City: unknown
Region: unknown
Country: Finland
Internet Service Provider: Oy Creanova Hosting Solutions Ltd.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | 194.34.134.207 was recorded 9 times by 8 hosts attempting to connect to the following ports: 53413. Incident counter (4h, 24h, all-time): 9, 27, 291 |
2020-03-04 18:56:17 |
| attackspam | 28.02.2020 13:37:05 Connection to port 53413 blocked by firewall |
2020-02-29 04:20:11 |
| attack | port |
2020-02-16 00:19:29 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 194.34.134.9 | attackbots | Port Scan ... |
2020-08-04 15:42:19 |
| 194.34.134.251 | attack | Jul 16 11:31:35 XXX sshd[2951]: Did not receive identification string from 194.34.134.251 Jul 16 11:31:39 XXX sshd[2952]: reveeclipse mapping checking getaddrinfo for host-194-34-134-251.creanova.org [194.34.134.251] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 16 11:31:39 XXX sshd[2952]: User r.r from 194.34.134.251 not allowed because none of user's groups are listed in AllowGroups Jul 16 11:31:39 XXX sshd[2952]: Received disconnect from 194.34.134.251: 11: Normal Shutdown, Thank you for playing [preauth] Jul 16 11:31:49 XXX sshd[3108]: reveeclipse mapping checking getaddrinfo for host-194-34-134-251.creanova.org [194.34.134.251] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 16 11:31:49 XXX sshd[3108]: Invalid user oracle from 194.34.134.251 Jul 16 11:31:49 XXX sshd[3108]: Received disconnect from 194.34.134.251: 11: Normal Shutdown, Thank you for playing [preauth] Jul 16 11:32:00 XXX sshd[3112]: reveeclipse mapping checking getaddrinfo for host-194-34-134-251.creanova.org [194......... ------------------------------- |
2020-07-17 08:04:37 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.34.134.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38700
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.34.134.207. IN A
;; AUTHORITY SECTION:
. 419 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020021500 1800 900 604800 86400
;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 16 00:19:24 CST 2020
;; MSG SIZE rcvd: 118207.134.34.194.in-addr.arpa domain name pointer host-194-34-134-207.creanova.org.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
207.134.34.194.in-addr.arpa name = host-194-34-134-207.creanova.org.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.134.179.243 | attackspambots | ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 3391 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:52:25 |
| 80.82.65.74 | attackbots | ET CINS Active Threat Intelligence Poor Reputation IP group 76 - port: 23 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:29:38 |
| 194.26.29.148 | attack | SmallBizIT.US 8 packets to tcp(37053,37165,37358,37566,37758,37764,37803,37928) |
2020-08-11 07:21:56 |
| 93.174.89.55 | attackspambots | Unauthorized connection attempt detected from IP address 93.174.89.55 to port 4202 [T] |
2020-08-11 07:24:58 |
| 51.161.12.231 | attackspambots | Fail2Ban Ban Triggered |
2020-08-11 07:19:44 |
| 60.191.125.35 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 57 - port: 8908 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:18:43 |
| 66.240.205.34 | attackbots | 4157/tcp 60129/tcp 9633/tcp... [2020-06-10/08-10]344pkt,28pt.(tcp),1pt.(udp) |
2020-08-11 07:51:31 |
| 45.129.33.143 | attackbotsspam | ET DROP Dshield Block Listed Source group 1 - port: 64821 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:35:53 |
| 58.141.232.44 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 42 - port: 23 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:51:57 |
| 85.209.0.251 | attackspam | Aug 11 02:06:28 server2 sshd\[13395\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:28 server2 sshd\[13399\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13402\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13401\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13406\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13405\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers |
2020-08-11 07:27:38 |
| 194.26.29.103 | attackspam | ET DROP Dshield Block Listed Source group 1 - port: 38217 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:42:38 |
| 194.26.25.109 | attack | SmallBizIT.US 6 packets to tcp(37011,37222,37373,37382,37411,37934) |
2020-08-11 07:22:57 |
| 89.248.168.220 | attack | " " |
2020-08-11 07:48:58 |
| 45.129.33.154 | attackbotsspam | ET DROP Dshield Block Listed Source group 1 - port: 7636 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-11 07:34:37 |
| 87.251.73.231 | attackspam | Multiport scan : 13 ports scanned 20 200 606 909 2211 3393 3395 4000 6060 7000 10000 15000 19000 |
2020-08-11 07:27:08 |