Hi,
The IP 122.182.10.251 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 122.182.10.251:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '122.182.0.0 - 122.182.127.255'
inetnum: 122.182.0.0 - 122.182.127.255
netname: TELEMEDIA-SMB-MUM
descr: BHARTI Airtel Ltd. TELEMEDIA SERVICES
descr: 6th Floor, Interface, Bldg No 7,
descr: Link Road,Malad (W),
descr: Mumbai,Maharashtra
descr: India
descr: Contact Person: Manas Kaul
descr: Email: dsl.nocmumbai@airtel.in
descr: Phone:022-40034191
descr: Date of allocation:22-Dec-08
admin-c: MUM1-AP
tech-c: MUM1-AP
country: IN
mnt-by: MAINT-IN-BBIL
mnt-lower: MAINT-IN-TELEMEDIA
mnt-routes: MAINT-IN-TELEMEDIA
status: ALLOCATED NON-PORTABLE
changed: dsl.nocmumbai@airtel.in 20081229
source: APNIC
person: Network Administrator for ABTS MUM
address: ABTS
address: 6th Floor, Interface, Bldg No 7, Link Road,Malad (W),
address: Mumbai,Maharashtra
country: IN
phone: +91-7314216514
e-mail: manas.kaul@in.airtel.com
nic-hdl: MUM1-AP
remarks: -----------------------------
remarks: Send abuse reports to
remarks: manas.kaul@in.airtel.com
remarks: -----------------------------
mnt-by: MAINT-IN-TELEMEDIA
changed: manas.kaul@in.airtel.com 20080725
source: APNIC
% Information related to '122.182.10.0/24AS45514'
route: 122.182.10.0/24
descr: TELEMEDIA-SMB-MUM
descr: BHARTI Airtel Ltd. TELEMEDIA SERVICES
descr: 6th Floor, Interface, Bldg No 7,
descr: Link Road,Malad (W),
descr: Mumbai,Maharashtra
descr: INDIA
country: IN
origin: AS45514
mnt-by: MAINT-IN-TELEMEDIA
changed: dsl.nocmumbai@airtel.in 20081229
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)
Regards,
Fail2Ban
Monday 25 November 2013
[Fail2Ban] SSH: banned 188.132.135.123
Hi,
The IP 188.132.135.123 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 188.132.135.123:
[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '188.132.135.0 - 188.132.135.255'
% No abuse contact registered for 188.132.135.0 - 188.132.135.255
inetnum: 188.132.135.0 - 188.132.135.255
netname: ServerPA
descr: ServerPA internet ve sunucu hizmetleri
country: TR
admin-c: RS16845-RIPE
tech-c: RS16845-RIPE
status: ASSIGNED PA
mnt-by: MNT-MARSNET
source: RIPE # Filtered
person: Recep SAYMAZ
address: Sisli ISTANBUL
phone: +90 850 532 1232
nic-hdl: RS16845-RIPE
mnt-by: RS66648-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@serverpa.com
remarks: -------------------------------------------------------
remarks: Using for dedicated server and co-location services.
remarks: Please send abuse reports to abuse@serverpa.com
remarks: -------------------------------------------------------
% Information related to '188.132.135.0/24AS42910'
route: 188.132.135.0/24
descr: MarsGlobal1-Net1
origin: AS42910
mnt-by: MNT-MARSNET
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)
Regards,
Fail2Ban
The IP 188.132.135.123 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 188.132.135.123:
[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '188.132.135.0 - 188.132.135.255'
% No abuse contact registered for 188.132.135.0 - 188.132.135.255
inetnum: 188.132.135.0 - 188.132.135.255
netname: ServerPA
descr: ServerPA internet ve sunucu hizmetleri
country: TR
admin-c: RS16845-RIPE
tech-c: RS16845-RIPE
status: ASSIGNED PA
mnt-by: MNT-MARSNET
source: RIPE # Filtered
person: Recep SAYMAZ
address: Sisli ISTANBUL
phone: +90 850 532 1232
nic-hdl: RS16845-RIPE
mnt-by: RS66648-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@serverpa.com
remarks: -------------------------------------------------------
remarks: Using for dedicated server and co-location services.
remarks: Please send abuse reports to abuse@serverpa.com
remarks: -------------------------------------------------------
% Information related to '188.132.135.0/24AS42910'
route: 188.132.135.0/24
descr: MarsGlobal1-Net1
origin: AS42910
mnt-by: MNT-MARSNET
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 82.142.159.68
Hi,
The IP 82.142.159.68 has just been banned by Fail2Ban after
6 attempts against SSH.
Here are more information about 82.142.159.68:
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '82.142.128.0 - 82.142.191.255'
% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'
inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered
organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 4, Krasnoproletarskaya Street
address: 127006
address: Moscow
address: RUSSIAN FEDERATION
phone: +74957871000
fax-no: +74957871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered
role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered
role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru
% Information related to '82.142.128.0/18AS8350'
route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)
Regards,
Fail2Ban
The IP 82.142.159.68 has just been banned by Fail2Ban after
6 attempts against SSH.
Here are more information about 82.142.159.68:
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '82.142.128.0 - 82.142.191.255'
% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'
inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered
organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 4, Krasnoproletarskaya Street
address: 127006
address: Moscow
address: RUSSIAN FEDERATION
phone: +74957871000
fax-no: +74957871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered
role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered
role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru
% Information related to '82.142.128.0/18AS8350'
route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 210.37.24.32
Hi,
The IP 210.37.24.32 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 210.37.24.32:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '210.37.24.0 - 210.37.27.255'
inetnum: 210.37.24.0 - 210.37.27.255
netname: HIEIMS-CN
descr: ~{:#DO=LS}PEO"9\@mO5M3~}
descr: Hainan Education Information Management System
descr: Haikou, Hainan 570105, China
country: CN
admin-c: MF9-AP
tech-c: MF9-AP
tech-c: CER-AP
remarks: origin AS4538
changed: hm-changed@net.edu.cn 19981231
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC
role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114
person: Mousong Fu
address: Hainan Education Information Management System
address: Haikou, Hainan 570105, China
country: CN
phone: +86-898-5338069
e-mail: address-allocation-staff@net.edu.cn
nic-hdl: MF9-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-NULL
changed: hostmaster@net.edu.cn 19981231
source: APNIC
changed: hm-changed@apnic.net 20111122
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)
Regards,
Fail2Ban
The IP 210.37.24.32 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 210.37.24.32:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '210.37.24.0 - 210.37.27.255'
inetnum: 210.37.24.0 - 210.37.27.255
netname: HIEIMS-CN
descr: ~{:#DO=LS}PEO"9\@mO5M3~}
descr: Hainan Education Information Management System
descr: Haikou, Hainan 570105, China
country: CN
admin-c: MF9-AP
tech-c: MF9-AP
tech-c: CER-AP
remarks: origin AS4538
changed: hm-changed@net.edu.cn 19981231
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC
role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114
person: Mousong Fu
address: Hainan Education Information Management System
address: Haikou, Hainan 570105, China
country: CN
phone: +86-898-5338069
e-mail: address-allocation-staff@net.edu.cn
nic-hdl: MF9-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-NULL
changed: hostmaster@net.edu.cn 19981231
source: APNIC
changed: hm-changed@apnic.net 20111122
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 61.147.116.31
Hi,
The IP 61.147.116.31 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 61.147.116.31:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '61.147.0.0 - 61.147.255.255'
inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC
role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC
% Information related to '61.147.0.0/16AS23650'
route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)
Regards,
Fail2Ban
The IP 61.147.116.31 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 61.147.116.31:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '61.147.0.0 - 61.147.255.255'
inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC
role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC
% Information related to '61.147.0.0/16AS23650'
route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 81.94.196.51
Hi,
The IP 81.94.196.51 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 81.94.196.51:
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '81.94.196.48 - 81.94.196.63'
% Abuse contact for '81.94.196.48 - 81.94.196.63' is 'abuse@redstation.com'
inetnum: 81.94.196.48 - 81.94.196.63
netname: ITS-MAGIC
descr: IT is Magic Limited
descr: IT Services
country: GB
admin-c: RA1415-RIPE
tech-c: RA1415-RIPE
status: ASSIGNED PA
remarks: ABUSE REPORTS: office@its-magic.net
remarks: ABUSE REPORTS: abuse@redstation.com
mnt-by: REDSTATION-MNT
mnt-domains: redstationmntner
mnt-routes: REDSTATION-MNT
source: RIPE # Filtered
role: Redstation Admin Role
address: Redstation Limited
address: 2 Frater Gate Business Park
address: Aerodrome Road
address: Gosport
address: Hampshire
address: PO13 0GW
address: UNITED KINGDOM
abuse-mailbox: abuse@redstation.com
admin-c: KMAC-RIPE
tech-c: PA5242-RIPE
nic-hdl: RA1415-RIPE
mnt-by: REDSTATION-MNT
source: RIPE # Filtered
% Information related to '81.94.192.0/20AS35662'
route: 81.94.192.0/20
descr: FTIP002960302 Redstation Limited
origin: AS35662
mnt-by: REDSTATION-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)
Regards,
Fail2Ban
The IP 81.94.196.51 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 81.94.196.51:
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '81.94.196.48 - 81.94.196.63'
% Abuse contact for '81.94.196.48 - 81.94.196.63' is 'abuse@redstation.com'
inetnum: 81.94.196.48 - 81.94.196.63
netname: ITS-MAGIC
descr: IT is Magic Limited
descr: IT Services
country: GB
admin-c: RA1415-RIPE
tech-c: RA1415-RIPE
status: ASSIGNED PA
remarks: ABUSE REPORTS: office@its-magic.net
remarks: ABUSE REPORTS: abuse@redstation.com
mnt-by: REDSTATION-MNT
mnt-domains: redstationmntner
mnt-routes: REDSTATION-MNT
source: RIPE # Filtered
role: Redstation Admin Role
address: Redstation Limited
address: 2 Frater Gate Business Park
address: Aerodrome Road
address: Gosport
address: Hampshire
address: PO13 0GW
address: UNITED KINGDOM
abuse-mailbox: abuse@redstation.com
admin-c: KMAC-RIPE
tech-c: PA5242-RIPE
nic-hdl: RA1415-RIPE
mnt-by: REDSTATION-MNT
source: RIPE # Filtered
% Information related to '81.94.192.0/20AS35662'
route: 81.94.192.0/20
descr: FTIP002960302 Redstation Limited
origin: AS35662
mnt-by: REDSTATION-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 61.160.251.137
Hi,
The IP 61.160.251.137 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 61.160.251.137:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '61.160.0.0 - 61.160.255.255'
inetnum: 61.160.0.0 - 61.160.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC
role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC
% Information related to '61.160.0.0/16AS23650'
route: 61.160.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)
Regards,
Fail2Ban
The IP 61.160.251.137 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 61.160.251.137:
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '61.160.0.0 - 61.160.255.255'
inetnum: 61.160.0.0 - 61.160.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC
role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC
% Information related to '61.160.0.0/16AS23650'
route: 61.160.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 168.61.1.50
Hi,
The IP 168.61.1.50 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 168.61.1.50:
[Querying whois.arin.net]
[whois.arin.net]
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
#
# Query terms are ambiguous. The query is assumed to be:
# "n 168.61.1.50"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=168.61.1.50?showDetails=true&showARIN=false&ext=netref2
#
NetRange: 168.61.0.0 - 168.63.255.255
CIDR: 168.61.0.0/16, 168.62.0.0/15
OriginAS:
NetName: MICROSOFT
NetHandle: NET-168-61-0-0-1
Parent: NET-168-0-0-0-0
NetType: Direct Assignment
RegDate: 2011-06-22
Updated: 2013-08-20
Ref: http://whois.arin.net/rest/net/NET-168-61-0-0-1
OrgName: Microsoft Corp
OrgId: MSFT-Z
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 2011-06-22
Updated: 2013-10-03
Comment: To report suspected security issues specific to
Comment: traffic emanating from Microsoft online services,
Comment: including the distribution of malicious content
Comment: or other illicit or illegal material through a
Comment: Microsoft online service, please submit reports
Comment: to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft
Comment: Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft
Comment: products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests,
Comment: please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: http://whois.arin.net/rest/org/MSFT-Z
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: http://whois.arin.net/rest/poc/MRPD-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: http://whois.arin.net/rest/poc/MAC74-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
Regards,
Fail2Ban
The IP 168.61.1.50 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 168.61.1.50:
[Querying whois.arin.net]
[whois.arin.net]
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
#
# Query terms are ambiguous. The query is assumed to be:
# "n 168.61.1.50"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=168.61.1.50?showDetails=true&showARIN=false&ext=netref2
#
NetRange: 168.61.0.0 - 168.63.255.255
CIDR: 168.61.0.0/16, 168.62.0.0/15
OriginAS:
NetName: MICROSOFT
NetHandle: NET-168-61-0-0-1
Parent: NET-168-0-0-0-0
NetType: Direct Assignment
RegDate: 2011-06-22
Updated: 2013-08-20
Ref: http://whois.arin.net/rest/net/NET-168-61-0-0-1
OrgName: Microsoft Corp
OrgId: MSFT-Z
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 2011-06-22
Updated: 2013-10-03
Comment: To report suspected security issues specific to
Comment: traffic emanating from Microsoft online services,
Comment: including the distribution of malicious content
Comment: or other illicit or illegal material through a
Comment: Microsoft online service, please submit reports
Comment: to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft
Comment: Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft
Comment: products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests,
Comment: please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: http://whois.arin.net/rest/org/MSFT-Z
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: http://whois.arin.net/rest/poc/MRPD-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: http://whois.arin.net/rest/poc/MAC74-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 188.190.98.6
Hi,
The IP 188.190.98.6 has just been banned by Fail2Ban after
6 attempts against SSH.
Here are more information about 188.190.98.6:
[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '188.190.96.0 - 188.190.127.255'
% Abuse contact for '188.190.96.0 - 188.190.127.255' is 'abusemail@infiumhost.com'
inetnum: 188.190.96.0 - 188.190.127.255
netname: INFIUM
descr: Infium LLC
descr: Datacenter Kharkov
country: UA
org: ORG-IL316-RIPE
admin-c: INF20-RIPE
tech-c: INF20-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: INFIUM-MNT
mnt-routes: INFIUM-MNT
mnt-domains: INFIUM-MNT
source: RIPE # Filtered
organisation: ORG-IL316-RIPE
org-name: Infium LLC
org-type: LIR
address: Infium LLC
address: Valerii Lolin
address: Traktorostroiteley 156/41 office 301
address: Kharkov
address: 61129
address: UKRAINE
phone: +380639797654
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: INFIUM-UAB-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-mailbox: abusemail@infiumhost.com
abuse-c: INF200-RIPE
source: RIPE # Filtered
person: Infium Ltd
address: 61129, Kharkov, Ukraine
address: Traktorostroiteley 156/41, office 301
phone: +380-931-700-701
abuse-mailbox: abusemail@infiumhost.com
remarks:
remarks: *************************************************
remarks: * For spam/abuse/security issues please contact *
remarks: * abusemail@infiumhost.com, not this address *
remarks: *************************************************
remarks:
nic-hdl: INF20-RIPE
mnt-by: INFIUM-MNT
source: RIPE # Filtered
% Information related to '188.190.98.0/24AS197145'
route: 188.190.98.0/24
descr: Infium LTD
origin: AS197145
mnt-by: INFIUM-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)
Regards,
Fail2Ban
The IP 188.190.98.6 has just been banned by Fail2Ban after
6 attempts against SSH.
Here are more information about 188.190.98.6:
[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '188.190.96.0 - 188.190.127.255'
% Abuse contact for '188.190.96.0 - 188.190.127.255' is 'abusemail@infiumhost.com'
inetnum: 188.190.96.0 - 188.190.127.255
netname: INFIUM
descr: Infium LLC
descr: Datacenter Kharkov
country: UA
org: ORG-IL316-RIPE
admin-c: INF20-RIPE
tech-c: INF20-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: INFIUM-MNT
mnt-routes: INFIUM-MNT
mnt-domains: INFIUM-MNT
source: RIPE # Filtered
organisation: ORG-IL316-RIPE
org-name: Infium LLC
org-type: LIR
address: Infium LLC
address: Valerii Lolin
address: Traktorostroiteley 156/41 office 301
address: Kharkov
address: 61129
address: UKRAINE
phone: +380639797654
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: INFIUM-UAB-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-mailbox: abusemail@infiumhost.com
abuse-c: INF200-RIPE
source: RIPE # Filtered
person: Infium Ltd
address: 61129, Kharkov, Ukraine
address: Traktorostroiteley 156/41, office 301
phone: +380-931-700-701
abuse-mailbox: abusemail@infiumhost.com
remarks:
remarks: *************************************************
remarks: * For spam/abuse/security issues please contact *
remarks: * abusemail@infiumhost.com, not this address *
remarks: *************************************************
remarks:
nic-hdl: INF20-RIPE
mnt-by: INFIUM-MNT
source: RIPE # Filtered
% Information related to '188.190.98.0/24AS197145'
route: 188.190.98.0/24
descr: Infium LTD
origin: AS197145
mnt-by: INFIUM-MNT
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)
Regards,
Fail2Ban
[Fail2Ban] SSH: banned 114.80.226.69
Hi,
The IP 114.80.226.69 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 114.80.226.69:
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '114.80.0.0 - 114.95.255.255'
inetnum: 114.80.0.0 - 114.95.255.255
netname: CHINANET-SH
descr: CHINANET SHANGHAI PROVINCE NETWORK
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: WWQ4-AP
tech-c: WWQ4-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SH
changed: hm-changed@apnic.net 20080514
source: APNIC
person: Weng Wen Qian
address: Room 2405,357 Songlin Road,Shanghai 200122
country: CN
phone: +86-21-68405784
fax-no: +86-21-50623458
e-mail: wengwq@online.sh.cn
nic-hdl: WWQ4-AP
mnt-by: MAINT-CHINANET-SH
changed: ip-admin@mail.online.sh.cn 20050403
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)
Regards,
Fail2Ban
The IP 114.80.226.69 has just been banned by Fail2Ban after
5 attempts against SSH.
Here are more information about 114.80.226.69:
[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '114.80.0.0 - 114.95.255.255'
inetnum: 114.80.0.0 - 114.95.255.255
netname: CHINANET-SH
descr: CHINANET SHANGHAI PROVINCE NETWORK
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: WWQ4-AP
tech-c: WWQ4-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SH
changed: hm-changed@apnic.net 20080514
source: APNIC
person: Weng Wen Qian
address: Room 2405,357 Songlin Road,Shanghai 200122
country: CN
phone: +86-21-68405784
fax-no: +86-21-50623458
e-mail: wengwq@online.sh.cn
nic-hdl: WWQ4-AP
mnt-by: MAINT-CHINANET-SH
changed: ip-admin@mail.online.sh.cn 20050403
source: APNIC
% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)
Regards,
Fail2Ban
Subscribe to:
Posts (Atom)