HideMyAss.com

Tuesday, 1 October 2013

[Fail2Ban] SSH: banned 209.141.41.84

Hi,

The IP 209.141.41.84 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 209.141.41.84:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 209.141.41.84"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=209.141.41.84?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 209.141.32.0 - 209.141.63.255
CIDR: 209.141.32.0/19
OriginAS: AS53667
NetName: PONYNET-04
NetHandle: NET-209-141-32-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
RegDate: 2011-01-27
Updated: 2012-03-25
Ref: http://whois.arin.net/rest/net/NET-209-141-32-0-1

OrgName: FranTech Solutions
OrgId: SYNDI-5
Address: 1621 Central Ave
City: Cheyenne
StateProv: WY
PostalCode: 82001
Country: US
RegDate: 2010-07-21
Updated: 2012-10-01
Ref: http://whois.arin.net/rest/org/SYNDI-5

OrgTechHandle: FDI19-ARIN
OrgTechName: Dias, Francisco
OrgTechPhone: +1-250-389-1317
OrgTechEmail: admin@frantech.ca
OrgTechRef: http://whois.arin.net/rest/poc/FDI19-ARIN

OrgAbuseHandle: FDI19-ARIN
OrgAbuseName: Dias, Francisco
OrgAbusePhone: +1-250-389-1317
OrgAbuseEmail: admin@frantech.ca
OrgAbuseRef: http://whois.arin.net/rest/poc/FDI19-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 174.121.152.170

Hi,

The IP 174.121.152.170 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 174.121.152.170:

[Querying whois.arin.net]
[Redirected to rwhois.theplanet.com:4321]
[Querying rwhois.theplanet.com]
[rwhois.theplanet.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-THEPLANET-BLK-16
network:Auth-Area:174.120.0.0/14
network:Network-Name:TPIS-BLK-174-121-152-0
network:IP-Network:174.121.152.168/29
network:IP-Network-Block:174.121.152.168
- 174.121.152.175
network:Organization;I:MXM
network:Street-Address:N/A
network:City:Draper
network:State:UT
network:Postal-Code:84020
network:Country-Code:USA
network:Tech-Contact;I:abuse@theplanet.com
network:Admin-Contact;I:abuse@theplanet.com
network:Created:20100326
network:Updated:20100326

network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.174.120.0.0/14
network:Auth-Area:174.120.0.0/14
network:Network-Name:SOFTLAYER-174.120.0.0
network:IP-Network:174.120.0.0/15
network:IP-Network-Block:174.120.0.0-174.121.255.255

network:Organization;I:SoftLayer
network:Street-Address:4849 Alpha Road
network:City:Dallas
network:State:TX
network:Postal-Code:75244
network:Country-Code:US
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:abuse@softlayer.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2013-01-09 09:56:44
network:Updated:2013-08-13 11:12:29
network:Updated-By:ipadmin@softlayer.com

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 192.95.38.42

Hi,

The IP 192.95.38.42 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 192.95.38.42:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 192.95.38.42"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=192.95.38.42?showDetails=true&showARIN=false&ext=netref2
#

OVH Hosting, Inc. OVH-ARIN-5 (NET-192-95-0-0-1) 192.95.0.0 - 192.95.63.255
OVH (NWK) OVH-DEDICATED-10 (NET-192-95-38-0-1) 192.95.38.0 - 192.95.39.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 79.190.76.245

Hi,

The IP 79.190.76.245 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 79.190.76.245:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '79.190.76.240 - 79.190.76.247'

% Abuse contact for '79.190.76.240 - 79.190.76.247' is 'cert.pl@orange.com'

inetnum: 79.190.76.240 - 79.190.76.247
netname: CUSTOMER-IDSL-032421
descr: static IP
descr: KOSCIAN
descr: POLAND
country: PL
admin-c: TPHT
tech-c: TPHT
status: ASSIGNED PA
mnt-by: TPNET
source: RIPE # Filtered

role: TP S.A. Hostmaster
address: Telekomunikacja Polska S.A.
address: ul. Nowogrodzka 47A
address: 00-695 Warszawa
address: Poland
phone: +48 800 120810
phone: +48 801 600006
phone: +48 22 5039000
fax-no: +48 22 6225182
org: ORG-PT1-RIPE
admin-c: JS1838-RIPE
admin-c: EHD2-RIPE
tech-c: KP21-RIPE
tech-c: JK7642-RIPE
nic-hdl: TPHT
mnt-by: TPNET
abuse-mailbox: cert.pl@orange.com
address: hostmaster@tpnet.pl 20130506
source: RIPE # Filtered

% Information related to '79.184.0.0/13AS5617'

route: 79.184.0.0/13
descr: TPNET
descr: for abuse: abuse@tpnet.pl
origin: AS5617
mnt-by: AS5617-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 213.108.252.82

Hi,

The IP 213.108.252.82 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 213.108.252.82:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '213.108.248.0 - 213.108.255.255'

inetnum: 213.108.248.0 - 213.108.255.255
netname: BESTHOSTING
descr: Best Hosting Company Ltd
country: RU
org: ORG-BHCL1-RIPE
admin-c: BHC-RIPE
tech-c: BHC-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: LIDERTELECOM-mnt
mnt-by: BH-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: LIDERTELECOM-mnt
mnt-routes: BH-MNT
mnt-domains: LIDERTELECOM-mnt
source: RIPE # Filtered

organisation: ORG-BHCL1-RIPE
org-name: Best Hosting Company Ltd
org-type: OTHER
address: RU, 127254, Moscow, Ogorodniy proezd, 9, build.2
mnt-ref: LIDERTELECOM-mnt
mnt-by: LIDERTELECOM-mnt
source: RIPE # Filtered

role: Best Hosting Company
address: Ogorodny proezd, 9, 2, Moscow, Russia
admin-c: ARTE-RIPE
tech-c: ARTE-RIPE
nic-hdl: BHC-RIPE
mnt-by: BH-MNT
abuse-mailbox: abuse@best-hosting.ru
source: RIPE # Filtered

% Information related to '213.108.252.0/23AS49834'

route: 213.108.252.0/23
descr: Best Hosting Company Ltd
descr: Data-Centre VDNH
origin: AS49834
mnt-by: BH-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

Monday, 30 September 2013

[Fail2Ban] SSH: banned 121.10.45.86

Hi,

The IP 121.10.45.86 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 121.10.45.86:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '121.8.0.0 - 121.15.255.255'

inetnum: 121.8.0.0 - 121.15.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
mnt-routes: MAINT-CHINANET-GD
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20060518
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% Information related to '121.8.0.0/13AS4134'

route: 121.8.0.0/13
descr: From Guangdong Network of ChinaTelecom
origin: AS4134
mnt-by: MAINT-CHINANET
changed: dingsy@cndata.com 20060707
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.147.103.72

Hi,

The IP 61.147.103.72 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.103.72:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 114.112.69.45

Hi,

The IP 114.112.69.45 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 114.112.69.45:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '114.112.32.0 - 114.112.95.255'

inetnum: 114.112.32.0 - 114.112.95.255
netname: CDSNET
descr: Beijing capitalonline data service co.,LTD
descr: Rm.16c£¬Bldg.2#A,Jinyuan times business Centre£¬
descr: No.2,Landianchang-East Rd.£¬
descr: Haidian District£¬Beijing
country: CN
admin-c: MH1-AUTO
tech-c: LT1-AUTO
mnt-by: MAINT-AP-CNISP
mnt-irt: IRT-CNISP-CN
status: allocated non-portable
changed: ip@cnisp.org.cn 20130814
source: APNIC

irt: IRT-CNISP-CN
address: CNISP-Union Technology (Beijing) Co., Ltd
e-mail: ip@cnisp.org.cn
abuse-mailbox: ip@cnisp.org.cn
admin-c: DY1-AUTO
tech-c: WF1-AUTO
auth: # Filtered
mnt-by: MAINT-AP-CNISP
changed: ip@cnisp.org.cn 20101109
changed: hm-changed@apnic.net 20101111
source: APNIC

person: Li Tao
nic-hdl: LT1-AUTO
e-mail: tao.li@yun-idc.com
address: Rm.16c£¬Bldg.2#A,Jinyuan times business Centre£¬
address: No.2,Landianchang-East Rd.£¬
address: Haidian District£¬Beijing
phone: +86-10-51997733
country: CN
changed: ip@cnisp.org.cn 20130822
mnt-by: MAINT-AP-CNISP
source: APNIC

person: Meng Hong
nic-hdl: MH1-AUTO
e-mail: hong.meng@yun-idc.com
address: Rm.16c£¬Bldg.2#A,Jinyuan times business Centre£¬
address: No.2,Landianchang-East Rd.£¬
address: Haidian District£¬Beijing
phone: +86-10-51997733
country: CN
changed: ip@cnisp.org.cn 20130822
mnt-by: MAINT-AP-CNISP
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

Sunday, 29 September 2013

[Fail2Ban] SSH: banned 222.135.144.90

Hi,

The IP 222.135.144.90 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.135.144.90:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.132.0.0 - 222.135.255.255'

inetnum: 222.132.0.0 - 222.135.255.255
netname: UNICOM-SD
descr: China Unicom Shandong province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: XZ14-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-SD
mnt-routes: MAINT-CNCGROUP-RR
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20031211
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20060125
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: XIAOFENG ZHANG
nic-hdl: XZ14-AP
e-mail: ip@pub.sd.cninfo.net
address: Jinan,Shandong P.R China
phone: +86-531-6666666
fax-no: +86-531-6666666
country: CN
changed: ip@sdinfo.net 20050330
mnt-by: MAINT-ZXF
source: APNIC

% Information related to '222.132.0.0/14AS4837'

route: 222.132.0.0/14
descr: CNC Group CHINA169 Shandong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 118.244.136.64

Hi,

The IP 118.244.136.64 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 118.244.136.64:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '118.244.0.0 - 118.244.255.255'

inetnum: 118.244.0.0 - 118.244.255.255
netname: HSOFT
descr: Beijing hsoft technologies inc
descr: Beijing City, Haidian District Madian 8 South Road
descr: crown sea building three layer
country: CN
admin-c: ZT587-AP
tech-c: ZT587-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20121122
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Zhang Tao
address: Beijing City, Haidian District Madian 8 South Road crown sea building three layer
country: CN
phone: +86-13051336272
e-mail: 13051336272@wo.com.cn
nic-hdl: ZT587-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20121107
source: APNIC

% Information related to '118.244.0.0/16AS4837'

route: 118.244.0.0/16
descr: CNC Group CHINA169 Sichuan Province network
descr: Addresses from CNNIC(BBnet)
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20080321
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 200.12.49.147

Hi,

The IP 200.12.49.147 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 200.12.49.147:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-09-29 15:25:04 (BRT -03:00)

inetnum: 200.12.32/19
status: allocated
aut-num: N/A
owner: CyberNet de Guatemala S.A.
ownerid: GT-CGSA-LACNIC
responsible: Manuel Mazariegos
address: 12 calle 1-25 Zona 10 Edificio Geminis 10, Torre, Norte 609
address: 01010 - Guatemala City -
country: GT
phone: +502 23282100 []
owner-c: MAM2
tech-c: MAM2
abuse-c: MAM2
inetrev: 200.12.32/19
nserver: NS1.GUATE.NET.GT
nsstat: 20130929 AA
nslastaa: 20130929
nserver: NS2.GUATE.NET.GT
nsstat: 20130929 ERR
nslastaa: 20130925
created: 19950428
changed: 20061017

nic-hdl: MAM2
person: Manuel Mazariegos
e-mail: mmaza@GOLD.GUATE.NET.GT
address: 12 calle 1-25 Zona 10 Edificio Geminis 10 Torre, Norte, 6o Nivel 609
address: 01010 - Guatemala - GT
country: GT
phone: +011 502 3382668 []
created: 20021112
changed: 20110406

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.147.113.26

Hi,

The IP 61.147.113.26 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.113.26:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 190.147.33.16

Hi,

The IP 190.147.33.16 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 190.147.33.16:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-09-29 07:40:25 (BRT -03:00)

inetnum: 190.144/14
status: allocated
aut-num: N/A
owner: Telmex Colombia S.A.
ownerid: CO-ACSA-LACNIC
responsible: Operaciones Core IP
address: CLARO FIJO COLOMBIA - Cra 7 No. 63-44, 11111,
address: 11111 - Bogota - DC
country: CO
phone: +57 01 7480000 []
owner-c: ATI
tech-c: ATI
abuse-c: ATI
inetrev: 190.147/16
nserver: ENIAC.CABLE.NET.CO
nsstat: 20130926 AA
nslastaa: 20130926
nserver: HAL.CABLE.NET.CO
nsstat: 20130926 AA
nslastaa: 20130926
created: 20070111
changed: 20070111

nic-hdl: ATI
person: Network Security Team
e-mail: abuse@TELMEXLA.NET.CO
address: Cra 7 # 63-44 Piso 6, 00, 00
address: 10 - Bogota - DC
country: CO
phone: +57 01 7480456 [81966]
created: 20020909
changed: 20130416

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 201.141.166.234

Hi,

The IP 201.141.166.234 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 201.141.166.234:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-09-28 21:23:51 (BRT -03:00)

inetnum: 201.141.128/17
status: allocated
aut-num: N/A
owner: Cablevisión, S.A. de C.V.
ownerid: MX-CSCV17-LACNIC
responsible: Jean Paul Broc Haro
address: Dr. Río de la Loza, 182, Col. Doctores
address: 06720 - Del. Cuauhtémoc - DF
country: MX
phone: +52 5591831800 []
owner-c: LAA2
tech-c: LAA2
abuse-c: LAA2
inetrev: 201.141.128/17
nserver: CVDNSISP5.CABLEVISION.NET.MX [lame - not published]
nsstat: 20130928 UDN
nslastaa: 20120201
created: 20060317
changed: 20111116

nic-hdl: LAA2
person: Ricardo Medina Velasco
e-mail: contactonic@CABLEVISION.NET.MX
address: Niños Héroes, 41, Col. Doctores
address: 06720 - Del. Cuauhtémoc - DF
country: MX
phone: +52 55 91831666 []
created: 20050307
changed: 20130719

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

Saturday, 28 September 2013

[Fail2Ban] SSH: banned 58.56.163.250

Hi,

The IP 58.56.163.250 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 58.56.163.250:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '58.56.0.0 - 58.59.127.255'

inetnum: 58.56.0.0 - 58.59.127.255
netname: CHINANET-SD
descr: CHINANET SHANDONG PROVINCE NETWORK
descr: Shandong Telecom Corporation
descr: No.999,Shunhua road,Jinan,Shandong
country: CN
admin-c: XR55-AP
tech-c: CH93-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-SD
mnt-routes: MAINT-CHINANET-SD
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-
changed: hm-changed@apnic.net 20050622
changed: hm-changed@apnic.net 20060605
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: Xin Ruosheng
nic-hdl: XR55-AP
e-mail: ipreport@sdtele.com
address: No.999, road Shunhua, Jinan, Shandong province,China
phone: +86-531-83190000
fax-no: +86-531-83190000
country: CN
changed: ipreport@sdtele.com 20060905
mnt-by: MAINT-CHINANET-SD
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 201.217.51.46

Hi,

The IP 201.217.51.46 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 201.217.51.46:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-09-28 13:09:48 (BRT -03:00)

inetnum: 201.217.32/19
status: allocated
aut-num: N/A
owner: CO.PA.CO.
ownerid: PY-COPA-LACNIC
responsible: Hernán R. Franco M.
address: Teodoro S. Mongelós (edificio Morotí), -, piso 1 - A
address: - - Asunción (Paraguay) -
country: PY
phone: +59 52 12260 []
owner-c: RMG
tech-c: CSA5
abuse-c: CSA5
inetrev: 201.217.51/24
nserver: NS1.COPACO.COM.PY
nsstat: 20130923 AA
nslastaa: 20130923
nserver: NS2.COPACO.COM.PY
nsstat: 20130923 AA
nslastaa: 20130923
created: 20051215
changed: 20061009

nic-hdl: CSA5
person: COPACO S.A. IP ADMINISTRATOR
e-mail: ipadmin@COPACO.COM.PY
address: Mayor Bullo e/Pasaje Uruguay, 1565, 2do. Piso
address: 1098 - Asuncion -
country: PY
phone: +595 21 229555 []
created: 20061009
changed: 20091126

nic-hdl: RMG
person: Hernán R. Franco M.
e-mail: hfranco@COPACO.COM.PY
address: Mayor Bullo e/Pasaje Uruguay, 874,
address: 2042 - Asuncion -
country: PY
phone: +595 21 200611 []
created: 20031013
changed: 20130923

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 209.62.25.90

Hi,

The IP 209.62.25.90 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 209.62.25.90:

[Querying whois.arin.net]
[Redirected to rwhois.theplanet.com:4321]
[Querying rwhois.theplanet.com]
[rwhois.theplanet.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-THEPLANET-BLK-EV1-16
network:Auth-Area:209.62.0.0/17
network:Network-Name:TPIS-BLK-209-62-25-0
network:IP-Network:209.62.25.88/29
network:IP-Network-Block:209.62.25.88
- 209.62.25.95
network:Organization;I:Megri Soft Limited
network:Street-Address:N/A
network:City:Chandigarh
network:State:OT
network:Postal-Code:160047
network:Country-Code:IND
network:Tech-Contact;I:abuse@ev1servers.net
network:Admin-Contact;I:abuse@ev1servers.net
network:Created:20091006
network:Updated:20120524

network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.209.62.0.0/17
network:Auth-Area:209.62.0.0/17
network:Network-Name:SOFTLAYER-209.62.0.0
network:IP-Network:209.62.25.0/24
network:IP-Network-Block:209.62.25.0-209.62.25.255

network:Organization;I:SoftLayer
network:Street-Address:4849 Alpha Road
network:City:Dallas
network:State:TX
network:Postal-Code:75244
network:Country-Code:US
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:abuse@softlayer.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2011-02-17 15:26:29
network:Updated-By:ipadmin@softlayer.com

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.61.180.152

Hi,

The IP 198.61.180.152 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.61.180.152:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.61.180.152"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.61.180.152?showDetails=true&showARIN=false&ext=netref2
#

Rackspace Cloud Servers RACKS-8-9350332768056438 (NET-198-61-180-0-1) 198.61.180.0 - 198.61.180.255
Rackspace Hosting RACKS-8-NET-10 (NET-198-61-128-0-1) 198.61.128.0 - 198.61.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

Friday, 27 September 2013

[Fail2Ban] SSH: banned 222.189.239.102

Hi,

The IP 222.189.239.102 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.189.239.102:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.184.0.0 - 222.191.255.255'

inetnum: 222.184.0.0 - 222.191.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040223
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 212.116.159.146

Hi,

The IP 212.116.159.146 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.116.159.146:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.116.159.144 - 212.116.159.151'

% Abuse contact for '212.116.159.144 - 212.116.159.151' is 'abuse@itdnet.net'

inetnum: 212.116.159.144 - 212.116.159.151
netname: Italmodaluce
remarks: INFRA-AW
descr: Italmodaluce OOD
country: BG
admin-c: INMC3-RIPE
tech-c: INMC3-RIPE
status: ASSIGNED PA
mnt-by: ITD-MNT
source: RIPE # Filtered

role: ITD Network Management Center
address: 16-20 Alabin str. Sofia Bulgaria
mnt-by: ITD-MNT
abuse-mailbox: abuse@itdnet.net
admin-c: AI653-RIPE
tech-c: NP2091-RIPE
tech-c: DD2999-RIPE
nic-hdl: INMC3-RIPE
source: RIPE # Filtered

% Information related to '212.116.159.0/24AS9070'

route: 212.116.159.0/24
descr: ITD Network - PA Address space
origin: AS9070
mnt-by: ITD-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 69.162.65.121

Hi,

The IP 69.162.65.121 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 69.162.65.121:

[Querying whois.arin.net]
[Redirected to rwhois.limestonenetworks.com:4321]
[Querying rwhois.limestonenetworks.com]
[rwhois.limestonenetworks.com]
%rwhois V-1.5:003fff:00 rwhois.limestonenetworks.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:LSN-BLK-69.162.64.0/18
network:Auth-Area:69.162.64.0/18
network:Network-Name:LSN-69.162.64.0/18
network:IP-Network:69.162.65.112/28
network:IP-Network-Block:69.162.65.112
- 69.162.65.127
network:Organization-Name:LGV HosT
network:Organization-City:ourinhos
network:Organization-State:OT
network:Organization-Zip:19906-520
network:Organization-Country:BR
network:Tech-Contact;I:abuse@limestonenetworks.com
network:Admin-Contact;I:abuse@limestonenetworks.com
network:Updated-By:admin@limestonenetworks.com

network:Class-Name:network
network:ID:LSN-BLK-69.162.64.0/18
network:Auth-Area:69.162.64.0/18
network:Network-Name:LSN-69.162.64.0/18
network:IP-Network:69.162.64.0/18
network:IP-Network-Block:69.162.64.0
- 69.162.127.255
network:Organization;I:Limestone Networks
network:Tech-Contact;I:ipadmin@limestonenetworks.com
network:Admin-Contact;I:admin@limestonenetworks.com
network:Created:20080129
network:Updated:20080129
network:Updated-By:admin@limestonenetworks.com

%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok

Regards,

Fail2Ban

Thursday, 26 September 2013

[Fail2Ban] SSH: banned 162.213.25.40

Hi,

The IP 162.213.25.40 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 162.213.25.40:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 162.213.25.40"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=162.213.25.40?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 162.213.24.0 - 162.213.31.255
CIDR: 162.213.24.0/21
OriginAS: AS46664
NetName: VOLUM-2
NetHandle: NET-162-213-24-0-1
Parent: NET-162-0-0-0-0
NetType: Direct Allocation
RegDate: 2013-05-31
Updated: 2013-05-31
Ref: http://whois.arin.net/rest/net/NET-162-213-24-0-1


OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 69.15.3.34

Hi,

The IP 69.15.3.34 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 69.15.3.34:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 69.15.3.34"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=69.15.3.34?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 69.15.0.0 - 69.15.255.255
CIDR: 69.15.0.0/16
OriginAS:
NetName: NET-64-207-0-0-1
NetHandle: NET-69-15-0-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
Comment: For prompt attention, please send all abuse
Comment: (spam, DOS, etc) correspondence to our
Comment: Abuse handle. -Cbeyond
RegDate: 2002-12-09
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-69-15-0-0-1

OrgName: CBEYOND COMMUNICATIONS, LLC
OrgId: CBEY
Address: 320 Interstate North Parkway
Address: Suite 300
City: Atlanta
StateProv: GA
PostalCode: 30339
Country: US
RegDate: 2000-08-03
Updated: 2011-07-13
Comment: For prompt attention, please send all abuse
Comment: (spam, DOS, etc) correspondence to our
Comment: Abuse handle. -Cbeyond
Ref: http://whois.arin.net/rest/org/CBEY

OrgAbuseHandle: ABUSE294-ARIN
OrgAbuseName: Cbeyond-Abuse
OrgAbusePhone: +1-678-424-2400
OrgAbuseEmail: abuse@cbeyond.net
OrgAbuseRef: http://whois.arin.net/rest/poc/ABUSE294-ARIN

OrgTechHandle: AI93-ARIN
OrgTechName: Admin IP
OrgTechPhone: +1-678-424-2400
OrgTechEmail: ip-admin@cbeyond.net
OrgTechRef: http://whois.arin.net/rest/poc/AI93-ARIN

RAbuseHandle: ABUSE294-ARIN
RAbuseName: Cbeyond-Abuse
RAbusePhone: +1-678-424-2400
RAbuseEmail: abuse@cbeyond.net
RAbuseRef: http://whois.arin.net/rest/poc/ABUSE294-ARIN

RTechHandle: AI93-ARIN
RTechName: Admin IP
RTechPhone: +1-678-424-2400
RTechEmail: ip-admin@cbeyond.net
RTechRef: http://whois.arin.net/rest/poc/AI93-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.147.80.2

Hi,

The IP 211.147.80.2 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.147.80.2:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '211.147.64.0 - 211.147.95.255'

inetnum: 211.147.64.0 - 211.147.95.255
netname: DSNET
descr: Shanghai Data Solution Co., Ltd.
country: CN
admin-c: WH127-AP
tech-c: YA31-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20010801
changed: ipas@cnnic.net.cn 20070525
status: ALLOCATED PORTABLE
source: APNIC

person: Wu Haochen
address: Rm. 3301-3307, 3trd Building, 498 Guoshoujing Rd.
country: CN
phone: +86-21-50800818-223
fax-no: +86-21-50800926
e-mail: wuhc@shuxun.net
nic-hdl: WH127-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20010625
source: APNIC

person: Yao Alex
address: Rm. 3301-3307, 3trd Building, 498 Guoshoujing Rd.
country: CN
phone: +86-21-50800818-112
fax-no: +86-21-50800926
e-mail: alexyao@shuxun.net
nic-hdl: YA31-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20010716
source: APNIC

% Information related to '211.147.64.0/19AS17779'

route: 211.147.64.0/19
descr: Shanghai Data Solution Co., Ltd.
origin: AS17779
notify: zhigang.he@sst.net.cn
mnt-by: MAINT-CNNIC-AP
changed: hm-changed@apnic.net 20010819
changed: ipas@cnnic.net.cn 20070525
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS3)

Regards,

Fail2Ban

Wednesday, 25 September 2013

[Fail2Ban] SSH: banned 195.14.104.8

Hi,

The IP 195.14.104.8 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 195.14.104.8:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '195.14.104.0 - 195.14.105.255'

inetnum: 195.14.104.0 - 195.14.105.255
netname: HORT-NET
descr: Hosting and Colocation Services
country: RU
org: ORG-HORT1-RIPE
admin-c: DH2916-RIPE
tech-c: DH2916-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: HORT-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: HORT-MNT
mnt-routes: TEL-NET-MNT
mnt-domains: HORT-MNT
source: RIPE # Filtered
remarks: +----------------------------------------------------------------+
remarks: ! Operation time: !
remarks: ! NOC: 5x8 (09:00-18:00) MSK !
remarks: ! customers support: 24x7 !
remarks: +----------------------------------------------------------------+
remarks: ! Contacts: !
remarks: ! noc@htc-s.ru - for routing and peering questions !
remarks: ! abuse@htc-s.ru - for SPAM and abuse security issues !
remarks: ! sales@htc-s.ru - for sales questions !
remarks: ! http://www.htc-s.ru - official site.... !
remarks: +----------------------------------------------------------------+

organisation: ORG-HORT1-RIPE
org-name: LTD "HORTTEL"
org-type: OTHER
address: 109652, Russia, Moscow, Dekabrystov str. 10, k. 1, 4
phone: +7 499 506 9689
abuse-mailbox: abuse@htc-s.ru
mnt-ref: HORT-MNT
mnt-by: HORT-MNT
source: RIPE # Filtered

person: Dmitriy V. Hort
address: 109652, Russia, Moscow, Lugovoy str. 4
phone: +7 499 506 9689
phone: +7 915 000 7402
nic-hdl: DH2916-RIPE
mnt-by: HORT-MNT
source: RIPE # Filtered

% Information related to '195.14.104.0/23as56504'

route: 195.14.104.0/23
descr: HORTTEL
origin: as56504
mnt-by: hort-mnt
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 101.78.191.242

Hi,

The IP 101.78.191.242 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 101.78.191.242:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '101.78.128.0 - 101.78.255.255'

inetnum: 101.78.128.0 - 101.78.255.255
netname: NEWTT-AS-AP
descr: Wharf T&T Limited
descr: 11/F, Telecom Tower,
descr: Wharf T&T Square, 123 Hoi Bun Road
descr: Kwun Tong, Kowloon
country: HK
admin-c: EN62-AP
tech-c: BW128-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-HK-NEWTT
mnt-routes: MAINT-HK-NEWTT
mnt-irt: IRT-NEWTT-HK
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20111116
source: APNIC

irt: IRT-NEWTT-HK
address: Unit 825-876, 8/F, KITEC, 1 Trademart Drive, Kowloon Bay, Hong Kong
e-mail: abuse@wharftt.com
abuse-mailbox: abuse@wharftt.com
admin-c: EN62-AP
tech-c: BW128-AP
auth: # Filtered
mnt-by: MAINT-HK-BENSONWONG
changed: abuse@wharftt.com 20101111
source: APNIC

person: Benson Wong
nic-hdl: BW128-AP
e-mail: abuse@wharftt.com
address: 5/F, Harbour City, Kowloon,
address: Hong Kong
phone: +852-21122651
fax-no: +852-21127883
country: HK
changed: bensonwong@wharftt.com 20070420
mnt-by: MAINT-HK-NEWTT
source: APNIC

person: Eric Ng
nic-hdl: EN62-AP
remarks: please report spam or abuse to abuse@wharftt.com
e-mail: abuse@wharftt.com
e-mail: ericng@wharftt.com
address: 11/F Telecom Tower, Wharf T&T Square
address: 123 Hoi Bun Road, Kwun Tong,'
phone: +852-2112-2653
fax-no: +852-2112-7883
country: HK
changed: ericng@wharftt.com 20070716
mnt-by: MAINT-NEW
source: APNIC

% This query was served by the APNIC Whois Service version 1.68 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 82.142.159.68

Hi,

The IP 82.142.159.68 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 82.142.159.68:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.142.128.0 - 82.142.191.255'

% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'

inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered

organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 1 Kozhevnichesky proezd
address: 115114
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 7871000
fax-no: +7 495 7871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered

role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered

role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru

% Information related to '82.142.128.0/18AS8350'

route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 195.14.104.8

Hi,

The IP 195.14.104.8 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 195.14.104.8:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '195.14.104.0 - 195.14.105.255'

inetnum: 195.14.104.0 - 195.14.105.255
netname: HORT-NET
descr: Hosting and Colocation Services
country: RU
org: ORG-HORT1-RIPE
admin-c: DH2916-RIPE
tech-c: DH2916-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: HORT-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: HORT-MNT
mnt-routes: TEL-NET-MNT
mnt-domains: HORT-MNT
source: RIPE # Filtered
remarks: +----------------------------------------------------------------+
remarks: ! Operation time: !
remarks: ! NOC: 5x8 (09:00-18:00) MSK !
remarks: ! customers support: 24x7 !
remarks: +----------------------------------------------------------------+
remarks: ! Contacts: !
remarks: ! noc@htc-s.ru - for routing and peering questions !
remarks: ! abuse@htc-s.ru - for SPAM and abuse security issues !
remarks: ! sales@htc-s.ru - for sales questions !
remarks: ! http://www.htc-s.ru - official site.... !
remarks: +----------------------------------------------------------------+

organisation: ORG-HORT1-RIPE
org-name: LTD "HORTTEL"
org-type: OTHER
address: 109652, Russia, Moscow, Dekabrystov str. 10, k. 1, 4
phone: +7 499 506 9689
abuse-mailbox: abuse@htc-s.ru
mnt-ref: HORT-MNT
mnt-by: HORT-MNT
source: RIPE # Filtered

person: Dmitriy V. Hort
address: 109652, Russia, Moscow, Lugovoy str. 4
phone: +7 499 506 9689
phone: +7 915 000 7402
nic-hdl: DH2916-RIPE
mnt-by: HORT-MNT
source: RIPE # Filtered

% Information related to '195.14.104.0/23as56504'

route: 195.14.104.0/23
descr: HORTTEL
origin: as56504
mnt-by: hort-mnt
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 173.242.122.34

Hi,

The IP 173.242.122.34 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 173.242.122.34:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 173.242.122.34"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=173.242.122.34?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
Comment: http://www.volumedrive.com
RegDate: 2010-05-06
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-173-242-112-0-1

OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RTechHandle: VOLUM1-ARIN
RTechName: VolumeDrive POC
RTechPhone: +1-862-266-1083
RTechEmail: info@volumedrive.com
RTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RAbuseHandle: VOLUM-ARIN
RAbuseName: VolumeDrive
RAbusePhone: +1-862-266-1083
RAbuseEmail: info@volumedrive.com
RAbuseRef: http://whois.arin.net/rest/poc/VOLUM-ARIN

RNOCHandle: VOLUM-ARIN
RNOCName: VolumeDrive
RNOCPhone: +1-862-266-1083
RNOCEmail: info@volumedrive.com
RNOCRef: http://whois.arin.net/rest/poc/VOLUM-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 213.244.81.220

Hi,

The IP 213.244.81.220 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 213.244.81.220:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '213.244.64.0 - 213.244.127.255'

inetnum: 213.244.64.0 - 213.244.127.255
descr: Palestine Telecommunications Company (PALTEL)
org: ORG-PTC2-RIPE
netname: PS-PALTEL-20010418
country: PS
admin-c: RA2887-RIPE
tech-c: RA2887-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: PALTEL-MNTNER
mnt-routes: PALTEL-MNTNER
remarks: Abuse complaints to be sent to abuse@paltel.net
source: RIPE # Filtered

organisation: ORG-PTC2-RIPE
org-name: Palestine Telecommunications Company (PALTEL)
org-type: LIR
address: Palestine Telecommunications (PALTEL) Khaled Sayeh Rafeedya St. 1570 Nablus PALESTINIAN TERRITORY, OCCUPIED
phone: +970 9 2376 225
fax-no: +970 9 2376 227
mnt-ref: PALTEL-MNTNER
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: WH185-RIPE
admin-c: RZ2064-RIPE
admin-c: RA2887-RIPE
admin-c: KA1290-RIPE
source: RIPE # Filtered

person: Ripe Admin-PALTEL
address: PALTEL HDQ
address: Rafeedya St.
address: P.O.Box 1570, Nablus,
address: Palestine.
phone: + 970 9 2376225
fax-no: + 970 9 2376227
nic-hdl: RA2887-RIPE
mnt-by: PALTEL-MNTNER
source: RIPE # Filtered

% Information related to '213.244.80.0/22AS12975'

route: 213.244.80.0/22
descr: PALTEL (Palestine Telecommunications Co.).
origin: AS12975
mnt-by: PALTEL-MNTNER
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban