HideMyAss.com

Thursday, 24 October 2013

[Fail2Ban] SSH: banned 61.235.153.45

Hi,

The IP 61.235.153.45 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.235.153.45:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.232.0.0 - 61.237.255.255'

inetnum: 61.232.0.0 - 61.237.255.255
netname: CTTNET
descr: China TieTong Telecommunications Corporation
descr: Jinze Mansion, 2 Guangningbo Street,
descr: Xicheng District, Beijing, China, 100032
country: CN
admin-c: WP188-AP
tech-c: LM273-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CN-CRTC
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20090430
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: liu min
nic-hdl: LM273-AP
e-mail: crnet_mgr@chinatietong.com
address: 22F Yuetan Mansion, Xicheng District, Beijing, P.R.China
phone: +86-10-51848796
fax-no: +86-10-51842426
country: CN
changed: ipas@cnnic.net.cn 20120320
mnt-by: MAINT-CNNIC-AP
source: APNIC

person: Wang Pei
nic-hdl: WP188-AP
e-mail: crnet_mgr@chinatietong.com
address: Jinze Mansion, 2 Guangningbo Street,
address: Xicheng District, Beijing, China, 100032
phone: +21-51892106
fax-no: +21-51847802
country: CN
changed: ipas@cnnic.net.cn 20060926
mnt-by: MAINT-CNNIC-AP
source: APNIC

% Information related to '61.232.0.0/14AS9394'

route: 61.232.0.0/14
descr: CHINA RAILWAY TELECOMMUNICATIONS
country: CN
origin: AS9394
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20100528
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

Wednesday, 23 October 2013

[Fail2Ban] SSH: banned 61.147.70.112

Hi,

The IP 61.147.70.112 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.70.112:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 95.163.143.140

Hi,

The IP 95.163.143.140 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 95.163.143.140:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '95.163.128.0 - 95.163.159.255'

inetnum: 95.163.128.0 - 95.163.159.255
netname: DINET
descr: DINET Customers
descr: Moscow, Russia
country: RU
remarks: INFRA-AW
admin-c: DNO-RIPE
tech-c: DNO-RIPE
status: ASSIGNED PA
mnt-by: DN-MNT
source: RIPE # Filtered

role: Digital Network NOC
address: 13a, Yaroslavskaya st.,
address: Moscow, Russia, 129366
phone: +7 495 660 8383
fax-no: +7 495 660 8383
admin-c: MIF
tech-c: EY103-RIPE
tech-c: OE784-RIPE
tech-c: volk
abuse-mailbox: abuse@msm.ru
nic-hdl: DNO-RIPE
mnt-by: DN-MNT
source: RIPE # Filtered

% Information related to '95.163.136.0/21AS12695'

route: 95.163.136.0/21
descr: Digital Network JSC
descr: Moscow, Russia, DC Ostapovskiy
descr: http://www.msm.ru
descr: aggregate prefix
origin: AS12695
mnt-by: DN-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 114.80.203.180

Hi,

The IP 114.80.203.180 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 114.80.203.180:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '114.80.0.0 - 114.95.255.255'

inetnum: 114.80.0.0 - 114.95.255.255
netname: CHINANET-SH
descr: CHINANET SHANGHAI PROVINCE NETWORK
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: WWQ4-AP
tech-c: WWQ4-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-SH
changed: hm-changed@apnic.net 20080514
source: APNIC

person: Weng Wen Qian
address: Room 2405,357 Songlin Road,Shanghai 200122
country: CN
phone: +86-21-68405784
fax-no: +86-21-50623458
e-mail: wengwq@online.sh.cn
nic-hdl: WWQ4-AP
mnt-by: MAINT-CHINANET-SH
changed: ip-admin@mail.online.sh.cn 20050403
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 173.242.116.246

Hi,

The IP 173.242.116.246 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 173.242.116.246:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 173.242.116.246"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=173.242.116.246?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
Comment: http://www.volumedrive.com
RegDate: 2010-05-06
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-173-242-112-0-1

OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RTechHandle: VOLUM1-ARIN
RTechName: VolumeDrive POC
RTechPhone: +1-862-266-1083
RTechEmail: info@volumedrive.com
RTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RAbuseHandle: VOLUM-ARIN
RAbuseName: VolumeDrive
RAbusePhone: +1-862-266-1083
RAbuseEmail: info@volumedrive.com
RAbuseRef: http://whois.arin.net/rest/poc/VOLUM-ARIN

RNOCHandle: VOLUM-ARIN
RNOCName: VolumeDrive
RNOCPhone: +1-862-266-1083
RNOCEmail: info@volumedrive.com
RNOCRef: http://whois.arin.net/rest/poc/VOLUM-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 146.185.246.51

Hi,

The IP 146.185.246.51 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 146.185.246.51:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '146.185.246.0 - 146.185.246.255'

% Abuse contact for '146.185.246.0 - 146.185.246.255' is 'abuse@pinspb.ru'

inetnum: 146.185.246.0 - 146.185.246.255
netname: cust3165-net
descr: Net for customer ID 3165
country: LU
admin-c: AV8068-RIPE
tech-c: AV8068-RIPE
status: ASSIGNED PA
mnt-by: MNT-PIN
mnt-by: MNT-PINSUPPORT
mnt-routes: ROOT-MNT
source: RIPE # Filtered

person: Andrey Vasiliev
address: Revolyutsii highway, 140
address: Kirovskiy district, Mga
address: Leningrad region,
address: Russian Federation
abuse-mailbox: info@eurolinenet.biz
phone: +7 81362 4823
nic-hdl: AV8068-RIPE
mnt-by: eurolinenet-mnt
source: RIPE # Filtered

% Information related to '146.185.246.0/24AS5577'

route: 146.185.246.0/24
descr: cust3165-net
origin: AS5577
mnt-by: ROOT-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 83.229.69.36

Hi,

The IP 83.229.69.36 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 83.229.69.36:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '83.229.69.32 - 83.229.69.47'

inetnum: 83.229.69.32 - 83.229.69.47
org: ORG-JJSL1-RIPE
netname: Junisat
descr: Junisat VNO M
country: NG
admin-c: AO1407-RIPE
tech-c: AO1407-RIPE
status: ASSIGNED PA
mnt-by: SV-MNT
mnt-lower: SV-MNT
source: RIPE # Filtered

organisation: ORG-JJSL1-RIPE
org-name: Junisat - Juniper Solution Limited
org-type: OTHER
address: 215/219 Ikorodu Road, Ilupeju
address: Lagos
address: Nigeria
phone: +23417769218
phone: +2348023002919
admin-c: AO1407-RIPE
tech-c: AO1407-RIPE
mnt-ref: SV-MNT
mnt-by: SV-MNT
source: RIPE # Filtered

person: Ade Ojuri
org: ORG-JJSL1-RIPE
address: 215/219 Ikorodu Road, Ilupeju
address: Lagos
address: Nigeria
phone: +23417769218
phone: +2348023002919
nic-hdl: AO1407-RIPE
source: RIPE # Filtered

% Information related to '83.229.64.0/18AS8513'

route: 83.229.64.0/18
descr: SkyVision
origin: AS8513
mnt-by: SV-MNT
mnt-lower: SV-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 125.211.218.76

Hi,

The IP 125.211.218.76 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 125.211.218.76:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '125.211.0.0 - 125.211.255.255'

inetnum: 125.211.0.0 - 125.211.255.255
netname: UNICOM-HL
descr: China Unicom Heilongjiang Province Network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: BG63-AP
remarks: service provider
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HL
mnt-routes: MAINT-CNCGROUP-RR
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20070216
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: Binghui Gao
nic-hdl: BG63-AP
e-mail: luanfuyu@vip.hl.cn
address: Shuniu Building,No.155 Zhongshan road,Harbin,Heilongjiang
phone: +86-451-82651467
fax-no: +86-451-82651464
country: CN
changed: luanfuyu@vip.hl.cn 20100310
mnt-by: MAINT-CNCGROUP-HL
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

% Information related to '125.211.192.0/19AS4837'

route: 125.211.192.0/19
descr: CNC Group CHINA169 Heilongjiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20070319
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban

Tuesday, 22 October 2013

[Fail2Ban] SSH: banned 211.236.246.12

Hi,

The IP 211.236.246.12 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.236.246.12:

[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 211.236.246.12


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.236.224.0 - 211.236.255.255 (/19)
서비스명 : SEJONGNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 세종í…"레콤
기관고유번호 : ORG110145
주소 : 강남구 역삼동 646-1 현대해상í™"재보험빌ë"©
우편번호 : 135-080
í• ë&lsqauo;¹ì¼ìž : 20030906

[ IPv4주소 책임자 정보 ]
이름 : IP주소 관리자
ì „í™"번호 : +82-2-1688-7380
전자우편 : ip@sejongtelecom.net

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소 ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-1688-7380
전자우편 : ip@sejongtelecom.net

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse
ì „í™"번호 : +82-2-3415-4320
전자우편 : abuse@sejongtelecom.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 211.236.224.0 - 211.236.255.255 (/19)
Service Name : SEJONGNET
Organization Name : SEJONG TELECOM
Organization ID : ORG110145
Address : Hyundai B/D, 646-1, Yeoksam-dong, Gangnam-gu
Zip Code : 135-080
Registration Date : 20030906

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-1688-7380
E-Mail : ip@sejongtelecom.net

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-1688-7380
E-Mail : ip@sejongtelecom.net

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-3415-4320
E-Mail : abuse@sejongtelecom.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 146.185.246.51

Hi,

The IP 146.185.246.51 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 146.185.246.51:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '146.185.246.0 - 146.185.246.255'

% Abuse contact for '146.185.246.0 - 146.185.246.255' is 'abuse@pinspb.ru'

inetnum: 146.185.246.0 - 146.185.246.255
netname: cust3165-net
descr: Net for customer ID 3165
country: LU
admin-c: AV8068-RIPE
tech-c: AV8068-RIPE
status: ASSIGNED PA
mnt-by: MNT-PIN
mnt-by: MNT-PINSUPPORT
mnt-routes: ROOT-MNT
source: RIPE # Filtered

person: Andrey Vasiliev
address: Revolyutsii highway, 140
address: Kirovskiy district, Mga
address: Leningrad region,
address: Russian Federation
abuse-mailbox: info@eurolinenet.biz
phone: +7 81362 4823
nic-hdl: AV8068-RIPE
mnt-by: eurolinenet-mnt
source: RIPE # Filtered

% Information related to '146.185.246.0/24AS5577'

route: 146.185.246.0/24
descr: cust3165-net
origin: AS5577
mnt-by: ROOT-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 193.34.135.187

Hi,

The IP 193.34.135.187 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 193.34.135.187:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '193.34.134.0 - 193.34.135.255'

inetnum: 193.34.134.0 - 193.34.135.255
netname: vengit-emea-hu
descr: VengIT Kft.
country: HU
org: ORG-VK10-RIPE
admin-c: PLZ7-RIPE
tech-c: PLZ7-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: AS12301-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: AS12301-MNT
mnt-domains: AS12301-MNT
source: RIPE # Filtered

organisation: ORG-VK10-RIPE
org-name: VengIT Kft.
org-type: OTHER
address: H-1112 Budapest
address: Facsemete utca 1/10.
mnt-ref: AS12301-MNT
mnt-by: AS12301-MNT
source: RIPE # Filtered

person: Pasztor Lenart Zoltan
address: VengIT Kft.
address: H-1112 Budapest, Facsemete utca 1/10.
phone: +36 20 9871323
nic-hdl: PLZ7-RIPE
source: RIPE # Filtered

% Information related to '193.34.134.0/23AS12301'

route: 193.34.134.0/23
descr: VengIT Kft.
origin: AS12301
mnt-by: AS12301-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

Monday, 21 October 2013

[Fail2Ban] SSH: banned 92.52.129.75

Hi,

The IP 92.52.129.75 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 92.52.129.75:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '92.52.128.0 - 92.52.191.255'

inetnum: 92.52.128.0 - 92.52.191.255
netname: UA-BITTERNET-20101012
descr: "BitterNet" Ltd
country: UA
org: ORG-IA58-RIPE
admin-c: OT485-RIPE
tech-c: OT485-RIPE
tech-c: RAT10-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: BITTERNET-MNT
mnt-routes: BITTERNET-MNT
source: RIPE # Filtered

organisation: ORG-IA58-RIPE
org-name: "BitterNet" Ltd
org-type: LIR
address: "BitterNet" Ltd.
Tkachuk Olena
PO509
46008 Ternopil
UKRAINE
phone: +380 352 430913
fax-no: +380352430913
admin-c: NV6758-RIPE
admin-c: OT485-RIPE
admin-c: RAT10-RIPE
mnt-ref: BITTERNET-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered

person: Olena Tkachuk
address: BitterNet
address: 2, Medova str.,
address: Ternopil, Ukraine
phone: +380 352 430913
fax-no: +380 352 225536
nic-hdl: OT485-RIPE
source: RIPE # Filtered

person: Roman A Tkachuk
address: 15 Kvitnya St., 35/13
address: Ternopil
address: Ukraine
phone: +380 352 430913
nic-hdl: RAT10-RIPE
source: RIPE # Filtered

% Information related to '92.52.128.0/18AS16223'

route: 92.52.128.0/18
descr: BitterNet
descr: Medova2, Ternopil, Ukraine, 46001
descr: +380 352 430913
origin: AS16223
mnt-by: BITTERNET-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 199.250.196.184

Hi,

The IP 199.250.196.184 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 199.250.196.184:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 199.250.196.184"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=199.250.196.184?showDetails=true&showARIN=false&ext=netref2
#

Internet South, Inc. SOUTH (NET-199-250-128-0-1) 199.250.128.0 - 199.250.255.255
wirelesstelephony 199-250-196-0-24 (NET-199-250-196-0-1) 199.250.196.0 - 199.250.196.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 77.76.74.83

Hi,

The IP 77.76.74.83 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 77.76.74.83:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '77.76.64.0 - 77.76.127.255'

inetnum: 77.76.64.0 - 77.76.127.255
org: ORG-KSL1-RIPE
netname: UK-KECONNECT-20070212
descr: Timico Limited
country: GB
admin-c: TNO2-RIPE
tech-c: TNO2-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: TIMICO-MNT
mnt-routes: TIMICO-MNT
source: RIPE # Filtered

organisation: ORG-KSL1-RIPE
org-name: Timico Limited
org-type: LIR
address: Timico Limited
Beacon Hill Park,
Newark
NG24 2TN Nottinghamshire
United Kingdom
phone: +44 844 871 8100
fax-no: +44 844 871 8117
abuse-mailbox: abuse@timico.net
admin-c: GAZB-RIPE
admin-c: POOK-RIPE
admin-c: PTS-RIPE
admin-c: RICH3-RIPE
admin-c: TNO2-RIPE
tech-c: TNO2-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: TIMICO-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered

role: Timico Network Operations
address: Timico Ltd
address: Beacon Hill Park
address: Newark
address: Nottinghamshire
address: NG24 2TN
address: United Kingdom
phone: +44 845 258 0000
fax-no: +44 870 094 9700
admin-c: CN83-RIPE
admin-c: PTS-RIPE
admin-c: POOK-RIPE
admin-c: GAZB-RIPE
tech-c: CN83-RIPE
tech-c: PTS-RIPE
tech-c: POOK-RIPE
tech-c: GAZB-RIPE
org: ORG-KSL1-RIPE
nic-hdl: TNO2-RIPE
remarks: Timico Network Operations
abuse-mailbox: abuse@timico.net
mnt-by: TIMICO-MNT
source: RIPE # Filtered

% Information related to '77.76.64.0/18AS16034'

route: 77.76.64.0/18
descr: KEME-ALLOC3
origin: AS16034
mnt-by: TIMICO-MNT
source: RIPE # Filtered

% Information related to '77.76.64.0/18AS8607'

route: 77.76.64.0/18
descr: TIMICO-ALLOC
origin: AS8607
mnt-by: TIMICO-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 80.241.16.10

Hi,

The IP 80.241.16.10 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 80.241.16.10:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '80.241.16.0 - 80.241.16.127'

% Abuse contact for '80.241.16.0 - 80.241.16.127' is 'abuse@upc.at'

inetnum: 80.241.16.0 - 80.241.16.127
netname: CATV_SERVER
descr: CATV Server Net
country: AT
admin-c: MP13024-RIPE
tech-c: MP13024-RIPE
status: ASSIGNED PA
mnt-by: CATV-KABEL-MNT
source: RIPE # Filtered

person: Matthias Poettinger
address: iCable Service GmbH
address: Inn 9
address: A-4632, Pichl bei Wels
address: Austria
phone: +43724242820
nic-hdl: MP13024-RIPE
source: RIPE # Filtered

% Information related to '80.241.16.0/20AS39210'

route: 80.241.16.0/20
descr: AT-CATVNET-80-241-16-0-20
origin: AS39210
mnt-by: CATV-KABEL-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 83.103.153.139

Hi,

The IP 83.103.153.139 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 83.103.153.139:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '83.103.153.0 - 83.103.153.255'

% Abuse contact for '83.103.153.0 - 83.103.153.255' is 'abuse@upc.ro'

inetnum: 83.103.153.0 - 83.103.153.255
netname: ASTRAL-HR-NET-SOFT-TELECOM
descr: ASTRAL Harghita Net-Soft Telecom
country: RO
admin-c: AH1598-RIPE
tech-c: CN3389-RIPE
tech-c: AM15077-RIPE
tech-c: TRI1-RIPE
tech-c: CM8934-RIPE
remarks: INFRA-AW
status: ASSIGNED PA
mnt-by: ASTRALTELECOM-MNT
mnt-lower: ASTRALTELECOM-MNT
mnt-routes: ASTRALTELECOM-MNT
source: RIPE # Filtered

person: Astral Telecom Hostmaster
address: UPC Romania Srl
address: ROMANIA
phone: +40311018100
fax-no: +40311018101
nic-hdl: AH1598-RIPE
remarks: ***************************************
remarks: * for abuse please use abuse@upc.ro *
remarks: ***************************************
mnt-by: ASTRALTELECOM-MNT
source: RIPE # Filtered

person: Alin Moldovan
address: CODEC Electronic Products
address: 37, Decebal
address: 3400 Cluj-Napoca
address: Romania
phone: +40-264-432450
fax-no: +40-264-418205
nic-hdl: AM15077-RIPE
mnt-by: AS3233-MNT
source: RIPE # Filtered

person: Catalin Muresan
address: UPC Romania
address: str. Nordului, 62D
address: Bucuresti, 104014
address: Romania
phone: +40-31-1018100
fax-no: +40-31-1018101
nic-hdl: CM8934-RIPE
mnt-by: ASTRALTELECOM-MNT
source: RIPE # Filtered

person: Camelia Nastase
address: MediaSat S.A.
address: Bld. Ferdinand, Nr. 99, Sector 2, Bucuresti
address: Romania
phone: +40-31-8240610
nic-hdl: CN3389-RIPE
mnt-by: CPN-MNT
source: RIPE # Filtered

person: Teodor Remus IACOB
address: Astral Telecom SA
address: Bd. Mihai Bravu nr. 223
address: Complex Optidol, sector 3
address: Bucharest - Romania
phone: +40-1-3266196
fax-no: +40-1-3266197
nic-hdl: TRI1-RIPE
mnt-by: KAPPA-MNT
source: RIPE # Filtered

% Information related to '83.103.128.0/17AS6746'

route: 83.103.128.0/17
descr: UPC Romania Srl
origin: AS6746
mnt-by: ASTRALTELECOM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

Sunday, 20 October 2013

[Fail2Ban] SSH: banned 61.160.200.54

Hi,

The IP 61.160.200.54 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.160.200.54:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.160.0.0 - 61.160.255.255'

inetnum: 61.160.0.0 - 61.160.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.160.0.0/16AS23650'

route: 61.160.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 186.46.199.196

Hi,

The IP 186.46.199.196 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 186.46.199.196:

[Querying whois.arin.net]
[Redirected to whois.lacnic.net]
[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-10-20 18:43:05 (BRST -02:00)

inetnum: 186.46.199.192/28
status: reallocated
owner: MUNICIPIO DEL DISTRITO METROPOLITANO DE QUITO
ownerid: EC-MDMQ2-LACNIC
responsible: ERICK CERON
address: AV MALDONADO 0 Y CARRION MIGUEL, , ESTACION TROLE SUR - FRENTE AL RECREO
address: 3110 - QUITO - PI
country: EC
phone: +593 83191516 []
owner-c: VMR
tech-c: VMR
abuse-c: VMR
created: 20120423
changed: 20120423
inetnum-up: 186.46.128/17

nic-hdl: VMR
person: Evelin Gavilanes
e-mail: noc@ANDINANET.NET
address: Edificio Droira, s/n, esquina
address: 3110 - Quito - EC
country: EC
phone: +593 2 2944800 [882]
created: 20030402
changed: 20120829

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 110.45.186.97

Hi,

The IP 110.45.186.97 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 110.45.186.97:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 110.45.186.97


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 110.45.128.0 - 110.45.255.255 (/17)
서비스명 : KIDC
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG137200
주소 : 강남구 논현동 261-1
우편번호 : 135-010
í• ë&lsqauo;¹ì¼ìž : 20090320

[ IPv4주소 책임자 정보 ]
이름 : IP주소 관리자
ì „í™"번호 : +82-2-2086-2924
전자우편 : support@kidc.net

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-2086-2924
전자우편 : ip@kidc.net

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-2086-2878
전자우편 : security@kidc.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 110.45.186.0 - 110.45.186.255 (/24)
네트워크 이름 : KIDC-INFRA
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG137200
주소 : 강남구 논현동 261-1
우편번호 : 135-010
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20110624
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
기관명 : KIDC
주소 : 강남구 논현동 261-1
우편번호 : 135-010
ì „í™"번호 : +82-2-2086-2924
전자우편 : ip@kidc.net


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 110.45.128.0 - 110.45.255.255 (/17)
Service Name : KIDC
Organization Name : LG DACOM KIDC
Organization ID : ORG137200
Address : KIDC, 261-1, Nonhyun-dong, Kangnam-gu
Zip Code : 135-010
Registration Date : 20090320

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-2086-2924
E-Mail : support@kidc.net

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-2086-2924
E-Mail : ip@kidc.net

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-2086-2878
E-Mail : security@kidc.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 110.45.186.0 - 110.45.186.255 (/24)
Network Name : KIDC-INFRA
Organization Name : LG DACOM KIDC
Organization ID : ORG137200
Address : KIDC, 261-1, Nonhyun-dong, Kangnam-gu
Zip Code : 135-010
Registration Date : 20110624
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : LG DACOM KIDC
Address : KIDC, 261-1, Nonhyun-dong, Kangnam-gu
Zip Code : 135-010
Phone : +82-2-2086-2924
E-Mail : ip@kidc.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 219.245.32.241

Hi,

The IP 219.245.32.241 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 219.245.32.241:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '219.245.32.0 - 219.245.47.255'

inetnum: 219.245.32.0 - 219.245.47.255
netname: XJTUC-CN
descr: ~{Nw02=;M(4sQ'~}
descr: Xi'an Jiao Tong University
descr: Xi'an, Shaanxi 710049, China
country: CN
remarks: conn-id XA000234
admin-c: LW160-AP
tech-c: LW160-AP
tech-c: CER-AP
remarks: origin AS4538
remarks: host-bits 14+12
changed: hostmaster@net.edu.cn 20030623
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC

role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Li Wei
address: Campus Network Center
address: Xi'an JiaoTong University
address: Xian, Shaanxi 710049, China
country: CN
phone: +86-29-2668831
e-mail: liw@xanet.edu.cn
nic-hdl: LW160-AP
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-CERNET-AP
changed: hostmaster@net.edu.cn 20001122
source: APNIC
changed: hm-changed@apnic.net 20111122

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.204.225.106

Hi,

The IP 198.204.225.106 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.204.225.106:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.204.225.106"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.204.225.106?showDetails=true&showARIN=false&ext=netref2
#

Zhou Pizhong DS-225-66-126 (NET-198-204-225-64-1) 198.204.225.64 - 198.204.225.127
DataShack, LC DSV4-6 (NET-198-204-224-0-1) 198.204.224.0 - 198.204.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 103.14.20.50

Hi,

The IP 103.14.20.50 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 103.14.20.50:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '103.14.20.0 - 103.14.21.255'

inetnum: 103.14.20.0 - 103.14.21.255
netname: CIFO-ID
descr: PT Citra Jelajah Informatika
descr: Internet Service Provider
descr: Jl. Bagusrangin No.8
descr: Bandung 40132
country: ID
admin-c: MAP1-AP
tech-c: MAP1-AP
remarks: Send Spam & Abuse Reports to abuse@cifo.co.id
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-CIFO
mnt-irt: IRT-CIFO-ID
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20120601
changed: hostmaster@idnic.net 20130423
source: APNIC

irt: IRT-CIFO-ID
address: PT Citra Jelajah Informatika
address: Jl. Bagusrangin No.8
address: Bandung 40132
e-mail: Sdeny@cifo.co.id
abuse-mailbox: Sdeny@cifo.co.id
admin-c: SS2150-AP
tech-c: SS2150-AP
auth: # Filtered
mnt-by: MAINT-ID-CIFO
changed: Sdeny@cifo.co.id 20120531
source: APNIC

person: Muhamad Aditya Prima
address: Jl. Bagusrangin No.8
address: Bandung 40132
country: ID
phone: +62-22-2534484
fax-no: +62-22-92914002
e-mail: admin@cifo.co.id
nic-hdl: MAP1-AP
mnt-by: MAINT-ID-CIFO
changed: hostmaster@idnic.net 20130401
source: APNIC

% Information related to '103.14.20.0/23AS131717'

route: 103.14.20.0/23
descr: Route object of PT Citra Jelajah Informatika
origin: AS131717
country: ID
mnt-by: MAINT-ID-CIFO
changed: hostmaster@idnic.net 20130708
notify: admin@cifo.co.id
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.236.246.12

Hi,

The IP 211.236.246.12 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.236.246.12:

[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 211.236.246.12


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.236.224.0 - 211.236.255.255 (/19)
서비스명 : SEJONGNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 세종í…"레콤
기관고유번호 : ORG110145
주소 : 강남구 역삼동 646-1 현대해상í™"재보험빌ë"©
우편번호 : 135-080
í• ë&lsqauo;¹ì¼ìž : 20030906

[ IPv4주소 책임자 정보 ]
이름 : IP주소 관리자
ì „í™"번호 : +82-2-1688-7380
전자우편 : ip@sejongtelecom.net

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소 ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-1688-7380
전자우편 : ip@sejongtelecom.net

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse
ì „í™"번호 : +82-2-3415-4320
전자우편 : abuse@sejongtelecom.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 211.236.224.0 - 211.236.255.255 (/19)
Service Name : SEJONGNET
Organization Name : SEJONG TELECOM
Organization ID : ORG110145
Address : Hyundai B/D, 646-1, Yeoksam-dong, Gangnam-gu
Zip Code : 135-080
Registration Date : 20030906

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-1688-7380
E-Mail : ip@sejongtelecom.net

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-1688-7380
E-Mail : ip@sejongtelecom.net

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-3415-4320
E-Mail : abuse@sejongtelecom.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 91.121.23.6

Hi,

The IP 91.121.23.6 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 91.121.23.6:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.121.0.0 - 91.121.31.255'

inetnum: 91.121.0.0 - 91.121.31.255
netname: OVH
descr: OVH SAS
descr: Dedicated Servers
descr: http://www.ovh.com
country: FR
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ASSIGNED PA
mnt-by: OVH-MNT
source: RIPE # Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
source: RIPE # Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
abuse-mailbox: abuse@ovh.net
mnt-by: OVH-MNT
source: RIPE # Filtered

% Information related to '91.121.0.0/18AS16276'

route: 91.121.0.0/18
descr: OVH ISP
descr: Paris, France
origin: AS16276
mnt-by: OVH-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.113.26.13

Hi,

The IP 122.113.26.13 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 122.113.26.13:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.112.0.0 - 122.115.255.255'

inetnum: 122.112.0.0 - 122.115.255.255
netname: CNISP-UNION
descr: CNISP-Union Technology (Beijing) Co., Ltd
descr: Room 503, Building D,
descr: No.2 Shangdi Xinxi Road Pioneering Park,
descr: Haidian District, Beijing, 100085, P.R.China
country: CN
admin-c: DY857-AP
tech-c: WF703-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-AP-CNISP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
changed: ipas@cnnic.cn 20130731
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Dong Yinliang
address: Rm503, Building D, No.2 Xinxi Road, Haidian, China
country: CN
phone: +86-10-82893336
fax-no: +86-10-82893337
e-mail: dongyinliang@cnisp.org
nic-hdl: DY857-AP
changed: ipas@cnnic.cn 20130730
mnt-by: MAINT-CNNIC-AP
source: APNIC

person: Wang Fei
address: Rm503, Building D, No.2 Xinxi Road, Haidian, China
country: CN
phone: +86-10-82893336
fax-no: +86-10-82893337
e-mail: wangfei@cnisp.org
nic-hdl: WF703-AP
changed: ipas@cnnic.cn 20130730
mnt-by: MAINT-CNNIC-AP
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.103.190.147

Hi,

The IP 222.103.190.147 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.103.190.147:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 222.103.190.147


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 222.96.0.0 - 222.122.255.255 (/12+/13+/15+/16)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 정자동 206 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20031110

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 222.96.0.0 - 222.122.255.255 (/12+/13+/15+/16)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Jungja-dong, Bundang-gu, Sungnam-ci
Zip Code : 463-711
Registration Date : 20031110

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

Saturday, 19 October 2013

[Fail2Ban] SSH: banned 87.238.192.81

Hi,

The IP 87.238.192.81 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 87.238.192.81:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '87.238.192.0 - 87.238.198.255'

% Abuse contact for '87.238.192.0 - 87.238.198.255' is 'abuse@1blu.de'

inetnum: 87.238.192.0 - 87.238.198.255
netname: EVANZO-2010A
descr: EVANZO e-commerce GmbH Infrastructure
remarks: INFRA-AW
country: DE
admin-c: JD536-RIPE
tech-c: JD536-RIPE
status: ASSIGNED PA
mnt-by: MNT-RN1131-RIPE
source: RIPE # Filtered

person: Johann Dasch
address: evanzo e-commerce GmbH
address: Stromstrasse 1-5
address: 10555 Berlin
phone: +421 20871000
fax-no: +421 20871055
nic-hdl: JD536-RIPE
abuse-mailbox: abuse@1blu.de
source: RIPE # Filtered
mnt-by: MNT-RN1131-RIPE

% Information related to '87.238.192.0/21AS42730'

route: 87.238.192.0/21
descr: DE-EVANZO-MK
origin: AS42730
mnt-by: HRW-NOC
mnt-by: MNT-RN1131-RIPE
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 66.220.26.213

Hi,

The IP 66.220.26.213 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 66.220.26.213:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 66.220.26.213"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=66.220.26.213?showDetails=true&showARIN=false&ext=netref2
#

Hurricane Electric, Inc. HURRICANE-3 (NET-66-220-0-0-1) 66.220.0.0 - 66.220.31.255
Gage Design HURRICANE-CE0281-671 (NET-66-220-26-208-1) 66.220.26.208 - 66.220.26.223



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 173.242.115.180

Hi,

The IP 173.242.115.180 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 173.242.115.180:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 173.242.115.180"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=173.242.115.180?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 173.242.112.0 - 173.242.127.255
CIDR: 173.242.112.0/20
OriginAS: AS46664
NetName: VOLUMEDRIVE
NetHandle: NET-173-242-112-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
Comment: http://www.volumedrive.com
RegDate: 2010-05-06
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-173-242-112-0-1

OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RAbuseHandle: VOLUM-ARIN
RAbuseName: VolumeDrive
RAbusePhone: +1-862-266-1083
RAbuseEmail: info@volumedrive.com
RAbuseRef: http://whois.arin.net/rest/poc/VOLUM-ARIN

RTechHandle: VOLUM1-ARIN
RTechName: VolumeDrive POC
RTechPhone: +1-862-266-1083
RTechEmail: info@volumedrive.com
RTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

RNOCHandle: VOLUM-ARIN
RNOCName: VolumeDrive
RNOCPhone: +1-862-266-1083
RNOCEmail: info@volumedrive.com
RNOCRef: http://whois.arin.net/rest/poc/VOLUM-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.101.218.32

Hi,

The IP 198.101.218.32 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.101.218.32:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.101.218.32"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.101.218.32?showDetails=true&showARIN=false&ext=netref2
#

Rackspace Hosting RACKS-8-NET-9 (NET-198-101-128-0-1) 198.101.128.0 - 198.101.255.255
Rackspace Cloud Servers RACKS-8-1350332965104405 (NET-198-101-192-0-1) 198.101.192.0 - 198.101.223.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban