IP Address: 154.59.121.146Previously Malicious
IP Address: 154.59.121.146Previously Malicious
This IP address attempted an attack on a machine in our threat sensors network
|
Role |
Attacker, Connect-Back, Scanner |
|
Services Targeted |
MSSQL MYSQL SSH |
|
Tags |
MSSQL FTP Site Command FTP Smnt Command HTTP Failed FTP Login Outgoing Connection NetBIOS SSH FTP |
|
Associated Attack Servers |
|
IP Address |
154.59.121.146 |
|
|
Domain |
- |
|
|
ISP |
Cogent Communications |
|
|
Country |
United States |
|
|
WHOIS |
Created Date |
- |
|
Updated Date |
- |
|
|
Organization |
- |
|
|
First seen in Akamai Guardicore Segmentation |
2019-03-01 |
|
Last seen in Akamai Guardicore Segmentation |
2021-10-09 |
What is Akamai Guardicore SegmentationAkamai Guardicore Segmentation is a data center and cloud security solution that protects the organization's core assets, using flexible, quickly deployed and easy to understand micro-segmentation controls. Akamai Guardicore Segmentation generates in-context security incidents, with details on attacker tools and techniques, that help IR teams prioritize incident investigation and reduce dwell time. Learn More
|
A user failed to login using FTP with the following username: guest 2 times |
Failed FTP Login |
|
A user failed to login using FTP with the following username: ufMAtLBd 2 times |
Failed FTP Login |
|
A user failed to login using FTP with the following username: guest |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uTYgqsBc |
Failed FTP Login |
|
A user failed to login using FTP with the following username: guest |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uS002Mro |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uLyBFlm1 |
Failed FTP Login |
|
A user failed to login using FTP with the following username: udAWW7cS |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uTYgqsBc |
Failed FTP Login |
|
A user failed to login using FTP with the following username: udAWW7cS |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uLyBFlm1 |
Failed FTP Login |
|
FTP SITE commands EXEC %p %p %p %p were executed |
FTP Site Command |
|
FTP SITE commands EXEC %p %p %p %p /.a were executed 20 times |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:60389 |
Outgoing Connection |
|
A user failed to login using FTP with the following username: guest |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uwfNJwx5 2 times |
Failed FTP Login |
|
A user failed to login using FTP with the following username: guest |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uS002Mro |
Failed FTP Login |
|
A user failed to login using FTP with the following username: guest 3 times |
Failed FTP Login |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:54142 |
Outgoing Connection |
|
A user failed to login using FTP with the following username: uUyT04RM |
Failed FTP Login |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:52226 |
|
|
A user failed to login using FTP with the following username: guest 2 times |
Failed FTP Login |
|
A user failed to login using FTP with the following username: uUyT04RM |
Failed FTP Login |
|
A user failed to login using FTP with the following username: guest 3 times |
Failed FTP Login |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:40589 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:54907 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:38034 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:48887, 154.59.121.146:49093, 154.59.121.146:55347 and 154.59.121.146:59871 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:60605 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:55132 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:38937, 154.59.121.146:47816 and 154.59.121.146:56912 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:47974 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:45196 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:37254 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:48808 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:35174 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:38850 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:49427 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:34200 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:54558 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:34429, 154.59.121.146:44463 and 154.59.121.146:47555 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:35214 |
Outgoing Connection |
|
FTP SITE commands CHMOD 700 QTest /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE 10000 /QTest were executed |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:33901 and 154.59.121.146:43272 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:39820 and 154.59.121.146:57448 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:37051 and 154.59.121.146:47109 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd started listening on ports: 26226 |
|
|
FTP SMNT commands with arguments /tmp were executed 7 times |
FTP Smnt Command |
|
FTP SITE commands CHMOD 700 QTest /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE 10000 /QTest were executed |
FTP Site Command |
|
FTP SITE commands CHMOD 700 QTest /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE 10000 /QTest were executed |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd started listening on ports: 54599 |
Listening |
|
FTP SITE commands CHMOD 700 QTest /QTest were executed 2 times |
FTP Site Command |
|
FTP SITE commands IDLE /QTest were executed 2 times |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:39761, 154.59.121.146:52842 and 154.59.121.146:57202 |
Outgoing Connection |
|
FTP SITE commands IDLE 10000 /QTest were executed 2 times |
FTP Site Command |
|
FTP SITE commands CHMOD 700 QTest /QTest were executed |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:40662, 154.59.121.146:42238 and 154.59.121.146:57080 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd started listening on ports: 8012 |
|
|
FTP SITE commands IDLE /QTest were executed |
FTP Site Command |
|
FTP SITE commands IDLE 10000 /QTest were executed |
FTP Site Command |
|
FTP SITE commands CHMOD 700 QTest /QTest were executed |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:39547 and 154.59.121.146:44730 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:33191 and 154.59.121.146:47663 |
Outgoing Connection |
|
FTP SITE commands IDLE /QTest were executed |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd started listening on ports: 34362 |
Listening |
|
Process /usr/local/sbin/vsftpd started listening on ports: 54679 |
|
|
FTP SITE commands IDLE 10000 /QTest were executed |
FTP Site Command |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:40946 and 154.59.121.146:46307 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:51007 and 154.59.121.146:57858 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:45685 and 154.59.121.146:55721 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd started listening on ports: 34383 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:33315 and 154.59.121.146:37771 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:43436 and 154.59.121.146:56834 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd started listening on ports: 55541 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:33252 and 154.59.121.146:50049 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:45617 and 154.59.121.146:50056 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:40030 and 154.59.121.146:47056 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:34495 and 154.59.121.146:43399 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:35158 and 154.59.121.146:49964 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:46893 and 154.59.121.146:59344 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:47581 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:48087 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:42286 and 154.59.121.146:58026 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:60781 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:43434 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:55948 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:55562 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:59696 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:48122 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:47383 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:36389 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:44303 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:53116 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:38178 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:40879 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:33648 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:54579 |
|
|
Process /usr/local/sbin/vsftpd generated outgoing network traffic to: 154.59.121.146:54495 |
Outgoing Connection |
|
Process /usr/local/sbin/vsftpd started listening on ports: 11771, 26506, 37887, 41304, 51602, 53462, 56199, 6913, 7036 and 8596 |
Listening |
|
Process /usr/local/sbin/vsftpd started listening on ports: 10338, 20179, 27008, 34002, 34068, 37552, 52898, 5303, 54153 and 8410 |
Listening |
|
Process /usr/local/sbin/vsftpd started listening on ports: 42479, 42977, 44616, 5320, 56002, 62199, 63141 and 9595 |
Listening |
|
Process /usr/local/sbin/vsftpd started listening on ports: 43242, 43878, 44808 and 61094 |
Listening |
|
Process /usr/local/sbin/vsftpd started listening on ports: 28652, 36418, 41825 and 58593 |
Listening |
|
Connection was closed due to timeout |
|
© 2023 Akamai Technologies