HideMyAss.com

Monday, 14 October 2013

[Fail2Ban] SSH: banned 95.0.160.105

Hi,

The IP 95.0.160.105 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 95.0.160.105:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '95.0.160.104 - 95.0.160.111'

% Abuse contact for '95.0.160.104 - 95.0.160.111' is 'abuse@ttnet.com.tr'

inetnum: 95.0.160.104 - 95.0.160.111
netname: Nigde_Valiligi_il_Saglik_Md
descr: Yenice Mah Arapdede Sok Nigde
country: TR
admin-c: AE3217-RIPE
tech-c: AE3217-RIPE
status: ASSIGNED PA
mnt-by: AS9121-MNT
source: RIPE # Filtered

person: AliRiza Erdogan
remarks: Nigde_Valiligi_il_Saglik_Md
address: Yenice Mah Arapdede Sok Nigde
phone: +903882323500
nic-hdl: AE3217-RIPE
mnt-by: AS9121-MNT
source: RIPE # Filtered

% Information related to '95.0.128.0/17AS9121'

route: 95.0.128.0/17
descr: TurkTelecom
origin: AS9121
mnt-by: AS9121-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 82.142.159.68

Hi,

The IP 82.142.159.68 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 82.142.159.68:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.142.128.0 - 82.142.191.255'

% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'

inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered

organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 1 Kozhevnichesky proezd
address: 115114
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 7871000
fax-no: +7 495 7871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered

role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered

role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru

% Information related to '82.142.128.0/18AS8350'

route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 75.126.179.134

Hi,

The IP 75.126.179.134 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 75.126.179.134:

[Querying whois.arin.net]
[Redirected to rwhois.softlayer.com:4321]
[Querying rwhois.softlayer.com]
[rwhois.softlayer.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.75.126.160.0/19
network:Auth-Area:75.126.160.0/19
network:Network-Name:SOFTLAYER-75.126.160.0
network:IP-Network:75.126.179.128/28
network:IP-Network-Block:75.126.179.128-75.126.179.143

network:Organization;I:IBM - SmartCloud Application Services - Internal Dev
network:Street-Address:IBM Building 136, Floor 10
network:City:Montreal
network:State:QC
network:Postal-Code:00000
network:Country-Code:CA
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:denisd@ca.ibm.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2013-07-22 17:15:01
network:Updated:2013-09-20 15:03:26
network:Updated-By:ipadmin@softlayer.com

%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 216.24.199.43

Hi,

The IP 216.24.199.43 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 216.24.199.43:

[Querying whois.arin.net]
[Redirected to rwhois.psychz.net:4321]
[Querying rwhois.psychz.net]
[rwhois.psychz.net]
%rwhois V-1.0,V-1.5:00090h:00 portal.psychz.net (Ubersmith RWhois Server V-2.3.0)
%referral rwhois://rwhois.arin.net:4321/auth-area=0.0.0.0/0

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 200.107.121.50

Hi,

The IP 200.107.121.50 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 200.107.121.50:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-10-14 14:21:42 (BRT -03:00)

inetnum: 200.107.120/21
status: allocated
aut-num: N/A
owner: SERCOM de Honduras
ownerid: HN-SEHO1-LACNIC
responsible: Marco Peña
address: Av. República de Colombia, --, Edificio Aló
address: -- - Tegucigalpa - FM
country: HN
phone: +708 504 2054486 []
owner-c: MAP16
tech-c: MAP16
abuse-c: MAP16
inetrev: 200.107.120/21
nserver: NS1.TURBONETT.COM.HN
nsstat: 20131012 AA
nslastaa: 20131012
nserver: NS2.TURBONETT.COM.HN
nsstat: 20131012 AA
nslastaa: 20131012
nserver: NS3.TURBONETT.COM.HN
nsstat: 20131012 NOT SYNC ZONE
nslastaa: 20130925
nserver: NS4.TURBONETT.COM.HN
nsstat: 20131012 NOT SYNC ZONE
nslastaa: 20130925
created: 20060905
changed: 20080729

nic-hdl: MAP16
person: Joel Silva
e-mail: joel.silva@CLARO.COM.HN
address: Col. San Carlos, Ave, Colombia Edificio Claro, 1,
address: 001 - Tegucigalpa - Mo
country: HN
phone: +708 504 22054458 [4458]
created: 20070821
changed: 20130902

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 183.248.88.106

Hi,

The IP 183.248.88.106 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 183.248.88.106:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '183.192.0.0 - 183.255.255.255'

inetnum: 183.192.0.0 - 183.255.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
status: ALLOCATED PORTABLE
admin-c: LCJ-AP
tech-c: HL1318-AP
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091108
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
source: APNIC

person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 10 66006688
fax-no: +86 10 52616187
country: CN
changed: hostmaster@chinamobile.com 20110824
mnt-by: MAINT-CN-CMCC
source: APNIC

person: li changjun
address: 29 jinrong ave. xicheng district, beijing China
country: CN
phone: +86 52686688
e-mail: hostmaster@chinamobile.com
nic-hdl: lcj-ap
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20071010
source: APNIC

% Information related to '183.248.0.0/13AS9808'

route: 183.248.0.0/13
descr: China Mobile Communications Corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20120912
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 223.4.55.49

Hi,

The IP 223.4.55.49 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 223.4.55.49:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '223.4.0.0 - 223.7.255.255'

inetnum: 223.4.0.0 - 223.7.255.255
netname: ALIBABA-CN-NET
descr: Hangzhou Alibaba Advertising Co.,Ltd.
descr: No.699, Wangshang RD., Hangzhou, China
country: CN
admin-c: ZM678-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20090122
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Shuo Yu
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: shuo.yus@alibaba-inc.com
e-mail: shuo.yus@aliyun-inc.com
nic-hdl: ZM678-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110614
source: APNIC

person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: guoxin.gao@aliyun-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130705
source: APNIC

person: security trouble
e-mail: cloud-cc-sqcloud@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: ipas@cnnic.cn 20130708
source: APNIC

person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130709
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 50.197.191.93

Hi,

The IP 50.197.191.93 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 50.197.191.93:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 50.197.191.93"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=50.197.191.93?showDetails=true&showARIN=false&ext=netref2
#

Comcast Cable Communications Holdings, Inc CCCH3-4 (NET-50-128-0-0-1) 50.128.0.0 - 50.255.255.255
Comcast Business Communications, LLC CBC-SFBA-24 (NET-50-197-128-0-1) 50.197.128.0 - 50.197.191.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban