HideMyAss.com

Tuesday, 24 September 2013

[Fail2Ban] SSH: banned 121.199.34.172

Hi,

The IP 121.199.34.172 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 121.199.34.172:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '121.196.0.0 - 121.199.255.255'

inetnum: 121.196.0.0 - 121.199.255.255
netname: ALIBABA-CN-NET
descr: Hangzhou Alibaba Advertising Co.,Ltd.
descr: No.699, Wangshang RD., Hangzhou, China
country: CN
admin-c: ZM678-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20090122
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Shuo Yu
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: shuo.yus@alibaba-inc.com
e-mail: shuo.yus@aliyun-inc.com
nic-hdl: ZM678-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110614
source: APNIC

person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: guoxin.gao@aliyun-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130705
source: APNIC

person: security trouble
e-mail: cloud-cc-sqcloud@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: ipas@cnnic.cn 20130708
source: APNIC

person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130709
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS2)

Regards,

Fail2Ban

Monday, 23 September 2013

[Fail2Ban] SSH: banned 111.93.1.114

Hi,

The IP 111.93.1.114 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 111.93.1.114:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '111.93.0.0 - 111.93.255.255'

inetnum: 111.93.0.0 - 111.93.255.255
netname: TTSLISP
descr: Tata Teleservices ISP
country: IN
admin-c: CP542-AP
tech-c: CP542-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-IN-TTSLMEIS
mnt-routes: MAINT-IN-TTSLMEIS
status: ALLOCATED PORTABLE
mnt-irt: IRT-TTSLMEIS-IN
changed: hm-changed@apnic.net 20090626
source: APNIC

irt: IRT-TTSLMEIS-IN
address: TATA TELESERVICES LIMITED
address: Voltas Premises,
address: A, E & F Blocks,
address: Chinchpokli Mumbai
e-mail: ip.abuse@tatatel.co.in
abuse-mailbox: ip.abuse@tatatel.co.in
admin-c: CP542-AP
tech-c: CP542-AP
auth: # Filtered
mnt-by: MAINT-IN-TTSLMEIS
changed: ip.abuse@tatatel.co.in 20101109
source: APNIC

person: Chandrashekhar Pandhare
nic-hdl: CP542-AP
e-mail: Chandrashekhar.Pandhare@Tatatel.co.in
address: TATA TELESERVICES LIMITED
address: A,E&F Blocks Voltas Premises T.B. Kadam Marg Chinchpokli
address: A,E&F Blocks Voltas Premises T.B. Kadam Marg Chinchpokli,
phone: +91-4066555565
fax-no: +91-22-66605335
country: IN
changed: Chandrashekhar.Pandhare@tatatel.co.in 20090316
mnt-by: MAINT-NEW
source: APNIC

% Information related to '111.93.1.0/24AS45820'

route: 111.93.1.0/24
descr: TATA TELESERVICES LIMITED
descr: ISP DIVISION
descr: HYDERABAD IP POOL
origin: AS45820
mnt-by: MAINT-IN-TTSLMEIS
changed: Vivek.Puri@tatatel.co.in 20100325
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 82.142.159.68

Hi,

The IP 82.142.159.68 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 82.142.159.68:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.142.128.0 - 82.142.191.255'

% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'

inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered

organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 1 Kozhevnichesky proezd
address: 115114
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 7871000
fax-no: +7 495 7871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered

role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered

role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru

% Information related to '82.142.128.0/18AS8350'

route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.65.244.94

Hi,

The IP 112.65.244.94 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.65.244.94:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.64.0.0 - 112.65.255.255'

inetnum: 112.64.0.0 - 112.65.255.255
netname: UNICOM-SH
descr: CHINA UNICOM Shanghai network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: YR194-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-SH
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20081222
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: yanling ruan
nic-hdl: YR194-AP
e-mail: sh-ipmaster@chinaunicom.cn
address: No.900,Pudong Avenue,ShangHai,China
phone: +086-021-61201616
fax-no: +086-021-61201616
country: cn
changed: sh-ipmaster@chinaunicom.cn 20081215
mnt-by: MAINT-CNCGROUP-SH
source: APNIC

% Information related to '112.64.0.0/15AS17621'

route: 112.64.0.0/15
descr: China Unicom CHINA169 Shanghai Province Network
descr: Addresses from APNIC
country: CN
origin: AS17621
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20081224
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 188.116.4.81

Hi,

The IP 188.116.4.81 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 188.116.4.81:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '188.116.4.0 - 188.116.4.255'

% Abuse contact for '188.116.4.0 - 188.116.4.255' is 'abuse@nephax.net'

inetnum: 188.116.4.0 - 188.116.4.255
netname: HITME-PL
descr: www.hitme.net.pl
descr: HitMe.pl Marek Bajerski
descr: 87-140 Chelmza
descr: Wodna 1/3
descr: Connected by CIS NEPHAX
country: PL
admin-c: BM4076-RIPE
tech-c: NPHX-RIPE
status: ASSIGNED PA
mnt-by: NEPHAX-MNT
mnt-routes: NEPHAX-MNT
mnt-domains: NEPHAX-MNT
source: RIPE # Filtered

role: CIS NEPHAX Hostmaster
address: CIS NEPHAX
address: 80-807 Gdansk
address: Bieganskiego 10/22
phone: +48 58 3075086
fax-no: +48 58 3509325
abuse-mailbox: abuse@nephax.net
admin-c: MP10352-RIPE
admin-c: AK6159-RIPE
admin-c: MK8060-RIPE
tech-c: MP10352-RIPE
tech-c: AK6159-RIPE
tech-c: MK8060-RIPE
nic-hdl: NPHX-RIPE
mnt-by: NEPHAX-MNT
source: RIPE # Filtered

person: Marek Bajerski
org: ORG-HITM1-RIPE
address: Wodna 1/3
address: 87-140 Chelmza
address: Poland
phone: +48530630021
phone: +48530630011
nic-hdl: BM4076-RIPE
mnt-by: HITME
source: RIPE # Filtered

% Information related to '188.116.4.0/24AS50840'

route: 188.116.4.0/24
descr: HITME-PL
origin: AS50840
mnt-by: NEPHAX-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 87.253.47.116

Hi,

The IP 87.253.47.116 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 87.253.47.116:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '87.253.32.0 - 87.253.63.255'

inetnum: 87.253.32.0 - 87.253.63.255
netname: GE-UTG-20050929
descr: JSC "Silknet"
country: GE
org: ORG-UToG1-RIPE
admin-c: AN2440-RIPE
tech-c: AN2440-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: MNT-UTG
mnt-routes: MNT-UTG
mnt-domains: MNT-UTG
source: RIPE # Filtered

organisation: ORG-UToG1-RIPE
org-name: JSC "Silknet"
org-type: LIR
address: JSC "Silknet" Ana Nakashidze 95 Tsinamdzgvrishvili Str. 0112 Tbilisi GEORGIA
phone: +99532100000
fax-no: +99532100000
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: MNT-UTG
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
admin-c: AN2440-RIPE
admin-c: GM4914-RIPE
admin-c: MK4300-RIPE

person: Artem Ninidze
address: SILKNET
address: 95 Tsinamdzgvrishvili St.
address: Tbilisi 0112
address: Georgia
phone: +995 32 100000
nic-hdl: AN2440-RIPE
mnt-by: MNT-UTG
source: RIPE # Filtered

% Information related to '87.253.47.0/24AS35805'

route: 87.253.47.0/24
descr: United Telecom Network
origin: AS35805
mnt-by: MNT-UTG
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 192.154.110.247

Hi,

The IP 192.154.110.247 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 192.154.110.247:

[Querying whois.arin.net]
[Redirected to support.gorillaservers.com:4321]
[Querying support.gorillaservers.com]
[support.gorillaservers.com]
%rwhois V-1.0,V-1.5:00090h:00 support.gorillaservers.com (Ubersmith RWhois Server V-2.3.0)
autharea=192.154.96.0/20
xautharea=192.154.96.0/20
network:Class-Name:network
network:Auth-Area:192.154.96.0/20
network:ID:NET-1498.192.154.110.224/27
network:Network-Name:192.154.110.224/27
network:IP-Network:192.154.110.224/27
network:IP-Network-Block:192.154.110.224
- 192.154.110.255
network:Org-Name:Riaz, Madih-ullah
network:Street-Address:
network:City:
network:State:
network:Postal-Code:
network:Country-Code:US
network:Tech-Contact:MAINT-1498.192.154.110.224/27
network:Created:20130120085608000
network:Updated:20130120085608000
network:Updated-By:arin-noc@GorillaServers.com
contact:POC-Name:Network Administrator
contact:POC-Email:arin-noc@GorillaServers.com
contact:POC-Phone:
contact:Tech-Name:Network Administrator
contact:Tech-Email:arin-noc@GorillaServers.com
contact:Tech-Phone:
contact:Abuse-Name:Abuse Department
contact:Abuse-Email:arin-abuse@GorillaServers.com
%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 111.74.134.216

Hi,

The IP 111.74.134.216 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 111.74.134.216:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '111.72.0.0 - 111.79.255.255'

inetnum: 111.72.0.0 - 111.79.255.255
netname: CHINANET-JX
descr: CHINANET JIANGXI PROVINCE NETWORK
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
status: ALLOCATED PORTABLE
admin-c: JN113-AP
tech-c: JN113-AP
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20090528
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: wzzx_2013@189.cn
remarks: send spam reports to wzzx_2013@189.cn
remarks: and abuse reports to wzzx_2013@189.cn
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: wzzx_2013@189.cn
mnt-by: MAINT-IP-WWF
changed: hm-changed@apnic.net 20020812
changed: chenyiq@gsta.com 20130221
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.38.111.166

Hi,

The IP 59.38.111.166 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 59.38.111.166:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.38.111.128 - 59.38.111.191'

inetnum: 59.38.111.128 - 59.38.111.191
netname: DiLianNetwork
descr: DiLian Network Co.Ltd
country: CN
admin-c: FS-AP
tech-c: IC83-AP
mnt-by: MAINT-CHINANET-GD
changed: gdtel_ipreg@163.com 20080825
status: Allocated non-portable
source: APNIC

person: FOSHAN WANJIAN
address: No.202, Fen Jiang Nan Road, Foshan, China
country: CN
phone: +86-757-83103777
e-mail: ipadm@gddc.com.cn
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse@gddc.com.cn
nic-hdl: FS-AP
mnt-by: MAINT-CHINANET-GD
changed: CHENYIQ@GSTA.COM 20080328
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.227.147.26

Hi,

The IP 122.227.147.26 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 122.227.147.26:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.227.147.0 - 122.227.147.31'

inetnum: 122.227.147.0 - 122.227.147.31
netname: NINGBOSHI-XINXI-CHANYEJU
country: CN
descr: NING BO SHI XIN XI CHAN YE JU
descr:
admin-c: WY1716-AP
tech-c: CN13-AP
status: ASSIGNED NON-PORTABLE
changed: auto-dbm@dcb.hz.zj.cn 20081208
mnt-by: MAINT-CN-CHINANET-ZJ-NB
source: APNIC

role: CHINANET-ZJ Ningbo
address: No.180 Jiefang Road(North),Ningbo,Zhejiang.315010
country: CN
phone: +86-574-87278134
fax-no: +86-574-87362712
e-mail: anti_spam@mail.nbptt.zj.cn
remarks: send spam reports to anti_spam@mail.nbptt.zj.cn
remarks: and abuse reports to anti_spam@mail.nbptt.zj.cn
remarks: Please include detailed information and times in UTC
admin-c: CH105-AP
tech-c: CH105-AP
nic-hdl: CN13-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master@dcb.hz.zj.cn 20031204
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Wenjun Yu
nic-hdl: WY1716-AP
e-mail: 63360803@nbtelecom.com
address: NO.91,jiefang bei road Ningbo,Zhejiang.Postcode:315000
phone: +86-574-87183422
country: CN
changed: auto-dbm@dcb.hz.zj.cn 20081208
mnt-by: MAINT-CN-CHINANET-ZJ-NB
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

Sunday, 22 September 2013

[Fail2Ban] SSH: banned 89.233.234.2

Hi,

The IP 89.233.234.2 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 89.233.234.2:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '89.233.234.0 - 89.233.234.63'

% Abuse contact for '89.233.234.0 - 89.233.234.63' is 'abuse@bredband2.se'

inetnum: 89.233.234.0 - 89.233.234.63
netname: UNITED-TELEVISION-NET-SE
descr: United Television
descr: Kristianstad
country: SE
admin-c: BR1985-RIPE
tech-c: BR1985-RIPE
status: ASSIGNED PA
mnt-by: BB2-MNT
source: RIPE # Filtered

role: Bredband2 Routingregistry
address: Sodra Tullgatan 4 S-211 40 Malmoe Sweden
phone: +46 771 518500
fax-no: +46 40 125890
abuse-mailbox: abuse@bredband2.se
admin-c: RAD-RIPE
tech-c: RAD-RIPE
admin-c: TB345-RIPE
tech-c: TB345-RIPE
nic-hdl: BR1985-RIPE
mnt-by: BB2-MNT
source: RIPE # Filtered

% Information related to '89.233.232.0/21AS29518'

route: 89.233.232.0/21
descr: Wexnet via Bredband2
origin: AS29518
mnt-by: SKYNET-RIPE-MNT
mnt-by: WTN-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.68.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.216.140.51

Hi,

The IP 112.216.140.51 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.216.140.51:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query: 112.216.140.51

# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 112.216.0.0 - 112.223.255.255 (/13)
서비스명 : BORANET
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG572
주소 : 서울 ì¤'구 남대문로5ê°€ 827
우편번호 : 100-095
í• ë&lsqauo;¹ì¼ìž : 20090216

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-2089-0101
전자우편 : security@bora.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 112.216.128.0 - 112.216.143.255 (/20)
네트워크 이름 : BORANET-INFRA
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG572
주소 : 서울 ì¤'구 남대문로5ê°€
우편번호 : 100-095
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20110207
공개여부 : N

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
기관명 : BORANET
주소 : 서울 ì¤'구 남대문로5ê°€
우편번호 : 100-095
전자우편 : ipadm@lguplus.co.kr


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 112.216.0.0 - 112.223.255.255 (/13)
Service Name : BORANET
Organization Name : LG DACOM Corporation
Organization ID : ORG572
Address : 827, Seoul Jung-gu Namdaemunno 5(o)-ga
Zip Code : 100-095
Registration Date : 20090216

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Tech Contact Information ]
Name : IP ADMIN
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-2089-0101
E-Mail : security@bora.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 112.216.128.0 - 112.216.143.255 (/20)
Network Name : BORANET-INFRA
Organization Name : LG DACOM Corporation
Organization ID : ORG572
Address : Seoul Jung-gu Namdaemunno 5(o)-ga
Zip Code : 100-095
Registration Date : 20110207
Publishes : N

[ Technical Contact Information ]
Organization Name : LG DACOM Corporation
Address : Seoul Jung-gu Namdaemunno 5(o)-ga
Zip Code : 100-095
E-Mail : ipadm@lguplus.co.kr


상기 ì •ë³´ëŠ" UTF-8 인ì½"ë"©ë˜ì–´ 서비스되고 있습ë&lsqauo;ˆë&lsqauo;¤.
EUC-KR 인ì½"ë"© 서비스ëŠ" oldwhois.kisa.or.kr에서 서비스 되고 있습ë&lsqauo;ˆë&lsqauo;¤.
The above information is encoded with UTF-8
EUC-KR encoding WHOIS is being serviced in this URL:oldwhois.kisa.or.kr

- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 31.210.127.158

Hi,

The IP 31.210.127.158 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 31.210.127.158:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '31.210.127.0 - 31.210.127.255'

inetnum: 31.210.127.0 - 31.210.127.255
netname: SAYFA-NET
descr: INTER NET BILGISAYAR LTD STI
country: TR
admin-c: SN3028-RIPE
tech-c: SN3028-RIPE
status: ASSIGNED PA
mnt-by: AS42926-MNT
source: RIPE # Filtered

person: Sayfa Net
address: adres mevcut degildir
address: musteri bilgisi icin email atiniz
address: Istanbul
address: Turkey, TR
phone: +90 (000) 000 00 00
fax-no: +90 (000) 000 00 00
nic-hdl: SN3028-RIPE
mnt-by: ISTANBULDC-MNT
abuse-mailbox: ripe26@sayfa.net
source: RIPE # Filtered

% Information related to '31.210.127.0/24AS42926'

route: 31.210.127.0/24
descr: AS42926-NETWORK
origin: AS42926
mnt-by: AS42926-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.68.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 118.218.197.140

Hi,

The IP 118.218.197.140 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 118.218.197.140:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query: 118.218.197.140

# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 118.216.0.0 - 118.223.255.255 (/13)
서비스명 : broadNnet
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ì¼ìž : 20071026

[ IPv4주소 책임자 정보 ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : abuse@skbroadband.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 118.216.0.0 - 118.223.255.255 (/13)
Service Name : broadNnet
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20071026

[ Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@skbroadband.com


상기 ì •ë³´ëŠ" UTF-8 인ì½"ë"©ë˜ì–´ 서비스되고 있습ë&lsqauo;ˆë&lsqauo;¤.
EUC-KR 인ì½"ë"© 서비스ëŠ" oldwhois.kisa.or.kr에서 서비스 되고 있습ë&lsqauo;ˆë&lsqauo;¤.
The above information is encoded with UTF-8
EUC-KR encoding WHOIS is being serviced in this URL:oldwhois.kisa.or.kr

- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 223.4.89.116

Hi,

The IP 223.4.89.116 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 223.4.89.116:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '223.4.0.0 - 223.7.255.255'

inetnum: 223.4.0.0 - 223.7.255.255
netname: ALIBABA-CN-NET
descr: Hangzhou Alibaba Advertising Co.,Ltd.
descr: No.699, Wangshang RD., Hangzhou, China
country: CN
admin-c: ZM678-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20090122
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Shuo Yu
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: shuo.yus@alibaba-inc.com
e-mail: shuo.yus@aliyun-inc.com
nic-hdl: ZM678-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20110614
source: APNIC

person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: guoxin.gao@aliyun-inc.com
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130705
source: APNIC

person: security trouble
e-mail: cloud-cc-sqcloud@list.alibaba-inc.com
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: ipas@cnnic.cn 20130708
source: APNIC

person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: guowei.pangw@alibaba-inc.com
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net 20130709
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS1)

Regards,

Fail2Ban

Saturday, 21 September 2013

[Fail2Ban] SSH: banned 82.165.134.33

Hi,

The IP 82.165.134.33 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 82.165.134.33:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.165.128.0 - 82.165.143.255'

% Abuse contact for '82.165.128.0 - 82.165.143.255' is 'abuse@oneandone.net'

inetnum: 82.165.128.0 - 82.165.143.255
netname: SCHLUND-CUSTOMERS
descr: 1&1 Internet AG
country: DE
admin-c: IPAD-RIPE
tech-c: IPOP-RIPE
remarks: INFRA-AW
remarks: in case of abuse or spam, please mailto: abuse@oneandone.net
status: ASSIGNED PA
mnt-by: AS8560-MNT
mnt-lower: AS8560-MNT
mnt-domains: AS8560-MNT
mnt-routes: AS8560-MNT
source: RIPE # Filtered

role: IP Administration
address: 1&1 Internet AG
admin-c: AFI5-RIPE
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
admin-c: KHO13-RIPE
admin-c: LTO3-RIPE
admin-c: ZIG-RIPE
admin-c: MI-RIPE
admin-c: MINK-RIPE
admin-c: VR-RIPE
tech-c: AFI5-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
tech-c: KHO13-RIPE
tech-c: LTO3-RIPE
nic-hdl: IPAD-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
source: RIPE # Filtered

role: IP Operations
address: 1&1 Internet AG
admin-c: AFI5-RIPE
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
admin-c: KHO13-RIPE
admin-c: LTO3-RIPE
tech-c: AFI5-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
tech-c: KHO13-RIPE
tech-c: LTO3-RIPE
nic-hdl: IPOP-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
source: RIPE # Filtered

% Information related to '82.165.128.0/21AS8560'

route: 82.165.128.0/21
descr: AS8560 RIPE more specific
origin: AS8560
org: ORG-SA12-RIPE
mnt-by: AS8560-MNT
mnt-lower: AS8560-MNT
mnt-routes: AS8560-MNT
source: RIPE # Filtered

organisation: ORG-SA12-RIPE
org-name: 1&1 Internet AG
org-type: LIR
address: 1&1 Internet AG Axel Fischer Brauerstr.48 76135 Karlsruhe GERMANY
phone: +49 721 91374 0
fax-no: +49 721 91374 212
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: AS8560-MNT
mnt-ref: SCHLUND-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: IPAD-RIPE
admin-c: RME9-RIPE
admin-c: AFI5-RIPE
admin-c: JR2342-RIPE
abuse-c: ABDE2-RIPE
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.68.1 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 123.215.15.156

Hi,

The IP 123.215.15.156 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 123.215.15.156:

[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query: 123.215.15.156

# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 123.212.0.0 - 123.215.255.255 (/14)
서비스명 : broadNnet
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ì¼ìž : 20070212

[ IPv4주소 책임자 정보 ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : abuse@skbroadband.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 123.215.0.0 - 123.215.15.255 (/20)
네트워크 이름 : HANANET-INFRA
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20070419
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
기관명 : broadNnet
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 123.212.0.0 - 123.215.255.255 (/14)
Service Name : broadNnet
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20070212

[ Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@skbroadband.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 123.215.0.0 - 123.215.15.255 (/20)
Network Name : HANANET-INFRA
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20070419
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : SK Broadband Co Ltd
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com


상기 ì •ë³´ëŠ" UTF-8 인ì½"ë"©ë˜ì–´ 서비스되고 있습ë&lsqauo;ˆë&lsqauo;¤.
EUC-KR 인ì½"ë"© 서비스ëŠ" oldwhois.kisa.or.kr에서 서비스 되고 있습ë&lsqauo;ˆë&lsqauo;¤.
The above information is encoded with UTF-8
EUC-KR encoding WHOIS is being serviced in this URL:oldwhois.kisa.or.kr

- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 85.25.242.226

Hi,

The IP 85.25.242.226 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 85.25.242.226:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '85.25.0.0 - 85.25.255.255'

% Abuse contact for '85.25.0.0 - 85.25.255.255' is 'abuse@plusserver.de'

inetnum: 85.25.0.0 - 85.25.255.255
netname: DE-INTERGENIA-20050301
descr: intergenia AG
country: DE
org: ORG-iGCK1-RIPE
admin-c: TS12776-RIPE
tech-c: IT1309-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: INTERGENIA-MNT
mnt-routes: INTERGENIA-MNT
source: RIPE # Filtered

organisation: ORG-iGCK1-RIPE
org-name: intergenia AG
org-type: LIR
address: PlusServer AG
address: Network Management
address: Daimlerstr.9-11
address: 50354
address: Huerth
address: GERMANY
phone: +49 2233 6120
fax-no: +49 2233 612 53500
mnt-ref: INTERGENIA-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: MOPS1337-RIPE
admin-c: ANPS1-RIPE
admin-c: ADPS-RIPE
admin-c: CDPS-RIPE
admin-c: TS12776-RIPE
admin-c: NPA10-RIPE
admin-c: JO1299-RIPE
abuse-c: AIA48-RIPE
source: RIPE # Filtered

role: Intergenia Technik
address: intergenia AG
address: Daimlerstr. 9-11
address: 50354 Huerth
fax-no: +49 2233 612 53500
remarks: trouble: Information Contact info@plusserver.de
remarks: trouble: Abuse Contact abuse@plusserver.de
remarks: trouble: for more information http://www.plusserver.de
admin-c: NPA10-RIPE
tech-c: NPA10-RIPE
nic-hdl: IT1309-RIPE
mnt-by: INTERGENIA-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@plusserver.de

person: Thomas Strohe
address: Daimlerstr. 9-11
address: 50354 Huerth
address: Germany
phone: +49 2233 612 0
nic-hdl: TS12776-RIPE
mnt-by: INTERGENIA-MNT
source: RIPE # Filtered

% Information related to '85.25.0.0/16AS8972'

route: 85.25.0.0/16
descr: PlusServer AG
origin: AS8972
mnt-by: INTERGENIA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.68.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 123.215.15.156

Hi,

The IP 123.215.15.156 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 123.215.15.156:

[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query: 123.215.15.156

# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 123.212.0.0 - 123.215.255.255 (/14)
서비스명 : broadNnet
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ì¼ìž : 20070212

[ IPv4주소 책임자 정보 ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : abuse@skbroadband.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 123.215.0.0 - 123.215.15.255 (/20)
네트워크 이름 : HANANET-INFRA
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20070419
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
기관명 : broadNnet
주소 : 서울 ì¤'구 남대문로5ê°€ 267번지 SK남산빌ë"©
우편번호 : 100-711
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 123.212.0.0 - 123.215.255.255 (/14)
Service Name : broadNnet
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20070212

[ Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@skbroadband.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 123.215.0.0 - 123.215.15.255 (/20)
Network Name : HANANET-INFRA
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Registration Date : 20070419
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : SK Broadband Co Ltd
Address : 267, Seoul Namdaemunno 5(o)-ga Jung-gu SK NamsanGreen Bldg.
Zip Code : 100-711
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com


상기 ì •ë³´ëŠ" UTF-8 인ì½"ë"©ë˜ì–´ 서비스되고 있습ë&lsqauo;ˆë&lsqauo;¤.
EUC-KR 인ì½"ë"© 서비스ëŠ" oldwhois.kisa.or.kr에서 서비스 되고 있습ë&lsqauo;ˆë&lsqauo;¤.
The above information is encoded with UTF-8
EUC-KR encoding WHOIS is being serviced in this URL:oldwhois.kisa.or.kr

- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.64.114.103

Hi,

The IP 218.64.114.103 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 218.64.114.103:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.64.114.96 - 218.64.114.127'

inetnum: 218.64.114.96 - 218.64.114.127
netname: XY-yushui-borough-agriculture-bureau
descr: Jiangxi province,xinyu city,yushui-borough-agriculture-bureau
country: CN
admin-c: XY1-AP
tech-c: WZ377-AP
changed: lixm@public1.nc.jx.cn 20041116
mnt-by: MAINT-IP-WWF
status: ASSIGNED NON-PORTABLE
source: APNIC

person: Wanshu Zhou
address: Data Communication Bureau MPT
address: 40 Xueyuan Rd.
address: Beijing China 100083
country: CN
phone: +86-10-205-3992
fax-no: +86-10-205-3994
e-mail: zhouws@public.bta.net.cn
nic-hdl: WZ377-AP
notify: zhouws@public.bta.net.cn
notify: zhang@usai.asiainfo.com
mnt-by: MAINT-NULL
changed: zhang@usai.asiainfo.com 19960115
changed: hm-changed@apnic.net 20040927
source: APNIC
changed: hm-changed@apnic.net 20111122

person: Xu Yongzhong
address: Data Communication Bireau
address: Ministry of Posts and Telecommunications
address: A12 Xin-jie-kou-wai Street
address: Beijing 100088
country: CN
phone: +86-10-62053991
fax-no: +86-10-62053995
e-mail: yzxu@publicf.bta.net.cn
nic-hdl: XY1-AP
mnt-by: MAINT-NULL
changed: hostmaster@apnic.net 19960319
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.78.3.234

Hi,

The IP 112.78.3.234 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.78.3.234:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.78.0.0 - 112.78.15.255'

inetnum: 112.78.0.0 - 112.78.15.255
netname: ODS-VNNIC-VN
descr: Cong ty Co phan Dich vu du lieu Truc tuyen
descr: Online data services JSC
descr: 123 Truong Dinh, dist 3, HCMC
country: VN
admin-c: HTV3-AP
tech-c: HNT6-AP
status: ALLOCATED PORTABLE
remarks: send spam and abuse report to vanht@ods.vn
mnt-by: MAINT-VN-VNNIC
mnt-lower: MAINT-VN-VNNIC
changed: hm-changed@apnic.net 20100205
source: APNIC

person: Hoang Ngoc Tuyen
nic-hdl: HNT6-AP
e-mail: tuyenhn@ods.vn
address: 123 Truong Dinh, District3, HCMC
phone: +84-8-62888999
fax-no: +84-8-39320299
country: vn
changed: hm-changed@vnnic.net.vn 20100203
mnt-by: MAINT-VN-VNNIC
source: APNIC

person: Huynh Trong Van
nic-hdl: HTV3-AP
e-mail: vanht@ods.vn
address: 123 Truong Dinh, District3, HCMC
phone: +84-8-62888999
fax-no: +84-8-39320299
country: vn
changed: hm-changed@vnnic.net.vn 20100203
mnt-by: MAINT-VN-VNNIC
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.147.80.2

Hi,

The IP 211.147.80.2 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.147.80.2:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '211.147.64.0 - 211.147.95.255'

inetnum: 211.147.64.0 - 211.147.95.255
netname: DSNET
descr: Shanghai Data Solution Co., Ltd.
country: CN
admin-c: WH127-AP
tech-c: YA31-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20010801
changed: ipas@cnnic.net.cn 20070525
status: ALLOCATED PORTABLE
source: APNIC

person: Wu Haochen
address: Rm. 3301-3307, 3trd Building, 498 Guoshoujing Rd.
country: CN
phone: +86-21-50800818-223
fax-no: +86-21-50800926
e-mail: wuhc@shuxun.net
nic-hdl: WH127-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20010625
source: APNIC

person: Yao Alex
address: Rm. 3301-3307, 3trd Building, 498 Guoshoujing Rd.
country: CN
phone: +86-21-50800818-112
fax-no: +86-21-50800926
e-mail: alexyao@shuxun.net
nic-hdl: YA31-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20010716
source: APNIC

% Information related to '211.147.64.0/19AS17779'

route: 211.147.64.0/19
descr: Shanghai Data Solution Co., Ltd.
origin: AS17779
notify: zhigang.he@sst.net.cn
mnt-by: MAINT-CNNIC-AP
changed: hm-changed@apnic.net 20010819
changed: ipas@cnnic.net.cn 20070525
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 212.68.54.178

Hi,

The IP 212.68.54.178 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.68.54.178:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.68.54.0 - 212.68.54.255'

inetnum: 212.68.54.0 - 212.68.54.255
netname: Mars-Customer77
descr: Mars-Customer77
remarks: www.marsglobaldatacenter.com
country: TR
org: ORG-MGDS1-RIPE
admin-c: MN4961-RIPE
tech-c: MN4961-RIPE
status: ASSIGNED PA
mnt-by: MNT-MARSNET
source: RIPE # Filtered

organisation: ORG-MGDS1-RIPE
org-name: Mars Global Datacenter Services LLC
remarks: www.marsglobaldatacenter.com
org-type: OTHER
address: Pobrezni 118, Prague, Czech Republic Turkey
mnt-ref: MNT-MARSNET
mnt-by: MNT-MARSNET
source: RIPE # Filtered

person: Mars Noc
address: Nadiama St. No:28 Turkey
remarks: www.marsglobaldatacenter.com
mnt-by: MNT-MARSNET
phone: +90 213 437 87 87
nic-hdl: MN4961-RIPE
source: RIPE # Filtered

% Information related to '212.68.54.0/24AS42910'

route: 212.68.54.0/24
descr: MarsGlobal1-Net1
origin: AS42910
mnt-by: MNT-MARSNET
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.68.1 (WHOIS1)

Regards,

Fail2Ban

Friday, 20 September 2013

[Fail2Ban] SSH: banned 24.120.206.135

Hi,

The IP 24.120.206.135 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 24.120.206.135:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 24.120.206.135"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=24.120.206.135?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 24.120.0.0 - 24.120.255.255
CIDR: 24.120.0.0/16
OriginAS:
NetName: NETBLK-LV-CBS-24-120-0-0
NetHandle: NET-24-120-0-0-1
Parent: NET-24-0-0-0-0
NetType: Direct Allocation
Comment: For legal requests/assistance please use the following contact information:
Comment:
Comment: Cox Subpoena Phone: 404-269-0100
Comment:
Comment: Cox Subpoena Info: http://www.cox.com/policy/leainformation/default.asp
RegDate: 2001-02-21
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-24-120-0-0-1

OrgName: Cox Communications Inc.
OrgId: CXA
Address: 1400 Lake Hearn Dr.
City: Atlanta
StateProv: GA
PostalCode: 30319
Country: US
RegDate:
Updated: 2012-10-04
Comment: For legal requests/assistance please use the
Comment: following contact information:
Comment: Cox Subpoena Phone: 404-269-0100
Comment: Cox Subpoena Info: http://www.cox.com/policy/leainformation/default.asp
Ref: http://whois.arin.net/rest/org/CXA

OrgAbuseHandle: IC146-ARIN
OrgAbuseName: Cox Communications Inc
OrgAbusePhone: +1-404-269-7626
OrgAbuseEmail: abuse@cox.net
OrgAbuseRef: http://whois.arin.net/rest/poc/IC146-ARIN

OrgTechHandle: BAABO-ARIN
OrgTechName: BA, Aboubakr
OrgTechPhone: +1-404-269-7626
OrgTechEmail: abuse@cox.net
OrgTechRef: http://whois.arin.net/rest/poc/BAABO-ARIN

OrgTechHandle: RWA196-ARIN
OrgTechName: Waldron, Roderick
OrgTechPhone: +1-404-269-7626
OrgTechEmail: abuse@cox.net
OrgTechRef: http://whois.arin.net/rest/poc/RWA196-ARIN

RTechHandle: IC146-ARIN
RTechName: Cox Communications Inc
RTechPhone: +1-404-269-7626
RTechEmail: abuse@cox.net
RTechRef: http://whois.arin.net/rest/poc/IC146-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 190.220.62.5

Hi,

The IP 190.220.62.5 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 190.220.62.5:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-09-20 20:13:18 (BRT -03:00)

inetnum: 190.220.0/17
status: allocated
aut-num: N/A
owner: Techtel LMDS Comunicaciones Interactivas S.A.
ownerid: AR-TLCI-LACNIC
responsible: Administrador de Direcciones IP - CLARO
address: Garay, 34,
address: C1063AB - Buenos Aires -
country: AR
phone: +54 11 4000-3000 [3270]
owner-c: JPL3
tech-c: JPL3
abuse-c: JPL3
inetrev: 190.220.62/24
nserver: NS1.TELMEX.NET.AR
nsstat: 20130919 AA
nslastaa: 20130919
nserver: NS2.TELMEX.NET.AR
nsstat: 20130919 AA
nslastaa: 20130919
created: 20071030
changed: 20071030

nic-hdl: JPL3
person: Sebastian Motta
e-mail: sebastian.motta@CLARO.COM.AR
address: Av. Juan de Garay, 34,
address: C1063ABN - Buenos Aires -
country: AR
phone: +54 11 4000 [3000]
created: 20061121
changed: 20120913

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 162.213.188.50

Hi,

The IP 162.213.188.50 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 162.213.188.50:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 162.213.188.50"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=162.213.188.50?showDetails=true&showARIN=false&ext=netref2
#

A&A Marketing AA-MARKETING (NET-162-213-188-11-1) 162.213.188.11 - 162.213.188.60
Chi Networks QTOPI2 (NET-162-213-188-0-1) 162.213.188.0 - 162.213.191.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban