HideMyAss.com

Saturday, 21 December 2013

[Fail2Ban] SSH: banned 190.129.11.140

Hi,

The IP 190.129.11.140 has just been banned by Fail2Ban after
7 attempts against SSH.


Here are more information about 190.129.11.140:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-12-21 17:38:57 (BRST -02:00)

inetnum: 190.129.0/17
status: allocated
aut-num: N/A
owner: Entel S.A. - EntelNet
ownerid: BO-ESEN-LACNIC
responsible: Entel S.A. - Entelnet
address: Ayacucho, 267, P.7
address: BOL - La Paz - LP
country: BO
phone: +591 2 2141010 [3135]
owner-c: MIL
tech-c: MIL
abuse-c: MIL
inetrev: 190.129.0/18
nserver: NS.ENTELNET.BO
nsstat: 20131221 AA
nslastaa: 20131221
created: 20061204
changed: 20061204

nic-hdl: MIL
person: ENTEL Internet
e-mail: ip@ENTELNET.BO
address: Calle Ayacucho, zona central, 267, Piso 7
address: BO - La Paz - LP
country: BO
phone: +591 2 2141010 [3135]
created: 20030227
changed: 20130610

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 93.120.84.80

Hi,

The IP 93.120.84.80 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 93.120.84.80:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '93.120.84.0 - 93.120.85.255'

% Abuse contact for '93.120.84.0 - 93.120.85.255' is 'abuse@gvm.ro'

inetnum: 93.120.84.0 - 93.120.85.255
netname: SOFTGUARD-BUSINESS-MANAGEMENT-SRL
descr: S.C. SoftGuard Business Management Systems S.R.L.
descr: Str. Franz Liszt Nr. 4
descr: Timis, Timisoara
country: RO
admin-c: GVM-RIPE
tech-c: GVM-RIPE
status: ASSIGNED PA
mnt-by: GVM-MNT
mnt-routes: SOFTGUARD-MNT
mnt-domains: SOFTGUARD-MNT
source: RIPE # Filtered

role: GVM SYSTEM
address: Aleea Diham, Nr. 5
address: Bucuresti, Sector 2
admin-c: GVMN-RIPE
tech-c: GVMN-RIPE
abuse-mailbox: abuse@gvm.ro
nic-hdl: GVM-RIPE
mnt-by: GVM-MNT
source: RIPE # Filtered

% Information related to '93.120.84.0/23AS60588'

route: 93.120.84.0/23
descr: Softguard
origin: AS60588
mnt-by: SOFTGUARD-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 69.50.198.16

Hi,

The IP 69.50.198.16 has just been banned by Fail2Ban after
7 attempts against SSH.


Here are more information about 69.50.198.16:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 69.50.198.16"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=69.50.198.16?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 69.50.192.0 - 69.50.223.255
CIDR: 69.50.192.0/19
OriginAS:
NetName: ATJEU
NetHandle: NET-69-50-192-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
RegDate: 2003-06-04
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-69-50-192-0-1

OrgName: atjeu publishing, llc
OrgId: APL-37
Address: 1515 West Deer Valley Road
Address: C-103
City: Phoenix
StateProv: AZ
PostalCode: 85027
Country: US
RegDate: 2002-09-10
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/APL-37

OrgAbuseHandle: NOC12007-ARIN
OrgAbuseName: Network Operations Center
OrgAbusePhone: +1-623-434-5294
OrgAbuseEmail: brandonh@atjeuhosting.com
OrgAbuseRef: http://whois.arin.net/rest/poc/NOC12007-ARIN

OrgTechHandle: NOC12007-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-623-434-5294
OrgTechEmail: brandonh@atjeuhosting.com
OrgTechRef: http://whois.arin.net/rest/poc/NOC12007-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 46.23.70.212

Hi,

The IP 46.23.70.212 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 46.23.70.212:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '46.23.70.0 - 46.23.70.255'

% Abuse contact for '46.23.70.0 - 46.23.70.255' is 'ripe@uk2.net'

inetnum: 46.23.70.0 - 46.23.70.255
netname: UK2-INFRA-ONAPP-CLOUD
descr: UK2 Infrastructure
country: GB
admin-c: BB963-RIPE
tech-c: BB963-RIPE
status: ASSIGNED PA
remarks: Abuse matters to: abuse@uk2.net
remarks: Abuse mail to any other address may be ignored
mnt-by: AS13213-MNT
source: RIPE # Filtered

person: Bo Bendtsen
address: UK2.NET
address: One Canada Square, Canary Wharf
address: London
address: UK
phone: +44 20 7987 1200
fax-no: +44 20 7987 0449
nic-hdl: BB963-RIPE
mnt-by: AS13213-MNT
source: RIPE # Filtered

% Information related to '46.23.64.0/21AS13213'

route: 46.23.64.0/21
descr: UK2.NET announcement
origin: AS13213
mnt-by: AS13213-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 185.27.174.7

Hi,

The IP 185.27.174.7 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 185.27.174.7:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '185.27.172.0 - 185.27.175.255'

% Abuse contact for '185.27.172.0 - 185.27.175.255' is 'abuse@pcextreme.nl'

inetnum: 185.27.172.0 - 185.27.175.255
netname: NL-PCEXTREME-20130603
descr: PCextreme B.V.
country: NL
org: ORG-PB23-RIPE
admin-c: PB8076-RIPE
admin-c: TdL35-RIPE
tech-c: PB8076-RIPE
tech-c: TdL35-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: MNT-PCEXTREME
mnt-lower: PCEXTREME-MNT
mnt-domains: MNT-PCEXTREME
mnt-domains: PCEXTREME-MNT
mnt-routes: MNT-PCEXTREME
mnt-routes: MNT-REASONNET
mnt-routes: PCEXTREME-MNT
source: RIPE # Filtered

organisation: ORG-PB23-RIPE
org-name: PCextreme B.V.
org-type: LIR
address: PCextreme B.V. Thomas de Looff Londensekaai 5 4331JG Middelburg NETHERLANDS
phone: +31205060110
fax-no: +31205060111
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: PCEXTREME-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: TdL35-RIPE
admin-c: RvK81-RIPE
abuse-c: PA7151-RIPE
source: RIPE # Filtered

role: PCextreme BV
address: Londensekaai 1
address: 4331JG Middelburg
address: The Netherlands
abuse-mailbox: abuse@pcextreme.nl
admin-c: TdL35-RIPE
tech-c: TdL35-RIPE
nic-hdl: PB8076-RIPE
mnt-by: PCEXTREME-MNT
source: RIPE # Filtered

person: Thomas de Looff
org: ORG-PB23-RIPE
address: Londensekaai 1
address: 4331JG Middelburg
address: the Netherlands
phone: +31.205060100
fax-no: +31.204470944
abuse-mailbox: abuse@pcextreme.nl
nic-hdl: TdL35-RIPE
mnt-by: PCEXTREME-MNT
source: RIPE # Filtered

% Information related to '185.27.172.0/22AS48635'

route: 185.27.172.0/22
descr: PCextreme B.V.
origin: AS48635
mnt-by: PCEXTREME-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.26.89.179

Hi,

The IP 218.26.89.179 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 218.26.89.179:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.26.89.128 - 218.26.89.255'

inetnum: 218.26.89.128 - 218.26.89.255
netname: cz-xxghw
country: CN
descr: changzhi xxghw gov
admin-c: YZ225-AP
tech-c: YZ225-AP
status: ASSIGNED NON-PORTABLE
changed: xyp@public.ty.sx.cn 20060512
mnt-by: MAINT-CNCGROUP-SX
source: APNIC

person: Ying Zhao
nic-hdl: YZ225-AP
e-mail: zhy0607@public.ty.sx.cn
address: Taiyuan Shanxi
phone: +86-351-4091749
fax-no: +86-351-4088347
country: CN
changed: zhy0607@public.ty.sx.cn 20030321
mnt-by: MAINT-NEW
source: APNIC

% Information related to '218.26.0.0/16AS4837'

route: 218.26.0.0/16
descr: CNC Group CHINA169 Shanxi Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 80.74.160.103

Hi,

The IP 80.74.160.103 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 80.74.160.103:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '80.74.160.0 - 80.74.162.255'

% Abuse contact for '80.74.160.0 - 80.74.162.255' is 'abuse@oriontelekom.rs'

inetnum: 80.74.160.0 - 80.74.162.255
netname: ORIONTELEKOMTIM-NET
descr: Orion Telekom Tim IP network in Novi Sad
descr: Orion Telekom Tim Core Service Network
country: RS
admin-c: OTN7-RIPE
tech-c: OTN7-RIPE
remarks: INFRA-AW
status: ASSIGNED PA
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

role: Orion Telekom NOC
address: Orion Telekom
address: Gandijeva 76a, Belgrade, Serbia
phone: +381 11 2228 388
fax-no: +381 11 2228 334
remarks: *******************************************************************
remarks: Please send abuse reports to abuse@oriontelekom.rs
remarks: *******************************************************************
abuse-mailbox: abuse@oriontelekom.rs
admin-c: TERZ1-RIPE
admin-c: BL3549-RIPE
admin-c: ZA1048-RIPE
tech-c: VG1799-RIPE
nic-hdl: OTN7-RIPE
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

% Information related to '80.74.160.0/20AS9125'

route: 80.74.160.0/20
descr: Orion Telekom Tim ISP IP network
origin: AS9125
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 103.23.244.22

Hi,

The IP 103.23.244.22 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 103.23.244.22:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '103.23.244.0 - 103.23.244.255'

inetnum: 103.23.244.0 - 103.23.244.255
netname: UPI-ID
descr: Universitas Pendidikan Indonesia
descr: University / Direct Member IDNIC
descr: Jl. Dr. Setiabudhi no. 229
descr: Bandung Jawa Barat
country: ID
admin-c: MRS8-AP
tech-c: MRS8-AP
remarks: Send Spam& Abuse Reports to munir@upi.edu
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-UPI
mnt-irt: IRT-UPI-ID
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20111212
changed: hostmaster@idnic.net 20111219
source: APNIC

irt: IRT-UPI-ID
address: Universitas Pendidikan Indonesia
address: Jl. Dr. Setiabudhi no. 229
address: Bandung Jawa Barat
e-mail: munir@upi.edu
abuse-mailbox: munir@upi.edu
admin-c: MRS8-AP
tech-c: MRS8-AP
auth: # Filtered
mnt-by: MAINT-ID-UPI
changed: munir@upi.edu 20111216
source: APNIC

person: Moh Riky Saadilah
address: Jl. Dr.Setiabudhi No. 229
address: Bandung 40154
address: Jawa Barat - Indonesia
country: ID
phone: +62-22-70619000
fax-no: +62-22-2013651
e-mail: riky@upi.edu
nic-hdl: MRS8-AP
mnt-by: MAINT-ID-UPI
changed: hostmaster@idnic.net 20111202
source: APNIC

% Information related to '103.23.244.0/24AS18394'

route: 103.23.244.0/24
descr: Universitas Pendidikan Indonesia
descr: University / Direct Member IDNIC
descr: Jl. Dr. Setiabudhi no. 229
descr: Bandung - Jawa Barat
country: ID
origin: AS18394
mnt-by: MAINT-ID-UPI
changed: hostmaster@telkom.net.id 20111223
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 124.133.39.165

Hi,

The IP 124.133.39.165 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 124.133.39.165:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '124.133.39.0 - 124.133.39.255'

inetnum: 124.133.39.0 - 124.133.39.255
netname: JN-jnslcqzdwb-szs
country: CN
descr: JiNan-jinanshilichengquzhidongwangba(sunzhaoshan-
admin-c: DS95-AP
tech-c: DS95-AP
status: ASSIGNED NON-PORTABLE
changed: ip@sdinfo.net 20071231
mnt-by: MAINT-CNCGROUP-SD
source: APNIC

person: Data Communication Bureau Shandong
nic-hdl: DS95-AP
e-mail: ip@sdinfo.net
address: No.77 Jingsan Road,Jinan,Shandong,P.R.China
phone: +86-531-6052611
fax-no: +86-531-6052414
country: CN
changed: ip@sdinfo.net 20050330
mnt-by: MAINT-CNCGROUP-SD
source: APNIC

% Information related to '124.128.0.0/13AS4837'

route: 124.128.0.0/13
descr: CNC Group CHINA169 Shandong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060306
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban