149.154.68.241

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: JSC ISPsystem

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Aug 18 20:15:43 ny01 sshd[2306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.154.68.241 Aug 18 20:15:44 ny01 sshd[2306]: Failed password for invalid user ftp from 149.154.68.241 port 37034 ssh2 Aug 18 20:20:02 ny01 sshd[2730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.154.68.241	2019-08-19 08:31:33

Type

Details

Datetime

attackspam

Aug 18 20:15:43 ny01 sshd[2306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.154.68.241
Aug 18 20:15:44 ny01 sshd[2306]: Failed password for invalid user ftp from 149.154.68.241 port 37034 ssh2
Aug 18 20:20:02 ny01 sshd[2730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.154.68.241

2019-08-19 08:31:33

Comments on same subnet:

IP	Type	Details	Datetime
149.154.68.146	attackspambots	SSH login attempts.	2020-09-29 04:55:36
149.154.68.146	attackspam	Sep 28 03:21:40 ip106 sshd[21228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.154.68.146 Sep 28 03:21:42 ip106 sshd[21228]: Failed password for invalid user shiny from 149.154.68.146 port 39444 ssh2 ...	2020-09-28 21:13:50
149.154.68.146	attack	Sep 28 03:21:40 ip106 sshd[21228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.154.68.146 Sep 28 03:21:42 ip106 sshd[21228]: Failed password for invalid user shiny from 149.154.68.146 port 39444 ssh2 ...	2020-09-28 13:19:26
149.154.68.20	attackbotsspam	Sep 4 20:05:54 lcprod sshd\[14701\]: Invalid user ts from 149.154.68.20 Sep 4 20:05:54 lcprod sshd\[14701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=jc10102016.fvds.ru Sep 4 20:05:55 lcprod sshd\[14701\]: Failed password for invalid user ts from 149.154.68.20 port 59672 ssh2 Sep 4 20:10:37 lcprod sshd\[15209\]: Invalid user gmodserver from 149.154.68.20 Sep 4 20:10:37 lcprod sshd\[15209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=jc10102016.fvds.ru	2019-09-05 14:28:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 149.154.68.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46359
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;149.154.68.241.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 19 08:31:28 CST 2019
;; MSG SIZE  rcvd: 118

Host info

241.68.154.149.in-addr.arpa domain name pointer server1.kt-kt.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
241.68.154.149.in-addr.arpa	name = server1.kt-kt.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.204.224.217	attack	114.204.224.217 was recorded 5 times by 2 hosts attempting to connect to the following ports: 83,81,9200. Incident counter (4h, 24h, all-time): 5, 11, 60	2019-11-17 04:42:28
213.6.33.110	attackspambots	A spam email was sent from this SMTP server. This kind of spam emails had the following features.: - They attempted to camouflage the SMTP server with a KDDI's legitimate server. - The domain of URLs in the messages was best-self.info (103.212.223.59).	2019-11-17 04:55:46
116.228.53.227	attackbots	Nov 16 15:42:20 pornomens sshd\[6453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.53.227 user=root Nov 16 15:42:22 pornomens sshd\[6453\]: Failed password for root from 116.228.53.227 port 40250 ssh2 Nov 16 15:45:51 pornomens sshd\[6496\]: Invalid user yecenia from 116.228.53.227 port 47546 Nov 16 15:45:51 pornomens sshd\[6496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.228.53.227 ...	2019-11-17 05:08:43
104.244.72.73	attackspambots	2019-11-16T14:42:06.395587ns547587 sshd\[25593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.72.73 user=root 2019-11-16T14:42:08.711565ns547587 sshd\[25593\]: Failed password for root from 104.244.72.73 port 56964 ssh2 2019-11-16T14:42:09.636998ns547587 sshd\[25673\]: Invalid user admin from 104.244.72.73 port 32950 2019-11-16T14:42:09.642531ns547587 sshd\[25673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.72.73 ...	2019-11-17 04:56:24
115.68.220.10	attack	v+ssh-bruteforce	2019-11-17 04:49:30
101.110.45.156	attackspambots	Automatic report - Banned IP Access	2019-11-17 04:36:23
183.82.121.34	attackspam	Nov 16 07:35:04 hanapaa sshd\[18023\]: Invalid user wwwrun from 183.82.121.34 Nov 16 07:35:04 hanapaa sshd\[18023\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34 Nov 16 07:35:06 hanapaa sshd\[18023\]: Failed password for invalid user wwwrun from 183.82.121.34 port 59916 ssh2 Nov 16 07:39:32 hanapaa sshd\[18522\]: Invalid user hastad from 183.82.121.34 Nov 16 07:39:32 hanapaa sshd\[18522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.121.34	2019-11-17 04:54:42
124.105.196.135	attackspam	Unauthorized connection attempt from IP address 124.105.196.135 on Port 445(SMB)	2019-11-17 05:00:50
190.145.177.2	attackbotsspam	Unauthorized connection attempt from IP address 190.145.177.2 on Port 445(SMB)	2019-11-17 04:47:36
175.194.49.45	attack	Connection by 175.194.49.45 on port: 23 got caught by honeypot at 11/16/2019 1:46:21 PM	2019-11-17 04:46:20
51.79.129.253	attackspambots	Nov 16 11:46:00 ws22vmsma01 sshd[79038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.129.253 Nov 16 11:46:02 ws22vmsma01 sshd[79038]: Failed password for invalid user ftpuser from 51.79.129.253 port 55880 ssh2 ...	2019-11-17 05:00:10
116.103.140.228	attackspambots	Unauthorized connection attempt from IP address 116.103.140.228 on Port 445(SMB)	2019-11-17 04:50:13
45.117.30.26	attackspambots	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-11-17 05:02:42
118.24.40.136	attack	Invalid user info from 118.24.40.136 port 47454	2019-11-17 04:53:06
180.250.248.170	attackspam	Tried sshing with brute force.	2019-11-17 04:55:14

Recently Reported IPs

186.233.62.2	185.162.235.169	179.127.178.24	179.108.244.147
177.154.235.165	177.130.160.226	177.129.205.85	177.67.163.35
177.8.155.205	143.255.194.20	138.219.220.94	138.0.255.64
117.86.77.220	78.11.91.17	201.48.220.99	200.33.88.88
93.53.110.149	143.24.77.219	200.23.234.93	180.216.98.191