Hi,
The IP 95.0.160.105 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 95.0.160.105:
[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '95.0.160.104 - 95.0.160.111'
% Abuse contact for '95.0.160.104 - 95.0.160.111' is 'abuse@ttnet.com.tr'
inetnum: 95.0.160.104 - 95.0.160.111
netname: Nigde_Valiligi_il_Saglik_Md
descr: Yenice Mah Arapdede Sok Nigde
country: TR
admin-c: AE3217-RIPE
tech-c: AE3217-RIPE
status: ASSIGNED PA
mnt-by: AS9121-MNT
source: RIPE # Filtered
person: AliRiza Erdogan
remarks: Nigde_Valiligi_il_Saglik_Md
address: Yenice Mah Arapdede Sok Nigde
phone: +903882323500
nic-hdl: AE3217-RIPE
mnt-by: AS9121-MNT
source: RIPE # Filtered
% Information related to '95.0.128.0/17AS9121'
route: 95.0.128.0/17
descr: TurkTelecom
origin: AS9121
mnt-by: AS9121-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)
Regards,
Fail2Ban
Monday 14 October 2013
[Fail2Ban] SSH: banned 82.142.159.68
Hi,
The IP 82.142.159.68 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 82.142.159.68:
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '82.142.128.0 - 82.142.191.255'
% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'
inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered
organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 1 Kozhevnichesky proezd
address: 115114
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 7871000
fax-no: +7 495 7871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered
role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered
role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru
% Information related to '82.142.128.0/18AS8350'
route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)
Regards,
Fail2Ban
The IP 82.142.159.68 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 82.142.159.68:
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '82.142.128.0 - 82.142.191.255'
% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'
inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered
organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 1 Kozhevnichesky proezd
address: 115114
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 7871000
fax-no: +7 495 7871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered
role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered
role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru
% Information related to '82.142.128.0/18AS8350'
route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 75.126.179.134
Hi,
The IP 75.126.179.134 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 75.126.179.134:
[Querying whois.arin.net]
[Redirected to rwhois.softlayer.com:4321]
[Querying rwhois.softlayer.com]
[rwhois.softlayer.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.75.126.160.0/19
network:Auth-Area:75.126.160.0/19
network:Network-Name:SOFTLAYER-75.126.160.0
network:IP-Network:75.126.179.128/28
network:IP-Network-Block:75.126.179.128-75.126.179.143
network:Organization;I:IBM - SmartCloud Application Services - Internal Dev
network:Street-Address:IBM Building 136, Floor 10
network:City:Montreal
network:State:QC
network:Postal-Code:00000
network:Country-Code:CA
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:denisd@ca.ibm.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2013-07-22 17:15:01
network:Updated:2013-09-20 15:03:26
network:Updated-By:ipadmin@softlayer.com
%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok
Regards,
Fail2Ban
The IP 75.126.179.134 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 75.126.179.134:
[Querying whois.arin.net]
[Redirected to rwhois.softlayer.com:4321]
[Querying rwhois.softlayer.com]
[rwhois.softlayer.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.75.126.160.0/19
network:Auth-Area:75.126.160.0/19
network:Network-Name:SOFTLAYER-75.126.160.0
network:IP-Network:75.126.179.128/28
network:IP-Network-Block:75.126.179.128-75.126.179.143
network:Organization;I:IBM - SmartCloud Application Services - Internal Dev
network:Street-Address:IBM Building 136, Floor 10
network:City:Montreal
network:State:QC
network:Postal-Code:00000
network:Country-Code:CA
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:denisd@ca.ibm.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2013-07-22 17:15:01
network:Updated:2013-09-20 15:03:26
network:Updated-By:ipadmin@softlayer.com
%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 216.24.199.43
Hi,
The IP 216.24.199.43 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 216.24.199.43:
[Querying whois.arin.net]
[Redirected to rwhois.psychz.net:4321]
[Querying rwhois.psychz.net]
[rwhois.psychz.net]
%rwhois V-1.0,V-1.5:00090h:00 portal.psychz.net (Ubersmith RWhois Server V-2.3.0)
%referral rwhois://rwhois.arin.net:4321/auth-area=0.0.0.0/0
Regards,
Fail2Ban
The IP 216.24.199.43 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 216.24.199.43:
[Querying whois.arin.net]
[Redirected to rwhois.psychz.net:4321]
[Querying rwhois.psychz.net]
[rwhois.psychz.net]
%rwhois V-1.0,V-1.5:00090h:00 portal.psychz.net (Ubersmith RWhois Server V-2.3.0)
%referral rwhois://rwhois.arin.net:4321/auth-area=0.0.0.0/0
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 200.107.121.50
Hi,
The IP 200.107.121.50 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 200.107.121.50:
[Querying whois.lacnic.net]
[whois.lacnic.net]
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-10-14 14:21:42 (BRT -03:00)
inetnum: 200.107.120/21
status: allocated
aut-num: N/A
owner: SERCOM de Honduras
ownerid: HN-SEHO1-LACNIC
responsible: Marco Peña
address: Av. República de Colombia, --, Edificio Aló
address: -- - Tegucigalpa - FM
country: HN
phone: +708 504 2054486 []
owner-c: MAP16
tech-c: MAP16
abuse-c: MAP16
inetrev: 200.107.120/21
nserver: NS1.TURBONETT.COM.HN
nsstat: 20131012 AA
nslastaa: 20131012
nserver: NS2.TURBONETT.COM.HN
nsstat: 20131012 AA
nslastaa: 20131012
nserver: NS3.TURBONETT.COM.HN
nsstat: 20131012 NOT SYNC ZONE
nslastaa: 20130925
nserver: NS4.TURBONETT.COM.HN
nsstat: 20131012 NOT SYNC ZONE
nslastaa: 20130925
created: 20060905
changed: 20080729
nic-hdl: MAP16
person: Joel Silva
e-mail: joel.silva@CLARO.COM.HN
address: Col. San Carlos, Ave, Colombia Edificio Claro, 1,
address: 001 - Tegucigalpa - Mo
country: HN
phone: +708 504 22054458 [4458]
created: 20070821
changed: 20130902
% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.
Regards,
Fail2Ban
The IP 200.107.121.50 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 200.107.121.50:
[Querying whois.lacnic.net]
[whois.lacnic.net]
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-10-14 14:21:42 (BRT -03:00)
inetnum: 200.107.120/21
status: allocated
aut-num: N/A
owner: SERCOM de Honduras
ownerid: HN-SEHO1-LACNIC
responsible: Marco Peña
address: Av. República de Colombia, --, Edificio Aló
address: -- - Tegucigalpa - FM
country: HN
phone: +708 504 2054486 []
owner-c: MAP16
tech-c: MAP16
abuse-c: MAP16
inetrev: 200.107.120/21
nserver: NS1.TURBONETT.COM.HN
nsstat: 20131012 AA
nslastaa: 20131012
nserver: NS2.TURBONETT.COM.HN
nsstat: 20131012 AA
nslastaa: 20131012
nserver: NS3.TURBONETT.COM.HN
nsstat: 20131012 NOT SYNC ZONE
nslastaa: 20130925
nserver: NS4.TURBONETT.COM.HN
nsstat: 20131012 NOT SYNC ZONE
nslastaa: 20130925
created: 20060905
changed: 20080729
nic-hdl: MAP16
person: Joel Silva
e-mail: joel.silva@CLARO.COM.HN
address: Col. San Carlos, Ave, Colombia Edificio Claro, 1,
address: 001 - Tegucigalpa - Mo
country: HN
phone: +708 504 22054458 [4458]
created: 20070821
changed: 20130902
% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 183.248.88.106
Hi,
The IP 183.248.88.106 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 183.248.88.106:
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '183.192.0.0 - 183.255.255.255'
inetnum: 183.192.0.0 - 183.255.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
status: ALLOCATED PORTABLE
admin-c: LCJ-AP
tech-c: HL1318-AP
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091108
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
source: APNIC
person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 10 66006688
fax-no: +86 10 52616187
country: CN
changed: hostmaster@chinamobile.com 20110824
mnt-by: MAINT-CN-CMCC
source: APNIC
person: li changjun
address: 29 jinrong ave. xicheng district, beijing China
country: CN
phone: +86 52686688
e-mail: hostmaster@chinamobile.com
nic-hdl: lcj-ap
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20071010
source: APNIC
% Information related to '183.248.0.0/13AS9808'
route: 183.248.0.0/13
descr: China Mobile Communications Corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20120912
source: APNIC
% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)
Regards,
Fail2Ban
The IP 183.248.88.106 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 183.248.88.106:
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '183.192.0.0 - 183.255.255.255'
inetnum: 183.192.0.0 - 183.255.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
status: ALLOCATED PORTABLE
admin-c: LCJ-AP
tech-c: HL1318-AP
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091108
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
source: APNIC
person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 10 66006688
fax-no: +86 10 52616187
country: CN
changed: hostmaster@chinamobile.com 20110824
mnt-by: MAINT-CN-CMCC
source: APNIC
person: li changjun
address: 29 jinrong ave. xicheng district, beijing China
country: CN
phone: +86 52686688
e-mail: hostmaster@chinamobile.com
nic-hdl: lcj-ap
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20071010
source: APNIC
% Information related to '183.248.0.0/13AS9808'
route: 183.248.0.0/13
descr: China Mobile Communications Corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20120912
source: APNIC
% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 223.4.55.49
Hi,
The IP 223.4.55.49 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 223.4.55.49:
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '223.4.0.0 - 223.7.255.255'
inetnum: 223.4.0.0 - 223.7.255.255
netname: ALIBABA-CN-NET
descr: Hangzhou Alibaba Advertising Co.,Ltd.
descr: No.699, Wangshang RD., Hangzhou, China
country: CN
admin-c: ZM678-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20090122
status: ALLOCATED PORTABLE
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC
person: Shuo Yu
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: shuo.yus@alibaba-inc.com
e-mail: shuo.yus@aliyun-inc.com
nic-hdl: ZM678-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110614
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: guoxin.gao@aliyun-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130705
source: APNIC
person: security trouble
e-mail: cloud-cc-sqcloud@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: ipas@cnnic.cn 20130708
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130709
source: APNIC
% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)
Regards,
Fail2Ban
The IP 223.4.55.49 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 223.4.55.49:
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '223.4.0.0 - 223.7.255.255'
inetnum: 223.4.0.0 - 223.7.255.255
netname: ALIBABA-CN-NET
descr: Hangzhou Alibaba Advertising Co.,Ltd.
descr: No.699, Wangshang RD., Hangzhou, China
country: CN
admin-c: ZM678-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20090122
status: ALLOCATED PORTABLE
source: APNIC
irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC
person: Shuo Yu
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: shuo.yus@alibaba-inc.com
e-mail: shuo.yus@aliyun-inc.com
nic-hdl: ZM678-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110614
source: APNIC
person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: guoxin.gao@aliyun-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130705
source: APNIC
person: security trouble
e-mail: cloud-cc-sqcloud@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: ipas@cnnic.cn 20130708
source: APNIC
person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130709
source: APNIC
% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 50.197.191.93
Hi,
The IP 50.197.191.93 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 50.197.191.93:
[Querying whois.arin.net]
[whois.arin.net]
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
#
# Query terms are ambiguous. The query is assumed to be:
# "n 50.197.191.93"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=50.197.191.93?showDetails=true&showARIN=false&ext=netref2
#
Comcast Cable Communications Holdings, Inc CCCH3-4 (NET-50-128-0-0-1) 50.128.0.0 - 50.255.255.255
Comcast Business Communications, LLC CBC-SFBA-24 (NET-50-197-128-0-1) 50.197.128.0 - 50.197.191.255
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
Regards,
Fail2Ban
The IP 50.197.191.93 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 50.197.191.93:
[Querying whois.arin.net]
[whois.arin.net]
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
#
# Query terms are ambiguous. The query is assumed to be:
# "n 50.197.191.93"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=50.197.191.93?showDetails=true&showARIN=false&ext=netref2
#
Comcast Cable Communications Holdings, Inc CCCH3-4 (NET-50-128-0-0-1) 50.128.0.0 - 50.255.255.255
Comcast Business Communications, LLC CBC-SFBA-24 (NET-50-197-128-0-1) 50.197.128.0 - 50.197.191.255
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
Regards,
Fail2Ban
Subscribe to:
Posts (Atom)