HideMyAss.com

Friday, 26 July 2013

[Fail2Ban] SSH: banned 209.124.106.61

Hi,

The IP 209.124.106.61 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 209.124.106.61:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 209.124.106.61"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=209.124.106.61?showDetails=true&showARIN=false&ext=netref2
#

AMNET US AMNET-BLK2 (NET-209-124-96-0-1) 209.124.96.0 - 209.124.127.255
Amnet Datos Nicaragua AMNET-NI (NET-209-124-106-0-1) 209.124.106.0 - 209.124.107.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 186.47.123.211

Hi,

The IP 186.47.123.211 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 186.47.123.211:

[Querying whois.arin.net]
[Redirected to whois.lacnic.net]
[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-07-26 09:20:38 (BRT -03:00)

inetnum: 186.47.123.208/29
status: reallocated
owner: NUBIA SUSANA MORAN
ownerid: EC-NSMO1-LACNIC
responsible: NUBIA MORAN
address: QUILAGO, 171, AV. EL RETORNO LOCAL J&S TECNOLOGY
address: 3110 - IBARRA - EC
country: EC
phone: +593 9 8461404 []
owner-c: VMR
tech-c: VMR
abuse-c: VMR
created: 20120327
changed: 20120327
inetnum-up: 186.47/16

nic-hdl: VMR
person: Evelin Gavilanes
e-mail: noc@ANDINANET.NET
address: Edificio Droira, s/n, esquina
address: 3110 - Quito - EC
country: EC
phone: +593 2 2944800 [882]
created: 20030402
changed: 20120829

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 50.106.14.149

Hi,

The IP 50.106.14.149 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 50.106.14.149:

[Querying whois.arin.net]
[Redirected to rwhois.frontiernet.net:4321]
[Querying rwhois.frontiernet.net]
[rwhois.frontiernet.net]
%rwhois V-1.5:002090:00 whois.frontiernet.net (by Network Solutions, Inc. V-1.5.9.6)
network:Auth-Area:50.106.0.0/18
network:ID:NET-50-106-14-144-28
network:Network-Name:50-106-14-144-28
network:IP-Network:50.106.14.144/28
network:Org-Name;I:Ch
Technologies
network:Street-Address:18323 Bothell-Everett Hwy suite 360
network:City:Bothell
network:State:WA
network:Postal-Code:98082
network:Country-Code:US
network:Tech-Contact;I:CH80-FRTR
network:Updated:20130617 23:46:21
network:Updated-By:ipeng@frontiernet.net
network:Class-Name:network

network:Auth-Area:50.106.0.0/18
network:ID:NET-50-106-14-0-24
network:Network-Name:50-106-14-0-24
network:IP-Network:50.106.14.0/24
network:Org-Name;I:FIOS-S
Frontier Communications Everett/Redmond W
network:Street-Address:19555 SW. Kinnaman RD
network:City:Aloha
network:State:OR
network:Postal-Code:97007
network:Country-Code:US
network:Tech-Contact;I:AM101-FRTR
network:Admin-Contact;I:IPADMIN-FRTR
network:Abuse-Contact;I:ABUSE-FRTR
network:Updated:20130312
network:Updated-By:ipeng@frontiernet.net
network:Class-Name:network

network:Auth-Area:50.106.0.0/18
network:ID:NET-50-106-0-0-18
network:Network-Name:50-106-0-0-18
network:IP-Network:50.106.0.0/18
network:Org-Name;I:Frontier
Communications Solutions
network:Street-Address:180 South Clinton Ave
network:City:Rochester
network:State:NY
network:Postal-Code:14646
network:Country-Code:US
network:Tech-Contact;I:ABUSE-FRTR
network:Admin-Contact;I:IPADMIN-FRTR
network:Updated:20110517
network:Updated-By:ipeng@frontiernet.net
network:Class-Name:network

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.29.16.58

Hi,

The IP 202.29.16.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 202.29.16.58:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-5]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 202.28.0.0 - 202.29.255.255
netname: THAINET-TH
descr: UniNet(Inter-university network)
descr: Office of Information Technology Administration
descr: for Educational Development
descr: Ministry of University Affairs
country: TH
admin-c: YT7
admin-c: UV1-AP
tech-c: UNOC1-AP
remarks: UniNet is the outgrowth of THAINET
notify: noc-uninet@it.chula.ac.th
notify: noc@uni.net.th
mnt-by: APNIC-HM
mnt-lower: MAINT-TH-UNINET
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20041210
source: APNIC

person: Unnop Viriyavit
address: 328 Sri-Ayuthya rd. Rajthevi
address: Bangkok 10400
country: TH
phone: +66-2-248-7749
fax-no: +66-2-248-6662
e-mail: unnop@uni.net.th
nic-hdl: UV1-AP
mnt-by: MAINT-NULL
changed: hostmaster@apnic.ent 19990615
changed: chaya@it.chula.ac.th 20010517
source: APNIC

person: Yunyong Teng-amnuay
address: Chulalongkorn University
address: Centers of Academic Resources
address: Phyathai Road
address: Bangkok 10330
address: TH
country: TH
phone: +66-2-218-2910
fax-no: +66-2-215-3617
e-mail: Yunyong.T@Chula.ac.th
nic-hdl: YT7
notify: Yunyong.T@Chula.ac.th
mnt-by: MAINT-THAINET
changed: hostmaster@apnic.net 19960216
changed: chaya@it.chula.ac.th 20010515
source: APNIC
changed: hm-changed@apnic.net 20111122

person: UniNet Network Operation Center
address: Office of Information Technology Administration
address: for Educational Development
address: Ministry of University Affairs
address: Bangkok 10400
country: TH
phone: +66-2-248-7749
fax-no: +66-2-248-6662
e-mail: noc@uni.net.th
nic-hdl: UNOC1-AP
notify: noc@uni.net.th
mnt-by: MAINT-TH-UNINET
changed: manut@uni.net.th 20010517
source: APNIC

Regards,

Fail2Ban

Thursday, 25 July 2013

[Fail2Ban] SSH: banned 42.96.194.13

Hi,

The IP 42.96.194.13 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 42.96.194.13:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-5]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 42.96.128.0 - 42.96.255.255
netname: ALIBABA-BJ-NET
descr: Alibaba (Beijing) Technology Co., Ltd.
descr: 9F,Tower A Winterless center,NO.1 West Da Wang Lu,
descr: Chaoyang District,Beijing
country: CN
admin-c: ZM678-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20110311
source: APNIC

person: Shuo Yu
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: shuo.yus@alibaba-inc.com
e-mail: shuo.yus@aliyun-inc.com
nic-hdl: ZM678-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110614
source: APNIC

person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: guoxin.gao@aliyun-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130705
source: APNIC

person: security trouble
e-mail: cloud-cc-sqcloud@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: ipas@cnnic.cn 20130708
source: APNIC

person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130709
source: APNIC

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 176.102.192.17

Hi,

The IP 176.102.192.17 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 176.102.192.17:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '176.102.192.0 - 176.102.223.255'

inetnum: 176.102.192.0 - 176.102.223.255
netname: FOBOS-NET
descr: Center for Information Technologies "Fobos" Ltd.
country: UA
org: ORG-FOBO2-RIPE
admin-c: AP7848-RIPE
tech-c: AP7848-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: KUTS-MNT
mnt-routes: KUTS-MNT
mnt-domains: KUTS-MNT
source: RIPE # Filtered

organisation: ORG-FOBO2-RIPE
org-name: Center for Information Technologies "Fobos" Ltd.
org-type: OTHER
address: 39800, Ukraine, Poltavsky reg. Komsomolsk, Lenina str., 40
mnt-ref: vissado-mnt
mnt-by: vissado-mnt
source: RIPE # Filtered

person: Andrew Philonenko
address: Lenina str., 31/31
address: Poltava reg
address: 39800 Komsomolsk, Ukraine
phone: +380633131008
fax-no: +380675327103
nic-hdl: AP7848-RIPE
mnt-by: KUTS-MNT
source: RIPE # Filtered

% Information related to '176.102.192.0/19AS39822'

route: 176.102.192.0/19
descr: FobosRoute
origin: AS39822
mnt-by: KUTS-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 178.194.61.6

Hi,

The IP 178.194.61.6 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 178.194.61.6:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '178.194.0.0 - 178.194.255.255'

% Abuse contact for '178.194.0.0 - 178.194.255.255' is 'abuse@bluewin.ch'

inetnum: 178.194.0.0 - 178.194.255.255
netname: BLUEWINNET
descr: Bluewin is an LIR and ISP in Switzerland.
descr: This range is used for dynamic customer pools.
country: CH
admin-c: BCR1-RIPE
tech-c: BCR1-RIPE
status: ASSIGNED PA
remarks: ************************************************
remarks: In case of hack attacks, spam, scans etc. please
remarks: send abuse notifications to abuse@bluewin.ch
remarks: E-Mails to the persons below will be IGNORED!
remarks: ************************************************
mnt-by: BLUEWINNET-MNT
mnt-lower: BLUEWINNET-MNT
source: RIPE # Filtered

role: Bluewin Contact Role
address: Swisscom (Schweiz) AG
address: SCS-NIT-NIO-PIO-ACE-PAC
address: Binzring 17
address: CH-8045 Zurich
address: Switzerland
phone: +41-58-221 56 26
remarks: ************************************************
remarks: Swisscom (Schweiz) AG / Bluewin is an
remarks: internet service provider and LIR in CH.
remarks: In case of hack attacks, spam, scans etc. please
remarks: send abuse notifications to abuse@bluewin.ch
remarks: E-Mails to the persons below will be IGNORED!
remarks: ************************************************
remarks:
abuse-mailbox: abuse@bluewin.ch
remarks:
org: ORG-BA8-RIPE
admin-c: RG3846-RIPE
admin-c: GR1196-RIPE
admin-c: TG267-RIPE
tech-c: RG3846-RIPE
tech-c: GR1196-RIPE
tech-c: TG267-RIPE
nic-hdl: BCR1-RIPE
mnt-by: BLUEWINNET-MNT
source: RIPE # Filtered

% Information related to '178.192.0.0/14AS3303'

route: 178.192.0.0/14
descr: Swisscom (Schweiz) AG - Bluewin
origin: AS3303
mnt-by: CH-UNISOURCE-MNT
mnt-by: BLUEWINNET-MNT
source: RIPE # Filtered

% Information related to '178.192.0.0/14AS44038'

route: 178.192.0.0/14
descr: Swisscom (Schweiz) AG - Bluewin
origin: AS44038
mnt-by: CH-UNISOURCE-MNT
mnt-by: BLUEWINNET-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 76.74.239.9

Hi,

The IP 76.74.239.9 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 76.74.239.9:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 76.74.239.9"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=76.74.239.9?showDetails=true&showARIN=false&ext=netref2
#

Peer 1 Network Inc. PEER1-BLK-10 (NET-76-74-128-0-1) 76.74.128.0 - 76.74.255.255
ServerBeach PEER1-SERVERBEACH-09A (NET-76-74-236-0-1) 76.74.236.0 - 76.74.239.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 37.205.10.6

Hi,

The IP 37.205.10.6 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 37.205.10.6:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '37.205.10.0 - 37.205.10.255'

inetnum: 37.205.10.0 - 37.205.10.255
netname: VPSFREE-PRG2
descr: vpsFree.cz - Prague2
country: CZ
admin-c: PS13384-RIPE
tech-c: PS13384-RIPE
status: ASSIGNED PA
mnt-by: PS22816-MNT
mnt-routes: PS22816-MNT
mnt-routes: MASTER-MNT
mnt-domains: PS22816-MNT
source: RIPE # Filtered

person: Pavel Snajdr
address: Hany Melickovej 9
address: Bratislava
phone: +421948816186
nic-hdl: PS13384-RIPE
mnt-by: PS22816-MNT
abuse-mailbox: noc@relbit.com
source: RIPE # Filtered

% Information related to '37.205.8.0/22AS24971'

route: 37.205.8.0/22
descr: RELBIT-VPSFREE
origin: AS24971
mnt-by: MASTER-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.85.222.169

Hi,

The IP 202.85.222.169 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 202.85.222.169:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-3]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 202.85.208.0 - 202.85.223.255
netname: Elink-space
descr: Elink-space (Beijing) Technology Co,. Ltd '
descr: OUYUAN 4-2215,Maliandao Street, Xicheng District
descr: Beijing, China, 100055
country: CN
admin-c: ZM673-AP
tech-c: ZM674-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20110628
source: APNIC

person: Lin Jia
address: OUYUAN 4-2215,Maliandao Street, Xicheng District
address: Beijing, China, 100055
country: CN
phone: +86-010- 52882179
fax-no: +86-010- 63354662
e-mail: jialin88@163.com
nic-hdl: ZM673-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110609
source: APNIC

person: Tony Zhang
address: OUYUAN 4-2215,Maliandao Street, Xicheng District
address: Beijing, China, 100055
country: CN
phone: +86-010- 52882179
fax-no: +86-010- 63354662
e-mail: jialin88@163.com
nic-hdl: ZM674-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110609
source: APNIC

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 49.48.17.109

Hi,

The IP 49.48.17.109 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 49.48.17.109:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-4]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 49.48.0.0 - 49.48.127.255
netname: TRIPLETNET-TH
descr: 3BB Broadband Internet service provider in Thailand
country: TH
admin-c: CW1178-AP
tech-c: CW1178-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-TH-3BB
mnt-lower: MAINT-TH-3BB
mnt-routes: MAINT-TH-3BB
mnt-irt: IRT-TRIPLETNET-TH
changed: ipadmin@3bbmail.com 20110214
source: APNIC

person: Ip admin
nic-hdl: CW1178-AP
e-mail: ipadmin@3bbmail.com
address: 200 Jasmine tower 29th floor
address: Chaengwattana road
address: Pakkret Nonthaburi 11120
phone: +66-2-1008555
phone: +66-2-1008552
phone: +66-2-1008553
country: TH
changed: ipadmin@3bbmail.com 20091116
mnt-by: MAINT-NEW
changed: hm-changed@apnic.net 20091116
changed: hm-changed@apnic.net 20111206
source: APNIC

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 124.160.194.82

Hi,

The IP 124.160.194.82 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 124.160.194.82:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-4]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 124.160.0.0 - 124.160.255.255
netname: UNICOM-ZJ
descr: China Unicom Zhejiang province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: JQ16-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-ZJ
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20060314
changed: hm-changed@apnic.net 20090507
changed: hm-changed@apnic.net 20090508
source: APNIC

route: 124.160.0.0/16
descr: CNC Group CHINA169 Zhejiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060314
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Jianhuaq Qian
nic-hdl: JQ16-AP
e-mail: zj_ipmaster@126.com
address: No 1336,BinAn Road,Hangzhou, Zhejiang,China
phone: +86-571-28868063
fax-no: +86-571-28868069
country: CN
changed: zj_ipmaster@126.com 20130709
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

Regards,

Fail2Ban

Wednesday, 24 July 2013

[Fail2Ban] SSH: banned 62.75.236.14

Hi,

The IP 62.75.236.14 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 62.75.236.14:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '62.75.236.0 - 62.75.236.63'

% Abuse contact for '62.75.236.0 - 62.75.236.63' is 'abuse@plusserver.de'

inetnum: 62.75.236.0 - 62.75.236.63
descr: BSB-SERVICE Dedicated Server Hosting
netname: BSB-SERVICE-1
country: DE
org: ORG-BSBS1-RIPE
admin-c: NPA10-RIPE
tech-c: NPA10-RIPE
remarks: rev-srv: ptr1.intergenia.de
remarks: rev-srv: ptr2.intergenia.de
status: ASSIGNED PA
remarks: Abuse-Contact: abuse@ip-pool.com
mnt-by: BSB-SERVICE-MNT
source: RIPE # Filtered

organisation: ORG-BSBS1-RIPE
org-name: B S B - Service GmbH
org-type: OTHER
descr: Internet-Hoster
remarks: BSB Service GmbH is part of intergenia AG
address: Daimlerstr.9-11
address: 50354 Huerth
address: Germany
phone: +49 2233 612-0
fax-no: +49 2233 612-144
admin-c: NPA10-RIPE
tech-c: NPA10-RIPE
mnt-ref: INTERGENIA-MNT
mnt-by: INTERGENIA-MNT
source: RIPE # Filtered

role: NMC PlusServer AG
address: PlusServer AG
address: Daimlerstr. 9-11
address: 50354 Huerth
phone: +49 1801 119991
fax-no: +49 2233 612-53500
abuse-mailbox: abuse@plusserver.de
remarks:
remarks: ********************************************************
remarks: * PLEASE READ CAREFULLY: *
remarks: * and choose the right addresses for contacting our *
remarks: * staff. *
remarks: * This will fasten up processing your request ! *
remarks: ********************************************************
remarks: * ABUSE-Complaints are only handled at: *
remarks: * ABUSE@plusserver.de *
remarks: ********************************************************
remarks: * Auskunftsersuchen gemaess TKG werden nur unter *
remarks: * Fax: +49 2233 612 5150 *
remarks: * bearbeitet! *
remarks: ********************************************************
remarks: * Informational Contact: info@plusserver.de *
remarks: * or http://www.plusserver.de *
remarks: ********************************************************
remarks:
remarks: ********************************************************
remarks: * If you have a routing-related request you *
remarks: * may contact us at : *
remarks: * Fax: +49 2233 612 53500 *
remarks: * Phone: +49 2233 612 3500 *
remarks: * *
remarks: ********************************************************
remarks:
admin-c: JBPS-RIPE
tech-c: CDPS-RIPE
tech-c: ADPS-RIPE
tech-c: MOPS1337-RIPE
nic-hdl: NPA10-RIPE
mnt-by: INTERGENIA-MNT
source: RIPE # Filtered

% Information related to '62.75.128.0/17AS8972'

route: 62.75.128.0/17
descr: Plusserver AG
origin: AS8972
mnt-by: INTERGENIA-MNT
mnt-lower: INTERGENIA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.89.168.144

Hi,

The IP 218.89.168.144 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 218.89.168.144:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-6]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 218.88.0.0 - 218.89.255.255
netname: CHINANET-SC
descr: CHINANET sichuan province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: XS16-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SC
status: ALLOCATED NON-PORTABLE
changed: hostmaster@ns.chinanet.cn.net 20020408
changed: hm-changed@apnic.net 20040927
changed: hm-changed@apnic.net 20041126
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: Xiaodong Shi
nic-hdl: XS16-AP
e-mail: ipadmin@my-public.sc.cninfo.net
address: No.72,Wen Miao Qian Str.
address: Data Communication Bureau Of Sichuan Province
address: Chengdu
address: PR China
phone: +86-28-6190785
fax-no: +86-28-6190641
country: CN
changed: ipadmin@my-public.sc.cninfo.net 20030317
mnt-by: MAINT-CHINANET-SC
source: APNIC

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.216.82.130

Hi,

The IP 112.216.82.130 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.216.82.130:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query: 112.216.82.130

# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 112.216.0.0 - 112.223.255.255 (/13)
서비스명 : BORANET
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG572
주소 : 서울 ì¤'구 남대문로5ê°€ 827
우편번호 : 100-095
í• ë&lsqauo;¹ì¼ìž : 20090216

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-2089-0101
전자우편 : security@bora.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 112.216.80.0 - 112.216.95.255 (/20)
네트워크 이름 : BORANET-INFRA
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG572
주소 : 서울 ì¤'구 남대문로5ê°€
우편번호 : 100-095
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20110207
공개여부 : N

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
기관명 : BORANET
주소 : 서울 ì¤'구 남대문로5ê°€
우편번호 : 100-095
전자우편 : ipadm@lguplus.co.kr


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 112.216.0.0 - 112.223.255.255 (/13)
Service Name : BORANET
Organization Name : LG DACOM Corporation
Organization ID : ORG572
Address : 827, Seoul Jung-gu Namdaemunno 5(o)-ga
Zip Code : 100-095
Registration Date : 20090216

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Tech Contact Information ]
Name : IP ADMIN
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-2089-0101
E-Mail : security@bora.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 112.216.80.0 - 112.216.95.255 (/20)
Network Name : BORANET-INFRA
Organization Name : LG DACOM Corporation
Organization ID : ORG572
Address : Seoul Jung-gu Namdaemunno 5(o)-ga
Zip Code : 100-095
Registration Date : 20110207
Publishes : N

[ Technical Contact Information ]
Organization Name : LG DACOM Corporation
Address : Seoul Jung-gu Namdaemunno 5(o)-ga
Zip Code : 100-095
E-Mail : ipadm@lguplus.co.kr


상기 ì •ë³´ëŠ" UTF-8 인ì½"ë"©ë˜ì–´ 서비스되고 있습ë&lsqauo;ˆë&lsqauo;¤.
EUC-KR 인ì½"ë"© 서비스ëŠ" oldwhois.kisa.or.kr에서 서비스 되고 있습ë&lsqauo;ˆë&lsqauo;¤.
The above information is encoded with UTF-8
EUC-KR encoding WHOIS is being serviced in this URL:oldwhois.kisa.or.kr

- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 69.64.57.155

Hi,

The IP 69.64.57.155 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 69.64.57.155:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 69.64.57.155"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=69.64.57.155?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 69.64.32.0 - 69.64.63.255
CIDR: 69.64.32.0/19
OriginAS: AS30083
NetName: HSI-1
NetHandle: NET-69-64-32-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
RegDate: 2003-07-30
Updated: 2013-03-18
Ref: http://whois.arin.net/rest/net/NET-69-64-32-0-1

OrgName: Hosting Solutions International, Inc.
OrgId: SERVE-6
Address: 210 North Tucker Blvd.
Address: Suite 910
City: Saint Louis
StateProv: MO
PostalCode: 63101
Country: US
RegDate: 2003-04-15
Updated: 2013-03-25
Comment: Please forward abuse complaints to abuse@hostingsolutionsinternational.com
Ref: http://whois.arin.net/rest/org/SERVE-6

OrgTechHandle: SWI19-ARIN
OrgTechName: Wintz, Sascha
OrgTechPhone: +1-314-480-6840
OrgTechEmail: s.wintz@hostingsolutionsinternational.com
OrgTechRef: http://whois.arin.net/rest/poc/SWI19-ARIN

OrgNOCHandle: SWI19-ARIN
OrgNOCName: Wintz, Sascha
OrgNOCPhone: +1-314-480-6840
OrgNOCEmail: s.wintz@hostingsolutionsinternational.com
OrgNOCRef: http://whois.arin.net/rest/poc/SWI19-ARIN

OrgAbuseHandle: HAD16-ARIN
OrgAbuseName: HSI Abuse Department
OrgAbusePhone: +1-314-266-3638
OrgAbuseEmail: abuse@hostingsolutionsinternational.com
OrgAbuseRef: http://whois.arin.net/rest/poc/HAD16-ARIN

RTechHandle: SWI19-ARIN
RTechName: Wintz, Sascha
RTechPhone: +1-314-480-6840
RTechEmail: s.wintz@hostingsolutionsinternational.com
RTechRef: http://whois.arin.net/rest/poc/SWI19-ARIN

RNOCHandle: SWI19-ARIN
RNOCName: Wintz, Sascha
RNOCPhone: +1-314-480-6840
RNOCEmail: s.wintz@hostingsolutionsinternational.com
RNOCRef: http://whois.arin.net/rest/poc/SWI19-ARIN

RAbuseHandle: HAD16-ARIN
RAbuseName: HSI Abuse Department
RAbusePhone: +1-314-266-3638
RAbuseEmail: abuse@hostingsolutionsinternational.com
RAbuseRef: http://whois.arin.net/rest/poc/HAD16-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 216.18.193.104

Hi,

The IP 216.18.193.104 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 216.18.193.104:

[Querying whois.arin.net]
[Redirected to clients.webnx.com:4321]
[Querying clients.webnx.com]
[clients.webnx.com]
%rwhois V-1.0,V-1.5:00090h:00 clients.webnx.com (Ubersmith RWhois Server V-2.3.0)
autharea=216.18.192.0/19
xautharea=216.18.192.0/19
network:Class-Name:network
network:Auth-Area:216.18.192.0/19
network:ID:NET-2723.216.18.193.96/27
network:Network-Name:216.18.193.97/27
network:IP-Network:216.18.193.96/27
network:IP-Network-Block:216.18.193.96
- 216.18.193.127
network:Org-Name:kevin, yu
network:Street-Address:
network:City:
network:State:
network:Postal-Code:
network:Country-Code:US
network:Tech-Contact:MAINT-2723.216.18.193.96/27
network:Created:20120105152844000
network:Updated:20120105152844000
network:Updated-By:abuse@webnx.com
contact:POC-Name:WebNX Inc.
contact:POC-Email:abuse@webnx.com
contact:POC-Phone:800.840.5996 x3
contact:Tech-Name:WebNX Inc.
contact:Tech-Email:abuse@webnx.com
contact:Tech-Phone:800.840.5996 x3
contact:Abuse-Name:Abuse Department
contact:Abuse-Email:abuse@webnx.com
%ok

Regards,

Fail2Ban

Tuesday, 23 July 2013

[Fail2Ban] SSH: banned 199.195.214.10

Hi,

The IP 199.195.214.10 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 199.195.214.10:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 199.195.214.10"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=199.195.214.10?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 199.195.212.0 - 199.195.215.255
CIDR: 199.195.212.0/22
OriginAS: AS26272
NetName: FUC-US-1001
NetHandle: NET-199-195-212-0-1
Parent: NET-199-0-0-0-0
NetType: Direct Allocation
RegDate: 2012-06-04
Updated: 2012-06-04
Ref: http://whois.arin.net/rest/net/NET-199-195-212-0-1

OrgName: FortaTrust USA Corporation
OrgId: FUC-9
Address: 3701 NW 82 Ave.
City: Doral
StateProv: FL
PostalCode: 33166
Country: US
RegDate: 2012-03-08
Updated: 2012-06-05
Ref: http://whois.arin.net/rest/org/FUC-9

OrgTechHandle: IPADM602-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-305-898-0033
OrgTechEmail: ipadmin@fortatrust.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM602-ARIN

OrgNOCHandle: IPADM602-ARIN
OrgNOCName: IP Admin
OrgNOCPhone: +1-305-898-0033
OrgNOCEmail: ipadmin@fortatrust.com
OrgNOCRef: http://whois.arin.net/rest/poc/IPADM602-ARIN

OrgAbuseHandle: IPADM602-ARIN
OrgAbuseName: IP Admin
OrgAbusePhone: +1-305-898-0033
OrgAbuseEmail: ipadmin@fortatrust.com
OrgAbuseRef: http://whois.arin.net/rest/poc/IPADM602-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 183.62.57.77

Hi,

The IP 183.62.57.77 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 183.62.57.77:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-4]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 183.0.0.0 - 183.63.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: IC83-AP
tech-c: IC83-AP
status: ALLOCATED PORTABLE
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091009
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.154.60.155

Hi,

The IP 198.154.60.155 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.154.60.155:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.154.60.155"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.154.60.155?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 198.154.60.0 - 198.154.63.255
CIDR: 198.154.60.0/22
OriginAS: AS26272
NetName: FT-USA-DR2
NetHandle: NET-198-154-60-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
RegDate: 2012-09-14
Updated: 2012-09-14
Ref: http://whois.arin.net/rest/net/NET-198-154-60-0-1

OrgName: FortaTrust USA Corporation
OrgId: FUC-9
Address: 3701 NW 82 Ave.
City: Doral
StateProv: FL
PostalCode: 33166
Country: US
RegDate: 2012-03-08
Updated: 2012-06-05
Ref: http://whois.arin.net/rest/org/FUC-9

OrgAbuseHandle: IPADM602-ARIN
OrgAbuseName: IP Admin
OrgAbusePhone: +1-954-369-0574
OrgAbuseEmail: ipadmin@fortatrust.com
OrgAbuseRef: http://whois.arin.net/rest/poc/IPADM602-ARIN

OrgTechHandle: IPADM602-ARIN
OrgTechName: IP Admin
OrgTechPhone: +1-954-369-0574
OrgTechEmail: ipadmin@fortatrust.com
OrgTechRef: http://whois.arin.net/rest/poc/IPADM602-ARIN

OrgNOCHandle: IPADM602-ARIN
OrgNOCName: IP Admin
OrgNOCPhone: +1-954-369-0574
OrgNOCEmail: ipadmin@fortatrust.com
OrgNOCRef: http://whois.arin.net/rest/poc/IPADM602-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 78.189.109.224

Hi,

The IP 78.189.109.224 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 78.189.109.224:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '78.189.98.0 - 78.189.117.255'

% Abuse contact for '78.189.98.0 - 78.189.117.255' is 'abuse@ttnet.com.tr'

inetnum: 78.189.98.0 - 78.189.117.255
netname: TurkTelekom
descr: TT ADSL-TTnet _static_aci
country: tr
admin-c: TTBA1-RIPE
tech-c: TTBA1-RIPE
status: ASSIGNED PA
mnt-by: as9121-mnt
source: RIPE # Filtered

role: TT Administrative Contact Role
address: Turk Telekom Genel Mudurlugu
phone: +90 312 555 1920
fax-no: +90 312 313 1924
admin-c: BADB3-RIPE
tech-c: ZA66-RIPE
abuse-mailbox: abuse@ttnet.com.tr
tech-c: NO638-RIPE
tech-c: SO351-RIPE
nic-hdl: TTBA1-RIPE
mnt-by: AS9121-MNT
source: RIPE # Filtered

% Information related to '78.189.0.0/17AS9121'

route: 78.189.0.0/17
descr: TurkTelekom
origin: AS9121
mnt-by: AS9121-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.20.94.27

Hi,

The IP 222.20.94.27 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.20.94.27:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-3]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 222.20.0.0 - 222.20.127.255
netname: HUSTE-CN
descr: ~{;*VP?F<<4sQ'6+P#Gx~}
descr: East-Zone for HuaZhong University of Science and Technology
descr: Wuhan, Hubei 430074, China
country: CN
remarks: conn-id WH000505
admin-c: ZL72-AP
tech-c: YY70-AP
tech-c: CER-AP
remarks: origin AS4538
changed: hostmaster@net.edu.cn 20031015
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC

role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Zhitang Li
address: Network Center
address: Huazhong University Of Science And Technology
address: Wuhan, Hubei 430074, China
country: CN
phone: +86-027-87549975
e-mail: ztli@hustcc.whnet.edu.cn
nic-hdl: ZL72-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-CERNET-AP
changed: hostmaster@net.edu.cn 20000330
source: APNIC
changed: hm-changed@apnic.net 20111122

person: Yong Yang
address: Network Center
address: Huazhong University Of Science And Technology
address: Wuhan, Hubei 430074, China
country: CN
phone: +86-027-87541443
e-mail: nic@sea.whnet.edu.cn
nic-hdl: YY70-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-CERNET-AP
changed: hostmaster@net.edu.cn 20000330
source: APNIC
changed: hm-changed@apnic.net 20111122

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 216.155.130.140

Hi,

The IP 216.155.130.140 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 216.155.130.140:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 216.155.130.140"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=216.155.130.140?showDetails=true&showARIN=false&ext=netref2
#

Choopa, LLC NET-216-155-130-136-29 (NET-216-155-130-136-1) 216.155.130.136 - 216.155.130.143
Choopa, LLC CHOOPA-NETBLK04 (NET-216-155-128-0-1) 216.155.128.0 - 216.155.159.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 221.139.14.120

Hi,

The IP 221.139.14.120 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 221.139.14.120:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query: 221.139.14.120

# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 221.138.0.0 - 221.143.255.255 (/14+/15)
서비스명 : broadNnet
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ì¼ìž : 20030602

[ IPv4주소 책임자 정보 ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : abuse@skbroadband.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 221.139.8.0 - 221.139.15.255 (/21)
네트워크 이름 : HANANET-INFRA
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20041130
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
기관명 : broadNnet
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 221.138.0.0 - 221.143.255.255 (/14+/15)
Service Name : broadNnet
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20030602

[ Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@skbroadband.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 221.139.8.0 - 221.139.15.255 (/21)
Network Name : HANANET-INFRA
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20041130
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : SK Broadband Co Ltd
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com


상기 ì •ë³´ëŠ" UTF-8 인ì½"ë"©ë˜ì–´ 서비스되고 있습ë&lsqauo;ˆë&lsqauo;¤.
EUC-KR 인ì½"ë"© 서비스ëŠ" oldwhois.kisa.or.kr에서 서비스 되고 있습ë&lsqauo;ˆë&lsqauo;¤.
The above information is encoded with UTF-8
EUC-KR encoding WHOIS is being serviced in this URL:oldwhois.kisa.or.kr

- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 183.232.32.24

Hi,

The IP 183.232.32.24 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 183.232.32.24:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-3]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 183.192.0.0 - 183.255.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
status: ALLOCATED PORTABLE
admin-c: LCJ-AP
tech-c: HL1318-AP
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091108
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
source: APNIC

route: 183.224.0.0/12
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: lihaijun@chinamobile.com 20101208
source: APNIC

person: li changjun
address: 29 jinrong ave. xicheng district, beijing China
country: CN
phone: +86 52686688
e-mail: hostmaster@chinamobile.com
nic-hdl: lcj-ap
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20071010
source: APNIC

person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 10 66006688
fax-no: +86 10 52616187
country: CN
changed: hostmaster@chinamobile.com 20110824
mnt-by: MAINT-CN-CMCC
source: APNIC

Regards,

Fail2Ban

Monday, 22 July 2013

[Fail2Ban] SSH: banned 208.109.191.192

Hi,

The IP 208.109.191.192 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 208.109.191.192:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 208.109.191.192"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=208.109.191.192?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 208.109.0.0 - 208.109.255.255
CIDR: 208.109.0.0/16
OriginAS:
NetName: GO-DADDY-COM-LLC
NetHandle: NET-208-109-0-0-1
Parent: NET-208-0-0-0-0
NetType: Direct Allocation
RegDate: 2006-04-12
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-208-109-0-0-1


OrgName: GoDaddy.com, LLC
OrgId: GODAD
Address: 14455 N Hayden Road
Address: Suite 226
City: Scottsdale
StateProv: AZ
PostalCode: 85260
Country: US
RegDate: 2007-06-01
Updated: 2012-03-15
Comment: Please send abuse complaints to abuse@godaddy.com
Ref: http://whois.arin.net/rest/org/GODAD

OrgNOCHandle: NOC124-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-480-505-8809
OrgNOCEmail: noc@godaddy.com
OrgNOCRef: http://whois.arin.net/rest/poc/NOC124-ARIN

OrgTechHandle: NOC124-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-480-505-8809
OrgTechEmail: noc@godaddy.com
OrgTechRef: http://whois.arin.net/rest/poc/NOC124-ARIN

OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-480-624-2505
OrgAbuseEmail: abuse@godaddy.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE51-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 74.119.216.227

Hi,

The IP 74.119.216.227 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 74.119.216.227:

[Querying whois.arin.net]
[Redirected to my.continuumdatacenters.com:4321]
[Querying my.continuumdatacenters.com]
[my.continuumdatacenters.com]
%rwhois V-1.0,V-1.5:00090h:00 my.continuumdatacenters.com (Ubersmith RWhois Server V-3.0.3)
autharea=74.119.216.0/22
xautharea=74.119.216.0/22
network:Class-Name:network
network:Auth-Area:74.119.216.0/22
network:ID:NET-88.74.119.216.224/28
network:Network-Name:Initial
Assignment
network:IP-Network:74.119.216.224/28
network:IP-Network-Block:74.119.216.224
- 74.119.216.239
network:Org-Name:Ilahi, Usman
network:Street-Address:2210 W. Thome Ave #3A
network:City:Chicago
network:State:IL
network:Postal-Code:60659
network:Country-Code:US
network:Tech-Contact:MAINT-88.74.119.216.224/28
network:Created:20091216235900000
network:Updated:20120610140802000
network:Updated-By:support@continuumdatacenters.com
contact:POC-Name:Network Administrator
contact:POC-Email:support@continuumdatacenters.com
contact:POC-Phone:1-877-4DC-COLO
contact:Tech-Name:Network Administrator
contact:Tech-Email:support@continuumdatacenters.com
contact:Tech-Phone:1-877-4DC-COLO
contact:Abuse-Name:Network Abuse
contact:Abuse-Email:abuse@continuumdatacenters.com
contact:Abuse-Phone:1-877-432-2656
%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 69.42.67.4

Hi,

The IP 69.42.67.4 has just been banned by Fail2Ban after
7 attempts against SSH.


Here are more information about 69.42.67.4:

[Querying whois.arin.net]
[Redirected to rwhois.webair.com:4321]
[Querying rwhois.webair.com]
[rwhois.webair.com]
%rwhois V-1.5:003fff:00 rwhois.webair.com (by Network Solutions, Inc. V-1.5.7.3)
network:Class-Name:network
network:ID:69.42.67.0/29
network:Auth-Area:69.42.64.0/19
network:Network-Name:EVN_Solutions,_LLC.--block
network:IP-Network:69.42.67.0/29
network:Org-Name:EVN_Solutions,_LLC.
network:Street-Address:301_Spring_Creek_Dr
.
network:City:Liberty_Hill
network:State:TX
network:Postal-Code:78642
network:Country-Code:United_States_of_America
network:Tech-Contact;I:abuse@webair.com
network:Admin-Contact;I:abuse@webair.com
network:Created:20130613
network:Updated:20130613
network:Updated-By:hostmaster@webair.com

network:Class-Name:network
network:ID:69.42.64.0/19
network:Auth-Area:69.42.64.0/19
network:Network-Name:Webair
network:IP-Network:69.42.64.0/19
network:Org-Name:Webair
network:Street-Address:1025
Old Country Road
network:City:Westbury
network:State:NY
network:Postal-Code:11590
network:Country-Code:USA
network:Tech-Contact;I:hostmaster@webair.com
network:Admin-Contact;I:hostmaster@webair.com
network:Created:20130613
network:Updated:20130613
network:Updated-By:hostmaster@webair.com

network:Class-Name:network
network:ID:69.42.67.0/29
network:Auth-Area:69.42.64.0/19
network:Network-Name:EVN_Solutions,_LLC.--block
network:IP-Network:69.42.67.0/29
network:Org-Name:EVN_Solutions,_LLC.
network:Street-Address:301_Spring_Creek_Dr
.
network:City:Liberty_Hill
network:State:TX
network:Postal-Code:78642
network:Country-Code:United_States_of_America
network:Tech-Contact;I:abuse@webair.com
network:Admin-Contact;I:abuse@webair.com
network:Created:20130613
network:Updated:20130613
network:Updated-By:hostmaster@webair.com

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 37.52.17.179

Hi,

The IP 37.52.17.179 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 37.52.17.179:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '37.52.0.0 - 37.55.255.255'

inetnum: 37.52.0.0 - 37.55.255.255
netname: UA-UKRTELECOM-20120124
descr: JSC "Ukrtelecom"
org: ORG-USTC1-RIPE
country: UA
admin-c: ARM3-RIPE
tech-c: ARM3-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: AS6849-MNT
mnt-routes: AS6849-MNT
source: RIPE # Filtered

organisation: ORG-USTC1-RIPE
org-name: JSC "Ukrtelecom"
org-type: LIR
address: JSC "Ukrtelecom",
address: Stanislav Ishchenko
address: 18, Shevchenko Blvd
address: 01601 Kyiv
address: UKRAINE
phone: +380442464416
fax-no: +380442344748
fax-no: +380442359247
admin-c: ARM3-RIPE
admin-c: OZ295-RIPE
admin-c: SI1657-RIPE
mnt-ref: AS6849-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered

person: Alexander Remiga
address: JSC UKRTELECOM
address: 18, Shevchenko blvd.
address: 01030, Kiev, Ukraine
phone: +380 (44) 230-9024
fax-no: +380 (44) 226-2586
mnt-by: AS6849-MNT
nic-hdl: ARM3-RIPE
source: RIPE # Filtered

% Information related to '37.52.0.0/16AS6849'

route: 37.52.0.0/16
descr: AGGREGATE BLOCK FOR UKRTELECOM
origin: AS6849
mnt-by: AS6849-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.66.3 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 124.161.223.79

Hi,

The IP 124.161.223.79 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 124.161.223.79:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-7]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 124.161.0.0 - 124.161.255.255
netname: UNICOM-SC
descr: China Unicom SiChuan province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: XX288-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-SC
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20060428
changed: hm-changed@apnic.net 20090508
source: APNIC

route: 124.161.0.0/16
descr: CNC Group CHINA169 Sichuan Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060428
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Xifei Xie
nic-hdl: XX288-AP
e-mail: sc-sjwg@chinaunicom.cn
address: Tianfu Road High-Tec international square C,Chengdu,Sichuan 610041,China
phone: +86-28-66850327
fax-no: +86-28-66850327
country: CN
changed: 18602896331@wo.com.cn 20101227
mnt-by: MAINT-CNCGROUP-SC
source: APNIC

Regards,

Fail2Ban