212.70.149.72	bots	Apr 21 11:17:27 mail dovecot: auth: passwd-file(tata@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:17:29 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:17:34 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:18:31 mail postfix/smtps/smtpd[1933]: connect from unknown[212.70.149.72] Apr 21 11:18:41 mail postfix/smtps/smtpd[1933]: Anonymous TLS connection established from unknown[212.70.149.72]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 21 11:19:09 mail dovecot: auth: passwd-file(cent@example.com,212.70.149.72): unknown user (SHA1 of given password: b3aca9) Apr 21 11:19:11 mail postfix/smtps/smtpd[1933]: warning: unknown[212.70.149.72]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: lost connection after AUTH from unknown[212.70.149.72] Apr 21 11:19:16 mail postfix/smtps/smtpd[1933]: disconnect from unknown[212.70.149.72] ehlo=1 auth=0/1 rset=1 commands=2/3 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection rate 1/60s for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max connection count 1 for (smtps:212.70.149.72) at Apr 21 11:13:35 Apr 21 11:22:36 mail postfix/anvil[1450]: statistics: max cache size 1 at Apr 21 11:13:35	2022-04-21 11:26:44
212.70.149.71	spamattack	Mail server attack SMTP	2021-10-15 09:16:21
212.70.149.36	attackspambots	Oct 14 00:55:16 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:55:33 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:55:50 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:56:07 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure Oct 14 00:56:23 blackbee postfix/smtpd[20435]: warning: unknown[212.70.149.36]: SASL LOGIN authentication failed: authentication failure ...	2020-10-14 08:10:57
212.70.149.20	attackbots	Oct 14 01:44:02 srv01 postfix/smtpd\[2787\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:04 srv01 postfix/smtpd\[2842\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:08 srv01 postfix/smtpd\[5647\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:09 srv01 postfix/smtpd\[5656\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 14 01:44:27 srv01 postfix/smtpd\[2842\]: warning: unknown\[212.70.149.20\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-14 07:49:33
212.70.149.83	attackspambots	2020-10-14T01:21:46.638543mail1 postfix/smtpd[4846]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: authentication failure 2020-10-14T01:22:11.387046mail1 postfix/smtpd[4846]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: authentication failure 2020-10-14T01:22:37.112335mail1 postfix/smtpd[4846]: warning: unknown[212.70.149.83]: SASL LOGIN authentication failed: authentication failure ...	2020-10-14 07:28:06
212.70.149.68	attack	2020-10-14 02:02:28 dovecot_login authenticator failed for $User$ \[212.70.149.68\]: 535 Incorrect authentication data $set_id=lupus@ift.org.ua$2020-10-14 02:04:21 dovecot_login authenticator failed for $User$ \[212.70.149.68\]: 535 Incorrect authentication data $set_id=lulu@ift.org.ua$2020-10-14 02:06:14 dovecot_login authenticator failed for $User$ \[212.70.149.68\]: 535 Incorrect authentication data $set_id=lst@ift.org.ua$ ...	2020-10-14 07:08:31
212.70.149.20	attack	Oct 13 21:14:01 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:14:30 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:14:55 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:15:24 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 21:15:54 websrv1.derweidener.de postfix/smtpd[977082]: warning: unknown[212.70.149.20]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-14 04:12:34
212.70.149.68	attackbotsspam	2020-10-13T17:33:20.606164mail1 postfix/smtps/smtpd[32542]: warning: unknown[212.70.149.68]: SASL LOGIN authentication failed: authentication failure 2020-10-13T17:35:16.903893mail1 postfix/smtps/smtpd[32542]: warning: unknown[212.70.149.68]: SASL LOGIN authentication failed: authentication failure 2020-10-13T17:37:13.305145mail1 postfix/smtps/smtpd[32542]: warning: unknown[212.70.149.68]: SASL LOGIN authentication failed: authentication failure ...	2020-10-13 23:44:00
212.70.149.20	attack	SASL PLAIN auth failed: ruser=...	2020-10-13 19:36:11
212.70.149.68	attackbotsspam	Oct 13 08:55:46 mx postfix/smtps/smtpd\[14650\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 08:55:51 mx postfix/smtps/smtpd\[14650\]: lost connection after AUTH from unknown\[212.70.149.68\] Oct 13 08:57:39 mx postfix/smtps/smtpd\[14650\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 08:57:44 mx postfix/smtps/smtpd\[14650\]: lost connection after AUTH from unknown\[212.70.149.68\] Oct 13 08:59:31 mx postfix/smtps/smtpd\[14650\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 14:59:48
212.70.149.83	attackspambots	Oct 13 07:33:41 srv01 postfix/smtpd\[7058\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:33:43 srv01 postfix/smtpd\[11219\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:33:47 srv01 postfix/smtpd\[13493\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:33:49 srv01 postfix/smtpd\[13498\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 07:34:06 srv01 postfix/smtpd\[11219\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 13:47:04
212.70.149.68	attackbotsspam	Oct 13 01:20:35 mx postfix/smtps/smtpd\[4703\]: lost connection after AUTH from unknown\[212.70.149.68\] Oct 13 01:22:23 mx postfix/smtps/smtpd\[4703\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 01:22:28 mx postfix/smtps/smtpd\[4703\]: lost connection after AUTH from unknown\[212.70.149.68\] Oct 13 01:24:15 mx postfix/smtps/smtpd\[4703\]: warning: unknown\[212.70.149.68\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 13 01:24:20 mx postfix/smtps/smtpd\[4703\]: lost connection after AUTH from unknown\[212.70.149.68\] ...	2020-10-13 07:38:41
212.70.149.83	attack	Rude login attack (3196 tries in 1d)	2020-10-13 06:30:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.70.149.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49150
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.70.149.52.			IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081801 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 19 05:15:26 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 52.149.70.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 52.149.70.212.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
140.143.140.242	attackbotsspam	k+ssh-bruteforce	2020-04-16 07:37:32
202.79.168.240	attackspam	Unauthorized SSH login attempts	2020-04-16 07:43:56
52.232.199.165	attackspambots	Brute forcing email accounts	2020-04-16 07:59:31
119.97.184.220	attackspambots	Apr 15 19:45:24 * sshd[14191]: Invalid user sahil from 119.97.184.220 Apr 15 19:45:24 * sshd[14191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.97.184.220 Apr 15 19:45:25 * sshd[14191]: Failed password for invalid user sahil from 119.97.184.220 port 36828 ssh2 Apr 15 19:45:25 * sshd[14191]: Received disconnect from 119.97.184.220: 11: Bye Bye [preauth] Apr 15 19:56:01 * sshd[15705]: Invalid user kernoops from 119.97.184.220 Apr 15 19:56:01 * sshd[15705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.97.184.220 Apr 15 19:56:03 * sshd[15705]: Failed password for invalid user kernoops from 119.97.184.220 port 45792 ssh2 Apr 15 19:56:04 * sshd[15705]: Received disconnect from 119.97.184.220: 11: Bye Bye [preauth] Apr 15 19:58:58 * sshd[15830]: Connection closed by 119.97.184.220 [preauth] Apr 15 20:00:18 * sshd[16509]: Invalid user azureuser from 119.97.184.2........ -------------------------------	2020-04-16 07:34:43
162.243.132.5	attack	Port Scan: Events[2] countPorts[2]: 8081 21 ..	2020-04-16 07:39:29
181.48.155.149	attackspam	Invalid user ubuntu from 181.48.155.149 port 42356	2020-04-16 07:45:39
111.229.199.67	attack	Apr 16 00:39:25 santamaria sshd\[31613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 user=root Apr 16 00:39:27 santamaria sshd\[31613\]: Failed password for root from 111.229.199.67 port 38646 ssh2 Apr 16 00:44:22 santamaria sshd\[31684\]: Invalid user user from 111.229.199.67 Apr 16 00:44:22 santamaria sshd\[31684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 ...	2020-04-16 07:41:30
184.105.247.234	attackspam	Port Scan: Events[1] countPorts[1]: 50070 ..	2020-04-16 07:34:10
45.95.168.133	attack	Apr 15 20:44:54 game-panel sshd[9247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.95.168.133 Apr 15 20:44:56 game-panel sshd[9247]: Failed password for invalid user 167.71.220.59 from 45.95.168.133 port 33332 ssh2 Apr 15 20:51:14 game-panel sshd[9607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.95.168.133	2020-04-16 07:42:08
87.251.74.250	attackspambots	Multiport scan : 35 ports scanned 60 123 300 303 404 443 444 500 505 909 999 1010 1234 2002 3333 3344 3385 3386 3390 3399 4321 5566 6060 6655 6677 7000 17000 23000 33383 33389 33398 33899 40000 60000 63389	2020-04-16 07:45:51
49.234.43.39	attack	Invalid user louis from 49.234.43.39 port 39694	2020-04-16 07:53:32
185.153.196.230	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-04-16 07:56:23
110.185.104.126	attack	SASL PLAIN auth failed: ruser=...	2020-04-16 08:01:37
162.243.132.42	attackbotsspam	Brute force attack stopped by firewall	2020-04-16 07:49:58
162.243.131.54	attackbots	Unauthorized connection attempt detected from IP address 162.243.131.54 to port 5007	2020-04-16 08:14:11

最近上报的IP列表

181.203.52.249	24.172.15.26	223.205.38.49	222.186.10.217
125.238.235.135	219.76.182.62	218.104.190.106	124.6.130.174
202.62.59.28	201.1.204.77	200.84.21.138	199.231.87.70
210.122.64.246	190.80.194.37	190.206.70.43	129.171.145.187
189.51.75.86	186.95.45.165	151.84.83.145	47.34.131.34