HideMyAss.com

Monday, 21 October 2013

[Fail2Ban] SSH: banned 83.103.153.139

Hi,

The IP 83.103.153.139 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 83.103.153.139:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '83.103.153.0 - 83.103.153.255'

% Abuse contact for '83.103.153.0 - 83.103.153.255' is 'abuse@upc.ro'

inetnum: 83.103.153.0 - 83.103.153.255
netname: ASTRAL-HR-NET-SOFT-TELECOM
descr: ASTRAL Harghita Net-Soft Telecom
country: RO
admin-c: AH1598-RIPE
tech-c: CN3389-RIPE
tech-c: AM15077-RIPE
tech-c: TRI1-RIPE
tech-c: CM8934-RIPE
remarks: INFRA-AW
status: ASSIGNED PA
mnt-by: ASTRALTELECOM-MNT
mnt-lower: ASTRALTELECOM-MNT
mnt-routes: ASTRALTELECOM-MNT
source: RIPE # Filtered

person: Astral Telecom Hostmaster
address: UPC Romania Srl
address: ROMANIA
phone: +40311018100
fax-no: +40311018101
nic-hdl: AH1598-RIPE
remarks: ***************************************
remarks: * for abuse please use abuse@upc.ro *
remarks: ***************************************
mnt-by: ASTRALTELECOM-MNT
source: RIPE # Filtered

person: Alin Moldovan
address: CODEC Electronic Products
address: 37, Decebal
address: 3400 Cluj-Napoca
address: Romania
phone: +40-264-432450
fax-no: +40-264-418205
nic-hdl: AM15077-RIPE
mnt-by: AS3233-MNT
source: RIPE # Filtered

person: Catalin Muresan
address: UPC Romania
address: str. Nordului, 62D
address: Bucuresti, 104014
address: Romania
phone: +40-31-1018100
fax-no: +40-31-1018101
nic-hdl: CM8934-RIPE
mnt-by: ASTRALTELECOM-MNT
source: RIPE # Filtered

person: Camelia Nastase
address: MediaSat S.A.
address: Bld. Ferdinand, Nr. 99, Sector 2, Bucuresti
address: Romania
phone: +40-31-8240610
nic-hdl: CN3389-RIPE
mnt-by: CPN-MNT
source: RIPE # Filtered

person: Teodor Remus IACOB
address: Astral Telecom SA
address: Bd. Mihai Bravu nr. 223
address: Complex Optidol, sector 3
address: Bucharest - Romania
phone: +40-1-3266196
fax-no: +40-1-3266197
nic-hdl: TRI1-RIPE
mnt-by: KAPPA-MNT
source: RIPE # Filtered

% Information related to '83.103.128.0/17AS6746'

route: 83.103.128.0/17
descr: UPC Romania Srl
origin: AS6746
mnt-by: ASTRALTELECOM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

Sunday, 20 October 2013

[Fail2Ban] SSH: banned 61.160.200.54

Hi,

The IP 61.160.200.54 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.160.200.54:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.160.0.0 - 61.160.255.255'

inetnum: 61.160.0.0 - 61.160.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.160.0.0/16AS23650'

route: 61.160.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 186.46.199.196

Hi,

The IP 186.46.199.196 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 186.46.199.196:

[Querying whois.arin.net]
[Redirected to whois.lacnic.net]
[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-10-20 18:43:05 (BRST -02:00)

inetnum: 186.46.199.192/28
status: reallocated
owner: MUNICIPIO DEL DISTRITO METROPOLITANO DE QUITO
ownerid: EC-MDMQ2-LACNIC
responsible: ERICK CERON
address: AV MALDONADO 0 Y CARRION MIGUEL, , ESTACION TROLE SUR - FRENTE AL RECREO
address: 3110 - QUITO - PI
country: EC
phone: +593 83191516 []
owner-c: VMR
tech-c: VMR
abuse-c: VMR
created: 20120423
changed: 20120423
inetnum-up: 186.46.128/17

nic-hdl: VMR
person: Evelin Gavilanes
e-mail: noc@ANDINANET.NET
address: Edificio Droira, s/n, esquina
address: 3110 - Quito - EC
country: EC
phone: +593 2 2944800 [882]
created: 20030402
changed: 20120829

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 110.45.186.97

Hi,

The IP 110.45.186.97 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 110.45.186.97:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 110.45.186.97


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 110.45.128.0 - 110.45.255.255 (/17)
서비스명 : KIDC
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG137200
주소 : 강남구 논현동 261-1
우편번호 : 135-010
í• ë&lsqauo;¹ì¼ìž : 20090320

[ IPv4주소 책임자 정보 ]
이름 : IP주소 관리자
ì „í™"번호 : +82-2-2086-2924
전자우편 : support@kidc.net

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-2086-2924
전자우편 : ip@kidc.net

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-2086-2878
전자우편 : security@kidc.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 110.45.186.0 - 110.45.186.255 (/24)
네트워크 이름 : KIDC-INFRA
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG137200
주소 : 강남구 논현동 261-1
우편번호 : 135-010
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20110624
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
기관명 : KIDC
주소 : 강남구 논현동 261-1
우편번호 : 135-010
ì „í™"번호 : +82-2-2086-2924
전자우편 : ip@kidc.net


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 110.45.128.0 - 110.45.255.255 (/17)
Service Name : KIDC
Organization Name : LG DACOM KIDC
Organization ID : ORG137200
Address : KIDC, 261-1, Nonhyun-dong, Kangnam-gu
Zip Code : 135-010
Registration Date : 20090320

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-2086-2924
E-Mail : support@kidc.net

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-2086-2924
E-Mail : ip@kidc.net

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-2086-2878
E-Mail : security@kidc.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 110.45.186.0 - 110.45.186.255 (/24)
Network Name : KIDC-INFRA
Organization Name : LG DACOM KIDC
Organization ID : ORG137200
Address : KIDC, 261-1, Nonhyun-dong, Kangnam-gu
Zip Code : 135-010
Registration Date : 20110624
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : LG DACOM KIDC
Address : KIDC, 261-1, Nonhyun-dong, Kangnam-gu
Zip Code : 135-010
Phone : +82-2-2086-2924
E-Mail : ip@kidc.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 219.245.32.241

Hi,

The IP 219.245.32.241 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 219.245.32.241:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '219.245.32.0 - 219.245.47.255'

inetnum: 219.245.32.0 - 219.245.47.255
netname: XJTUC-CN
descr: ~{Nw02=;M(4sQ'~}
descr: Xi'an Jiao Tong University
descr: Xi'an, Shaanxi 710049, China
country: CN
remarks: conn-id XA000234
admin-c: LW160-AP
tech-c: LW160-AP
tech-c: CER-AP
remarks: origin AS4538
remarks: host-bits 14+12
changed: hostmaster@net.edu.cn 20030623
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC

role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Li Wei
address: Campus Network Center
address: Xi'an JiaoTong University
address: Xian, Shaanxi 710049, China
country: CN
phone: +86-29-2668831
e-mail: liw@xanet.edu.cn
nic-hdl: LW160-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-CERNET-AP
changed: hostmaster@net.edu.cn 20001122
source: APNIC
changed: hm-changed@apnic.net 20111122

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.204.225.106

Hi,

The IP 198.204.225.106 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.204.225.106:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.204.225.106"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.204.225.106?showDetails=true&showARIN=false&ext=netref2
#

Zhou Pizhong DS-225-66-126 (NET-198-204-225-64-1) 198.204.225.64 - 198.204.225.127
DataShack, LC DSV4-6 (NET-198-204-224-0-1) 198.204.224.0 - 198.204.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 103.14.20.50

Hi,

The IP 103.14.20.50 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 103.14.20.50:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '103.14.20.0 - 103.14.21.255'

inetnum: 103.14.20.0 - 103.14.21.255
netname: CIFO-ID
descr: PT Citra Jelajah Informatika
descr: Internet Service Provider
descr: Jl. Bagusrangin No.8
descr: Bandung 40132
country: ID
admin-c: MAP1-AP
tech-c: MAP1-AP
remarks: Send Spam & Abuse Reports to abuse@cifo.co.id
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-CIFO
mnt-irt: IRT-CIFO-ID
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20120601
changed: hostmaster@idnic.net 20130423
source: APNIC

irt: IRT-CIFO-ID
address: PT Citra Jelajah Informatika
address: Jl. Bagusrangin No.8
address: Bandung 40132
e-mail: Sdeny@cifo.co.id
abuse-mailbox: Sdeny@cifo.co.id
admin-c: SS2150-AP
tech-c: SS2150-AP
auth: # Filtered
mnt-by: MAINT-ID-CIFO
changed: Sdeny@cifo.co.id 20120531
source: APNIC

person: Muhamad Aditya Prima
address: Jl. Bagusrangin No.8
address: Bandung 40132
country: ID
phone: +62-22-2534484
fax-no: +62-22-92914002
e-mail: admin@cifo.co.id
nic-hdl: MAP1-AP
mnt-by: MAINT-ID-CIFO
changed: hostmaster@idnic.net 20130401
source: APNIC

% Information related to '103.14.20.0/23AS131717'

route: 103.14.20.0/23
descr: Route object of PT Citra Jelajah Informatika
origin: AS131717
country: ID
mnt-by: MAINT-ID-CIFO
changed: hostmaster@idnic.net 20130708
notify: admin@cifo.co.id
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.236.246.12

Hi,

The IP 211.236.246.12 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.236.246.12:

[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 211.236.246.12


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.236.224.0 - 211.236.255.255 (/19)
서비스명 : SEJONGNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 세종í…"레콤
기관고유번호 : ORG110145
주소 : 강남구 역삼동 646-1 현대해상í™"재보험빌ë"©
우편번호 : 135-080
í• ë&lsqauo;¹ì¼ìž : 20030906

[ IPv4주소 책임자 정보 ]
이름 : IP주소 관리자
ì „í™"번호 : +82-2-1688-7380
전자우편 : ip@sejongtelecom.net

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소 ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-1688-7380
전자우편 : ip@sejongtelecom.net

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse
ì „í™"번호 : +82-2-3415-4320
전자우편 : abuse@sejongtelecom.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 211.236.224.0 - 211.236.255.255 (/19)
Service Name : SEJONGNET
Organization Name : SEJONG TELECOM
Organization ID : ORG110145
Address : Hyundai B/D, 646-1, Yeoksam-dong, Gangnam-gu
Zip Code : 135-080
Registration Date : 20030906

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-1688-7380
E-Mail : ip@sejongtelecom.net

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-1688-7380
E-Mail : ip@sejongtelecom.net

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-3415-4320
E-Mail : abuse@sejongtelecom.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 91.121.23.6

Hi,

The IP 91.121.23.6 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 91.121.23.6:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.121.0.0 - 91.121.31.255'

inetnum: 91.121.0.0 - 91.121.31.255
netname: OVH
descr: OVH SAS
descr: Dedicated Servers
descr: http://www.ovh.com
country: FR
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
source: RIPE # Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
source: RIPE # Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
source: RIPE # Filtered

% Information related to '91.121.0.0/18AS16276'

route: 91.121.0.0/18
descr: OVH ISP
descr: Paris, France
origin: AS16276
mnt-by: OVH-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.113.26.13

Hi,

The IP 122.113.26.13 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 122.113.26.13:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.112.0.0 - 122.115.255.255'

inetnum: 122.112.0.0 - 122.115.255.255
netname: CNISP-UNION
descr: CNISP-Union Technology (Beijing) Co., Ltd
descr: Room 503, Building D,
descr: No.2 Shangdi Xinxi Road Pioneering Park,
descr: Haidian District, Beijing, 100085, P.R.China
country: CN
admin-c: DY857-AP
tech-c: WF703-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-AP-CNISP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
changed: ipas@cnnic.cn 20130731
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Dong Yinliang
address: Rm503, Building D, No.2 Xinxi Road, Haidian, China
country: CN
phone: +86-10-82893336
fax-no: +86-10-82893337
e-mail: dongyinliang@cnisp.org
nic-hdl: DY857-AP
changed: ipas@cnnic.cn 20130730
mnt-by: MAINT-CNNIC-AP
source: APNIC

person: Wang Fei
address: Rm503, Building D, No.2 Xinxi Road, Haidian, China
country: CN
phone: +86-10-82893336
fax-no: +86-10-82893337
e-mail: wangfei@cnisp.org
nic-hdl: WF703-AP
changed: ipas@cnnic.cn 20130730
mnt-by: MAINT-CNNIC-AP
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.103.190.147

Hi,

The IP 222.103.190.147 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.103.190.147:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 222.103.190.147


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 222.96.0.0 - 222.122.255.255 (/12+/13+/15+/16)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 정자동 206 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20031110

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 222.96.0.0 - 222.122.255.255 (/12+/13+/15+/16)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Jungja-dong, Bundang-gu, Sungnam-ci
Zip Code : 463-711
Registration Date : 20031110

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

Saturday, 19 October 2013

[Fail2Ban] SSH: banned 87.238.192.81

Hi,

The IP 87.238.192.81 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 87.238.192.81:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '87.238.192.0 - 87.238.198.255'

% Abuse contact for '87.238.192.0 - 87.238.198.255' is 'abuse@1blu.de'

inetnum: 87.238.192.0 - 87.238.198.255
netname: EVANZO-2010A
descr: EVANZO e-commerce GmbH Infrastructure
remarks: INFRA-AW
country: DE
admin-c: JD536-RIPE
tech-c: JD536-RIPE
status: ASSIGNED PA
mnt-by: MNT-RN1131-RIPE
source: RIPE # Filtered

person: Johann Dasch
address: evanzo e-commerce GmbH
address: Stromstrasse 1-5
address: 10555 Berlin
phone: +421 20871000
fax-no: +421 20871055
nic-hdl: JD536-RIPE
abuse-mailbox: abuse@1blu.de
source: RIPE # Filtered
mnt-by: MNT-RN1131-RIPE

% Information related to '87.238.192.0/21AS42730'

route: 87.238.192.0/21
descr: DE-EVANZO-MK
origin: AS42730
mnt-by: HRW-NOC
mnt-by: MNT-RN1131-RIPE
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 66.220.26.213

Hi,

The IP 66.220.26.213 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 66.220.26.213:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 66.220.26.213"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=66.220.26.213?showDetails=true&showARIN=false&ext=netref2
#

Hurricane Electric, Inc. HURRICANE-3 (NET-66-220-0-0-1) 66.220.0.0 - 66.220.31.255
Gage Design HURRICANE-CE0281-671 (NET-66-220-26-208-1) 66.220.26.208 - 66.220.26.223



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 173.242.115.180

Hi,

The IP 173.242.115.180 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 173.242.115.180:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 173.242.115.180"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=173.242.115.180?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
Comment: http://www.volumedrive.com
RegDate: 2010-05-06
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-173-242-112-0-1

OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RAbuseHandle: VOLUM-ARIN
RAbuseName: VolumeDrive
RAbusePhone: +1-862-266-1083
RAbuseEmail: info@volumedrive.com
RAbuseRef: http://whois.arin.net/rest/poc/VOLUM-ARIN

RTechHandle: VOLUM1-ARIN
RTechName: VolumeDrive POC
RTechPhone: +1-862-266-1083
RTechEmail: info@volumedrive.com
RTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RNOCHandle: VOLUM-ARIN
RNOCName: VolumeDrive
RNOCPhone: +1-862-266-1083
RNOCEmail: info@volumedrive.com
RNOCRef: http://whois.arin.net/rest/poc/VOLUM-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.101.218.32

Hi,

The IP 198.101.218.32 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.101.218.32:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.101.218.32"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.101.218.32?showDetails=true&showARIN=false&ext=netref2
#

Rackspace Hosting RACKS-8-NET-9 (NET-198-101-128-0-1) 198.101.128.0 - 198.101.255.255
Rackspace Cloud Servers RACKS-8-1350332965104405 (NET-198-101-192-0-1) 198.101.192.0 - 198.101.223.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 212.68.54.178

Hi,

The IP 212.68.54.178 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.68.54.178:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.68.54.0 - 212.68.54.255'

inetnum: 212.68.54.0 - 212.68.54.255
netname: Mars-Customer77
descr: Mars-Customer77
remarks: www.marsglobaldatacenter.com
country: TR
org: ORG-MGDS1-RIPE
admin-c: MN4961-RIPE
tech-c: MN4961-RIPE
status: ASSIGNED PA
mnt-by: MNT-MARSNET
source: RIPE # Filtered

organisation: ORG-MGDS1-RIPE
org-name: Mars Global Datacenter Services LLC
remarks: www.marsglobaldatacenter.com
org-type: OTHER
address: Pobrezni 118, Prague, Czech Republic Turkey
mnt-ref: MNT-MARSNET
mnt-by: MNT-MARSNET
source: RIPE # Filtered

person: Mars Noc
address: Nadiama St. No:28 Turkey
remarks: www.marsglobaldatacenter.com
mnt-by: MNT-MARSNET
phone: +90 213 437 87 87
nic-hdl: MN4961-RIPE
source: RIPE # Filtered

% Information related to '212.68.54.0/24AS42910'

route: 212.68.54.0/24
descr: MarsGlobal1-Net1
origin: AS42910
mnt-by: MNT-MARSNET
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 174.140.165.163

Hi,

The IP 174.140.165.163 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 174.140.165.163:

[Querying whois.arin.net]
[Redirected to rwhois.directspace.net:4321]
[Querying rwhois.directspace.net]
[Unable to connect to remote host]

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 173.242.115.180

Hi,

The IP 173.242.115.180 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 173.242.115.180:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 173.242.115.180"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=173.242.115.180?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
Comment: http://www.volumedrive.com
RegDate: 2010-05-06
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-173-242-112-0-1

OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RAbuseHandle: VOLUM-ARIN
RAbuseName: VolumeDrive
RAbusePhone: +1-862-266-1083
RAbuseEmail: info@volumedrive.com
RAbuseRef: http://whois.arin.net/rest/poc/VOLUM-ARIN

RTechHandle: VOLUM1-ARIN
RTechName: VolumeDrive POC
RTechPhone: +1-862-266-1083
RTechEmail: info@volumedrive.com
RTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RNOCHandle: VOLUM-ARIN
RNOCName: VolumeDrive
RNOCPhone: +1-862-266-1083
RNOCEmail: info@volumedrive.com
RNOCRef: http://whois.arin.net/rest/poc/VOLUM-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.155.177.58

Hi,

The IP 61.155.177.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.155.177.58:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.155.0.0 - 61.155.255.255'

inetnum: 61.155.0.0 - 61.155.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.155.0.0/16AS23650'

route: 61.155.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

Friday, 18 October 2013

[Fail2Ban] SSH: banned 146.185.246.51

Hi,

The IP 146.185.246.51 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 146.185.246.51:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '146.185.246.0 - 146.185.246.255'

% Abuse contact for '146.185.246.0 - 146.185.246.255' is 'abuse@pinspb.ru'

inetnum: 146.185.246.0 - 146.185.246.255
netname: cust3165-net
descr: Net for customer ID 3165
country: LU
admin-c: AV8068-RIPE
tech-c: AV8068-RIPE
status: ASSIGNED PA
mnt-by: MNT-PIN
mnt-by: MNT-PINSUPPORT
mnt-routes: ROOT-MNT
source: RIPE # Filtered

person: Andrey Vasiliev
address: Revolyutsii highway, 140
address: Kirovskiy district, Mga
address: Leningrad region,
address: Russian Federation
abuse-mailbox: info@eurolinenet.biz
phone: +7 81362 4823
nic-hdl: AV8068-RIPE
mnt-by: eurolinenet-mnt
source: RIPE # Filtered

% Information related to '146.185.246.0/24AS5577'

route: 146.185.246.0/24
descr: cust3165-net
origin: AS5577
mnt-by: ROOT-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 210.37.24.32

Hi,

The IP 210.37.24.32 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 210.37.24.32:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '210.37.24.0 - 210.37.27.255'

inetnum: 210.37.24.0 - 210.37.27.255
netname: HIEIMS-CN
descr: ~{:#DO=LS}PEO"9\@mO5M3~}
descr: Hainan Education Information Management System
descr: Haikou, Hainan 570105, China
country: CN
admin-c: MF9-AP
tech-c: MF9-AP
tech-c: CER-AP
remarks: origin AS4538
changed: hm-changed@net.edu.cn 19981231
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC

role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Mousong Fu
address: Hainan Education Information Management System
address: Haikou, Hainan 570105, China
country: CN
phone: +86-898-5338069
e-mail: address-allocation-staff@net.edu.cn
nic-hdl: MF9-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-NULL
changed: hostmaster@net.edu.cn 19981231
source: APNIC
changed: hm-changed@apnic.net 20111122

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.141.113.237

Hi,

The IP 211.141.113.237 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 211.141.113.237:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '211.141.80.0 - 211.141.159.255'

inetnum: 211.141.80.0 - 211.141.159.255
netname: CMNET-jiangxi
descr: China Mobile Communications Corporation - jiangxi company
country: CN
admin-c: YG152-AP
tech-c: YG152-AP
mnt-by: MAINT-CN-CMCC
mnt-lower: MAINT-CN-CMCC-jiangxi
remarks: ------------------------------
remarks: Please send abuse e-mail to
remarks: guoyuyong@jx.chinamobile.com
remarks: Please send probe e-mail to
remarks: guoyuyong@jx.chinamobile.com
remarks: -------------------------------
changed: weichenguang@chinamobile.com 20040629
status: ALLOCATED NON-PORTABLE
source: APNIC

person: yuyong guo
nic-hdl: YG152-AP
e-mail: guoyuyong@jx.chinamobile.com
address: JinYuan Building,TaoYuan Street, Nanchang,JiangXi
phone: +86-0791-6591278
fax-no: +86-0791-6591278
country: cn
changed: weichenguang@chinamobile.com 20040625
mnt-by: MAINT-NEW
source: APNIC

% Information related to '211.140.0.0/15AS9808'

route: 211.140.0.0/15
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20120215
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 197.242.147.7

Hi,

The IP 197.242.147.7 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 197.242.147.7:

[Querying whois.arin.net]
[Redirected to whois.afrinic.net:43]
[Querying whois.afrinic.net]
[whois.afrinic.net]
% This is the AfriNIC Whois server.

% Note: this output has been filtered.

% Information related to '197.242.144.0 - 197.242.151.255'

inetnum: 197.242.144.0 - 197.242.151.255
netname: Afrihost-Cloud
descr: Afrihost Cloud
country: ZA
admin-c: PFM1-AFRINIC
tech-c: PFM1-AFRINIC
status: ASSIGNED PA
mnt-by: AFRIHOST-MNT
source: AFRINIC # Filtered
parent: 197.242.144.0 - 197.242.159.255

person: P F Meintjes
nic-hdl: PFM1-AFRINIC
address: P O Box 5116
address: Rivonia
address: South Africa
address: johannesburg
address: South Africa
e-mail: abuse@afrihost.com
phone: +27112345045
fax-no: +27112345046
source: AFRINIC # Filtered

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 141.0.169.126

Hi,

The IP 141.0.169.126 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 141.0.169.126:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '141.0.169.0 - 141.0.169.255'

% Abuse contact for '141.0.169.0 - 141.0.169.255' is 'abuse@serverstack.com'

inetnum: 141.0.169.0 - 141.0.169.255
netname: EU-DigitalOcean-20121015
descr: Amsterdam Digital Ocean
country: NL
admin-c: BU265-RIPE
tech-c: BU265-RIPE
status: ASSIGNED PA
mnt-by: buretsky
source: RIPE # Filtered

person: Ben Uretsky
address: 270 Lafayette Street
phone: +18669768752
nic-hdl: BU265-RIPE
mnt-by: buretsky
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

Thursday, 17 October 2013

[Fail2Ban] SSH: banned 212.193.37.118

Hi,

The IP 212.193.37.118 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.193.37.118:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.193.32.0 - 212.193.47.255'

% Abuse contact for '212.193.32.0 - 212.193.47.255' is 'ip-box@ripn.net'

inetnum: 212.193.32.0 - 212.193.47.255
netname: PRCNIT-NET
descr: Povolzhsky Regional Centre of New Information
descr: Technologies
country: RU
admin-c: YVN2-RIPE
tech-c: AMA79-RIPE
tech-c: PPKJ1-RIPE
status: ASSIGNED PA
mnt-by: ROSNIIROS-MNT
source: RIPE # Filtered

person: Anna Anikina
address: PRC NIT, Saratov State University
address: Astrakhanskaya st., 83 building 9
address: Saratov, Russia
phone: +7-845-2517172
fax-no: +7-845-2240446
nic-hdl: AMA79-RIPE
source: RIPE # Filtered

person: Paul P Komkoff Jr
address: PRC NIT, Saratov State University
address: Astrakhanskaya st., 83 building 9
address: Saratov, Russia
phone: +7-845-2517172
fax-no: +7-845-2511439
nic-hdl: PPKJ1-RIPE
mnt-by: PRCNIT-MNT
source: RIPE # Filtered

person: YURIY NAYANOV
address: PRC NIT, Saratov State University
address: Astrakhanskaya st., 83 building 9
address: Saratov, Russia
phone: +7-845-2511529
fax-no: +7-845-2511439
nic-hdl: YVN2-RIPE
mnt-by: PRCNIT-MNT
source: RIPE # Filtered

% Information related to '212.193.32.0/20AS9111'

route: 212.193.32.0/20
descr: Povolzhsky Regional Centre of New Information Technologies
descr: Saratov State University, Saratov, Russia
origin: AS9111
mnt-by: PRCNIT-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.52.100.122

Hi,

The IP 198.52.100.122 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.52.100.122:

[Querying whois.arin.net]
[Redirected to rwhois.multacom.com:4321]
[Querying rwhois.multacom.com]
[Unable to connect to remote host]

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.142.106.34

Hi,

The IP 61.142.106.34 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.142.106.34:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.140.0.0 - 61.146.255.255'

inetnum: 61.140.0.0 - 61.146.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20040914
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.204.225.106

Hi,

The IP 198.204.225.106 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.204.225.106:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.204.225.106"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.204.225.106?showDetails=true&showARIN=false&ext=netref2
#

Zhou Pizhong DS-225-66-126 (NET-198-204-225-64-1) 198.204.225.64 - 198.204.225.127
DataShack, LC DSV4-6 (NET-198-204-224-0-1) 198.204.224.0 - 198.204.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 88.208.246.107

Hi,

The IP 88.208.246.107 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 88.208.246.107:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '88.208.192.0 - 88.208.251.255'

% Abuse contact for '88.208.192.0 - 88.208.251.255' is 'abuse@fasthosts.co.uk'

inetnum: 88.208.192.0 - 88.208.251.255
netname: FASTHOSTS-UK-DS-NETWORK
org: ORG-FHL1-RIPE
descr: Fasthosts Internet Limited - UK's largest web hosting company
descr: based in Gloucester, England
descr: Dedicated Servers
country: GB
admin-c: GD8691-RIPE
tech-c: FHN5-RIPE
status: ASSIGNED PA
mnt-by: AS15418-MNT
remarks: trouble: abuse@fasthosts.co.uk
remarks: Please report abuse to abuse@fasthosts.co.uk
remarks: Abuse reports via other channels may be ignored
source: RIPE # Filtered

organisation: ORG-FHL1-RIPE
org-name: Fast Hosts LTD
org-type: LIR
address: Fasthosts Internet Limited
address: Discovery House
address: 154 Southgate Street
address: GL1 2EX Gloucester
address: UNITED KINGDOM
phone: +448445830777
fax-no: +441452541633
mnt-ref: AS15418-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-mailbox: abuse@fasthosts.co.uk
admin-c: MW8691-RIPE
admin-c: GD8691-RIPE
admin-c: MB22840-RIPE
admin-c: MM24449-RIPE
admin-c: JW3036-RIPE
abuse-c: FH4126-RIPE
source: RIPE # Filtered

person: Fasthosts Networks
address: Fasthosts Internet Limited
address: Discovery Court
address: 154 Southgate Street
address: Gloucester, GL1 2EX
phone: +44 1452 561874
abuse-mailbox: abuse@fasthosts.co.uk
remarks: Fasthosts Networks team - contact for operational issues only
remarks: Please report abuse to abuse@fasthosts.com
remarks: Abuse reports via other channels may be ignored
nic-hdl: FHN5-RIPE
mnt-by: AS15418-MNT
source: RIPE # Filtered

person: George Daly
address: Fasthosts Internet Limited
address: Discovery House
address: 154 Southgate Street
address: Gloucester, GL1 2EX
phone: +44 1452 561874
fax-no: +44 1452 541633
nic-hdl: GD8691-RIPE
mnt-by: AS15418-MNT
source: RIPE # Filtered

% Information related to '88.208.192.0/18AS15418'

route: 88.208.192.0/18
descr: FasthostInternet Ltd
origin: AS15418
mnt-by: AS15418-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 82.142.159.68

Hi,

The IP 82.142.159.68 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 82.142.159.68:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.142.128.0 - 82.142.191.255'

% Abuse contact for '82.142.128.0 - 82.142.191.255' is 'abuse@b2b.beeline.ru'

inetnum: 82.142.128.0 - 82.142.191.255
netname: RU-SOVINTEL-20030909
descr: OJSC "Vimpelcom"
country: RU
org: ORG-ES15-RIPE
admin-c: SVNT2-RIPE
tech-c: SVNT1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SOVINTEL-MNT
mnt-lower: TEL-MNT
mnt-routes: SOVINTEL-MNT
source: RIPE # Filtered

organisation: ORG-ES15-RIPE
org-name: OJSC "Vimpelcom"
org-type: LIR
address: OJSC "Vimpelcom" (former CJSC "EDN Sovintel")
address: Dmitry Menzulskiy
address: 1 Kozhevnichesky proezd
address: 115114
address: Moscow
address: RUSSIAN FEDERATION
phone: +7 495 7871000
fax-no: +7 495 7871990
admin-c: SVNT2-RIPE
admin-c: SVNT1-RIPE
admin-c: AS2451-RIPE
admin-c: IAI1-RIPE
admin-c: RJ631-RIPE
admin-c: AK644-RIPE
admin-c: BEE15-RIPE
admin-c: JM12519-ripe
mnt-ref: SOVINTEL-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
abuse-c: SVNT2-RIPE
source: RIPE # Filtered

role: Sovintel NOC
remarks: now OJSC Vimpelcom - formely Sovam Teleport/Teleross
remarks: aka Sovintel - Golden Telecom
address: Krasnokazarmennaya, 12
address: Moscow, Russia
mnt-by: SOVINTEL-MNT
org: ORG-ES15-RIPE
fax-no: +7 495 7871010
phone: +7 495 7871000
abuse-mailbox: abuse@b2b.beeline.ru
admin-c: IAI1-RIPE
admin-c: AS2451-RIPE
tech-c: MAK18-RIPE
tech-c: AS2451-RIPE
tech-c: rj631-ripe
nic-hdl: SVNT1-RIPE
source: RIPE # Filtered

role: Sovintel Abuse Department
remarks: now Vimpelcom Business Abuse Department
address: 111250 Russia Moscow, Krasnokazarmennaya, 12
org: ORG-ES15-RIPE
fax-no: +7 495 7254300
phone: +7 495 7871000
nic-hdl: SVNT2-RIPE
admin-c: SVNT1-RIPE
tech-c: SVNT1-RIPE
mnt-by: SOVINTEL-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@b2b.beeline.ru

% Information related to '82.142.128.0/18AS8350'

route: 82.142.128.0/18
descr: COMBELNET
origin: AS8350
mnt-by: COMBELLGA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban