HideMyAss.com

Sunday, 3 November 2013

[Fail2Ban] SSH: banned 221.12.29.170

Hi,

The IP 221.12.29.170 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 221.12.29.170:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '221.12.29.168 - 221.12.29.175'

inetnum: 221.12.29.168 - 221.12.29.175
netname: HANGZHOUBANSHANDIANCHANGHZ
country: CN
descr: HANGZHOUBANSHANDIANCHANG,HANGZHOU,ZHEJIANG
admin-c: JQ16-AP
tech-c: JQ16-AP
status: ASSIGNED NON-PORTABLE
changed: ipmaster@zjnetcom.com 20100903
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

person: Jianhuaq Qian
nic-hdl: JQ16-AP
e-mail: zj_ipmaster@126.com
address: No 1336,BinAn Road,Hangzhou, Zhejiang,China
phone: +86-571-28868063
fax-no: +86-571-28868069
country: CN
changed: zj_ipmaster@126.com 20130709
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

% Information related to '221.12.0.0/17AS4837'

route: 221.12.0.0/17
descr: CNC Group CHINA169 Zhejiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 212.174.142.58

Hi,

The IP 212.174.142.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.174.142.58:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.174.142.0 - 212.174.142.255'

% Abuse contact for '212.174.142.0 - 212.174.142.255' is 'abuse@ttnet.com.tr'

inetnum: 212.174.142.0 - 212.174.142.255
netname: HyperTeknoloji
descr: Istiklal Mah. Dumlupinar Cad. Isik Sok. No:2/6 Umraniye ISTANBUL
country: TR
admin-c: AA840-RIPE
tech-c: AA840-RIPE
status: ASSIGNED PA
mnt-by: AS9121-MNT
source: RIPE # Filtered

person: Ayhan AKTAS
remarks: HyperTeknoloji
address: Istiklal Mah. Dumlupinar Cad. Isik Sok. No:2/6 Umraniye ISTANBUL
phone: +902165235777
nic-hdl: AA840-RIPE
source: RIPE # Filtered

% Information related to '212.174.128.0/17AS9121'

route: 212.174.128.0/17
descr: TurkTelecom
origin: AS9121
mnt-by: AS9121-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 60.10.69.251

Hi,

The IP 60.10.69.251 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 60.10.69.251:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '60.10.69.0 - 60.10.69.255'

inetnum: 60.10.69.0 - 60.10.69.255
netname: LF-guanan
country: cn
descr: guan LangFang City,Hebei prouince.
admin-c: JL2284-AP
tech-c: JL2284-AP
status: ASSIGNED NON-PORTABLE
changed: KONGLF5@CNC.CN 20071226
mnt-by: MAINT-CNCGROUP-HE
source: APNIC

person: jinyuan lu
nic-hdl: JL2284-AP
e-mail: jinyuan_lu@heinfo.net
address: hebei province shijiazhuang
phone: +86-311-86685210
fax-no: +86-311-86051214
country: CN
changed: KONGLF5@CNC.CN 20071226
mnt-by: MAINT-CNCGROUP-HE
source: APNIC

% Information related to '60.10.0.0/16AS4837'

route: 60.10.0.0/16
descr: CNC Group CHINA169 Hebei Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.147.103.83

Hi,

The IP 61.147.103.83 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.103.83:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 58.240.17.250

Hi,

The IP 58.240.17.250 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 58.240.17.250:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '58.240.17.248 - 58.240.17.255'

inetnum: 58.240.17.248 - 58.240.17.255
netname: ShengFenXinXiHuaBu
country: CN
descr: ShengFenXinXiHuaBu,NANJING,JIANGSU PROVINCE
admin-c: LL58-AP
tech-c: LL58-AP
status: ASSIGNED NON-PORTABLE
changed: chenxy@chinaunicom.cn 20100126
mnt-by: MAINT-CNCGROUP-JS
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: js-cu-ipmanage@chinaunicom.cn
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
changed: js-cu-ipmanage@chinaunicom.cn 20130815
mnt-by: MAINT-NEW
source: APNIC

% Information related to '58.240.0.0/15AS4837'

route: 58.240.0.0/15
descr: CNC Group Jiangsu province network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20050603
changed: hm-changed@apnic.net 20050622
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban

Saturday, 2 November 2013

[Fail2Ban] SSH: banned 62.193.238.121

Hi,

The IP 62.193.238.121 has just been banned by Fail2Ban after
19 attempts against SSH.


Here are more information about 62.193.238.121:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '62.193.224.0 - 62.193.239.255'

inetnum: 62.193.224.0 - 62.193.239.255
netname: AMEN-EUROPE-NETWORK
descr: AMEN European Network
descr: For Spam/Abuse requests please send mail to abuse@amenworld.com
country: FR
admin-c: MD10610-RIPE
tech-c: AN910-RIPE
status: ASSIGNED PA
mnt-by: AMEN-MNT
mnt-lower: AMEN-MNT
mnt-routes: AMEN-MNT
remarks: rev-srv: ns1.amenworld.com
remarks: rev-srv: ns2.amenworld.com
source: RIPE # Filtered
remarks: rev-srv attribute deprecated by RIPE NCC on 02/09/2009

role: AMEN NOC
address: AMEN - Agence des Medias Numeriques
address: 12/14, Rond-point des champs elysees
address: 75008 Paris, France
phone: +33 8 92 55 66 77
nic-hdl: AN910-RIPE
admin-c: MD10610-RIPE
tech-c: AN1018-RIPE
tech-c: AN1019-RIPE
mnt-by: AMEN-MNT
source: RIPE # Filtered

person: Martial Daumas
address: AMEN SAS
address: 12-14 Rd Pt des Champs Elysees
address: 75008 Paris, France
phone: +33892556677
nic-hdl: MD10610-RIPE
mnt-by: AMEN-MNT
source: RIPE # Filtered

% Information related to '62.193.224.0/19AS48185'

route: 62.193.224.0/19
descr: AMEN Networks
origin: AS48185
mnt-by: AMEN-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 210.34.14.173

Hi,

The IP 210.34.14.173 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 210.34.14.173:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '210.34.0.0 - 210.34.15.255'

inetnum: 210.34.0.0 - 210.34.15.255
netname: XMU-CN
descr: ~{OCCE4sQ'~}
descr: Xiamen University
descr: Xiamen, Fujian 361005, China
country: CN
admin-c: CT2-CN
tech-c: LG1-CN
tech-c: CER-AP
remarks: origin AS4538
changed: hm-changed@net.edu.cn 19961004
mnt-by: MAINT-CERNET-AP
status: ASSIGNED NON-PORTABLE
source: APNIC

role: CERNET Helpdesk
address: Room 224, Main Building
address: Tsinghua University
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: cernet-helpdesk-ip@net.edu.cn
remarks: abuse@net.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
remarks: Point of Contact for admin-c
mnt-by: MAINT-CERNET-AP
changed: cernet-helpdesk-ip@net.edu.cn 20010903
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chenming Tang
address: Computer Center, Xiamen University
address: Xiamen, Fujian 361005, China
country: CN
phone: +86-592-2086133
e-mail: thzheng@rose.cnc.ac.cn
nic-hdl: CT2-CN
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-NULL
changed: szhu@net.edu.cn 19961004
source: APNIC
changed: hm-changed@apnic.net 20111122

person: Linzhu Gen
address: Computer Center, Xiamen University
address: Xiamen, Fujian 361005, China
country: CN
phone: +86-592-2086133
e-mail: thzheng@rose.cnc.ac.cn
nic-hdl: LG1-CN
notify: address-allocation-staff@net.edu.cn
mnt-by: MAINT-NULL
changed: szhu@net.edu.cn 19961004
source: APNIC
changed: hm-changed@apnic.net 20111122

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.167.161.194

Hi,

The IP 112.167.161.194 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.167.161.194:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 112.167.161.194


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 112.160.0.0 - 112.191.255.255 (/11)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90 (정자동) 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20090210

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 112.160.0.0 - 112.191.255.255 (/11)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20090210

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 81.95.237.29

Hi,

The IP 81.95.237.29 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 81.95.237.29:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '81.95.224.0 - 81.95.239.255'

inetnum: 81.95.224.0 - 81.95.239.255
descr: Sarkor-Telecom
org: ORG-SA72-RIPE
admin-c: RRG24-RIPE
netname: UZ-SARKOR-20020910
country: UZ
tech-c: NOC146-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: SARKOR-MNT
mnt-domains: SARKOR-MNT
mnt-routes: SARKOR-MNT
source: RIPE # Filtered

organisation: ORG-SA72-RIPE
org-name: Sarkor-Telecom
org-type: LIR
address: Sarkor-Telecom Co. Rustam Gaziev 7, Shakhrizabskaya Str 700000 Tashkent UZBEKISTAN
phone: +99871 1220000
fax-no: +99871 1220140
mnt-ref: SARKOR-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: RRG24-RIPE
admin-c: ITV4-RIPE
source: RIPE # Filtered

person: Network Operations Center
address: Sarkor-Telecom Company
address: 7 Shahrisabzskaya str., Tashkent, Uzbekistan
phone: +99871 1220000
nic-hdl: NOC146-RIPE
mnt-by: SARKOR-MNT
source: RIPE # Filtered

person: Rustam R. Gaziev
address: Sarkor-Telecom Company
address: 7 Shakhrizabskaya Str.,
address: Tashkent 700000,
address: Uzbekistan
phone: +998 71 1220000
mnt-by: SARKOR-MNT
nic-hdl: RRG24-RIPE
source: RIPE # Filtered

% Information related to '81.95.237.0/24AS12365'

route: 81.95.237.0/24
descr: Sarkor-Telecom Co, ISP in Uzbekistan
origin: AS12365
mnt-by: SARKOR-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 27.102.207.169

Hi,

The IP 27.102.207.169 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 27.102.207.169:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 27.102.207.169


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 27.102.0.0 - 27.102.255.255 (/16)
서비스명 : DAOU
기관명 : (주)ë&lsqauo;¤ìš°ê¸°ìˆ 
기관고유번호 : ORG896487
주소 : 서울특별ì&lsqauo;œ 서초구 법원로1길 6, SK브로ë"œë°´ë"œIDC ë&lsqauo;¤ìš°ê¸°ìˆ  (서초동)
우편번호 : 137-885
í• ë&lsqauo;¹ì¼ìž : 20100528

[ IPv4주소 책임자 정보 ]
이름 : 박진현
ì „í™"번호 : +82-70-8795-0790
전자우편 : tech@daouidc.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 박진현
ì „í™"번호 : +82-70-8795-0790
전자우편 : tech@daouidc.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 박진현
ì „í™"번호 : +82-70-8795-0790
전자우편 : tech@daouidc.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 27.102.192.0 - 27.102.207.255 (/20)
네트워크 이름 : Daou-Infra
기관명 : (주)ë&lsqauo;¤ìš°ê¸°ìˆ 
기관고유번호 : ORG896830
주소 : 경기 용인ì&lsqauo;œ 수지구 죽전동 23-7 ë&lsqauo;¤ìš°ë""지털스퀘어 6,7층
우편번호 : 448-160
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20110830
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 박진현
기관명 : (주)ë&lsqauo;¤ìš°ê¸°ìˆ 
주소 : 경기 용인ì&lsqauo;œ 수지구 죽전동 23-7 ë&lsqauo;¤ìš°ë""지털스퀘어 6,7층
우편번호 : 448-160
ì „í™"번호 : +82-70-8795-0790
전자우편 : tech@daouidc.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 27.102.0.0 - 27.102.255.255 (/16)
Service Name : DAOU
Organization Name : DAOU TECHNOLOGY
Organization ID : ORG896487
Address : 1710-1 SKBroadband IDC DAOU-TECH, Seoul Seocho-gu Beobwon-ro 1-gil
Zip Code : 137-885
Registration Date : 20100528

[ Admin Contact Information ]
Phone : +82-70-8795-0790
E-Mail : tech@daouidc.com

[ Tech Contact Information ]
Name : Jinhyun Park
Phone : +82-70-8795-0790
E-Mail : tech@daouidc.com

[ Network Abuse Contact Information ]
Name : Jinhyun Park
Phone : +82-70-8795-0790
E-Mail : tech@daouidc.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 27.102.192.0 - 27.102.207.255 (/20)
Network Name : Daou-Infra
Organization Name : Daou Technology INC.
Organization ID : ORG896830
Address : 6,7 Floor DaouDigitalSquare 23-7, Jukjeon-dong Suji-gu, Yongin-si Gyeonggi-do
Zip Code : 448-160
Registration Date : 20110830
Publishes : Y

[ Technical Contact Information ]
Name : JinHyun Park
Organization Name : Daou Technology INC.
Address : 6,7 Floor DaouDigitalSquare 23-7, Jukjeon-dong Suji-gu, Yongin-si Gyeonggi-do
Zip Code : 448-160
Phone : +82-70-8795-0790
E-Mail : tech@daouidc.com


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

Friday, 1 November 2013

[Fail2Ban] SSH: banned 94.200.7.26

Hi,

The IP 94.200.7.26 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 94.200.7.26:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '94.200.7.0 - 94.200.7.127'

% Abuse contact for '94.200.7.0 - 94.200.7.127' is 'abuse@du.ae'

inetnum: 94.200.7.0 - 94.200.7.127
netname: DXB-SiteC1-Grosvenor-ABR1-NET
descr: Emirates Integrated Telecommunications Company PJSC (EITC-DU)
country: AE
remarks: *******************************************************************
remarks: * For any kind of illegal activity originating from our network *
remarks: * Please Contact: abuse@du.ae *
remarks: *******************************************************************
admin-c: EITC2-RIPE
tech-c: EITC2-RIPE
status: Assigned PA
mnt-by: DIC-MNT
mnt-lower: DIC-MNT
mnt-routes: DIC-MNT
source: RIPE # Filtered

role: EITC Contact Role
address: Emirates Integrated Telecommunications
address: P.O.Box:502666
address: Shatha Tower 25th Floor, Dubai, UAE
phone: +97143600000
fax-no: +97143916800
admin-c: IM451-RIPE
tech-c: RS9164-RIPE
tech-c: HU29-RIPE
tech-c: RR4900-RIPE
nic-hdl: EITC2-RIPE
abuse-mailbox: abuse@du.ae
mnt-by: DIC-MNT
source: RIPE # Filtered

% Information related to '94.200.0.0/19AS15802'

route: 94.200.0.0/19
descr: Emirates Integrated Telecommunications Company PJSC
origin: AS15802
mnt-by: DIC-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 113.10.159.215

Hi,

The IP 113.10.159.215 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 113.10.159.215:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '113.10.159.0 - 113.10.159.255'

inetnum: 113.10.159.0 - 113.10.159.255
netname: NWTiDC-HK
descr: NWT iDC Data Service
country: HK
admin-c: NC315-AP
admin-c: IDC1-AP
tech-c: KW315-AP
status: ASSIGNED NON-PORTABLE
remarks: For network abuse email <abuse@newworldtel.com>
mnt-irt: IRT-NEWWORLDTEL-HK
changed: kmmwong@newworldtel.com 20101208
mnt-by: MAINT-HK-NEWWORLDTEL
source: APNIC

irt: IRT-NEWWORLDTEL-HK
address: 17/F Chevalier Commercial Centre,8 Wang Hoi Road, Kowloon Bay,Hong Kong.
e-mail: abuse@newworldtel.com
abuse-mailbox: abuse@newworldtel.com
admin-c: KW315-AP
tech-c: IDC1-AP
tech-c: NC315-AP
auth: # Filtered
mnt-by: MAINT-HK-NEWWORLDTEL
changed: abuse@newworldtel.com 20101207
source: APNIC

person: internet Data Centre
address: 17/F Chevalier Commercial Centre,8 Wang Hoi Road, Kowloon Bay, Hong Kong
country: HK
phone: +852-2133 4277
e-mail: idc@newworldtel.com
nic-hdl: IDC1-AP
mnt-by: MAINT-HK-NEWWORLDTEL
changed: kmmwong@newworldtel.com 20101004
source: APNIC

person: Kwong Ming Wong
nic-hdl: KW315-AP
e-mail: kmmwong@newworldtel.com
address: 17/F Chevalier Commercial Centre,8 Wang Hoi Road, Kowloon Bay,Hong Kong.
phone: +852-21300120
fax-no: + 852 - 2133 2175
country: HK
changed: kmmwong@newworldtel.com 20060814
mnt-by: MAINT-HK-NEWWORLDTEL
source: APNIC

person: Network Management Center
nic-hdl: NC315-AP
e-mail: nmc@newworldtel.com
address: 17/F Chevalier Commercial Centre,
address: 8 Wang Hoi Road, Kowloon Bay,
address: Hong Kong.
phone: + 852 - 2130-0120
fax-no: + 852 - 2133 2175
country: HK
changed: kmmwong@newworldtel.com 20080804
mnt-by: MAINT-HK-NEWWORLDTEL
source: APNIC

% Information related to '113.10.159.0/24AS17444'

route: 113.10.159.0/24
descr: NWT Route Object
origin: AS17444
mnt-by: MAINT-HK-NEWWORLDTEL
changed: kmmwong@newworldtel.com 20110114
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.63.174.67

Hi,

The IP 59.63.174.67 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 59.63.174.67:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.62.0.0 - 59.63.255.255'

inetnum: 59.62.0.0 - 59.63.255.255
netname: CHINANET-JX
descr: CHINANET Jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: JN113-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
changed: hm-changed@apnic.net 20050208
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: wzzx_2013@189.cn
remarks: send spam reports to wzzx_2013@189.cn
remarks: and abuse reports to wzzx_2013@189.cn
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: wzzx_2013@189.cn
mnt-by: MAINT-IP-WWF
changed: hm-changed@apnic.net 20020812
changed: chenyiq@gsta.com 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 124.205.183.86

Hi,

The IP 124.205.183.86 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 124.205.183.86:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '124.205.0.0 - 124.205.255.255'

inetnum: 124.205.0.0 - 124.205.255.255
netname: TVNET
descr: Beijing Time-vision Telecommunication
descr: Technical,Ltd
descr: No.18 Xibahe Dongli,
descr: Chaoyang District,Beijing,China
country: CN
admin-c: JY1241-AP
tech-c: JY1241-AP
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: ipas@cnnic.cn 20091220
status: ALLOCATED NON-PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Justin Yang
address: No.18 Xibahe Dongli,Chaoyang District ,Beijing P.R.C.
country: CN
phone: +86-10-65661862
fax-no: +86-10-65661862-243
e-mail: superxi@bj.datadragon.net
nic-hdl: JY1241-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.net.cn 20070404
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.192.35.146

Hi,

The IP 122.192.35.146 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 122.192.35.146:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.192.0.0 - 122.195.255.255'

inetnum: 122.192.0.0 - 122.195.255.255
netname: UNICOM-JS
descr: China Unicom Jiangsu province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: LL58-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-JS
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20061023
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: js-cu-ipmanage@chinaunicom.cn
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
changed: js-cu-ipmanage@chinaunicom.cn 20130815
mnt-by: MAINT-NEW
source: APNIC

% Information related to '122.192.0.0/14AS4837'

route: 122.192.0.0/14
descr: CNC Group CHINA169 Jiangsu Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20061108
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 190.210.142.81

Hi,

The IP 190.210.142.81 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 190.210.142.81:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-11-01 17:06:44 (BRST -02:00)

inetnum: 190.210.128/18
status: allocated
aut-num: N/A
owner: NSS S.A.
ownerid: AR-NSSA-LACNIC
responsible: Administrador de Ips
address: Reconquista, 865, 2
address: C1003ABQ - Buenos Aires - CF
country: AR
phone: +54 11 50316400 [6420]
owner-c: MAC2
tech-c: MAC2
abuse-c: MAC2
inetrev: 190.210.142/24
nserver: DNS1.IPLANISP.COM.AR
nsstat: 20131031 AA
nslastaa: 20131031
nserver: DNS2.IPLANISP.COM.AR
nsstat: 20131031 AA
nslastaa: 20131031
created: 20100310
changed: 20100310

nic-hdl: MAC2
person: Administrador de Ips
e-mail: abuse-iplan@IPLAN.COM.AR
address: Reconquista, 865, 5to piso
address: 1003 - Buenos Aires -
country: AR
phone: +54 11 50320000 []
created: 20021226
changed: 20111108

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 192.200.110.38

Hi,

The IP 192.200.110.38 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 192.200.110.38:

[Querying whois.arin.net]
[Redirected to support.gorillaservers.com:4321]
[Querying support.gorillaservers.com]
[support.gorillaservers.com]
%rwhois V-1.0,V-1.5:00090h:00 support.gorillaservers.com (Ubersmith RWhois Server V-2.3.0)
autharea=192.200.96.0/19
xautharea=192.200.96.0/19
network:Class-Name:network
network:Auth-Area:192.200.96.0/19
network:ID:NET-2493.192.200.110.32/27
network:Network-Name:192.200.110.34/27
network:IP-Network:192.200.110.32/27
network:IP-Network-Block:192.200.110.32
- 192.200.110.63
network:Org-Name:Xiaodong, Wu
network:Street-Address:
network:City:
network:State:
network:Postal-Code:
network:Country-Code:US
network:Tech-Contact:MAINT-2493.192.200.110.32/27
network:Created:20131022020510000
network:Updated:20131022020510000
network:Updated-By:arin-noc@GorillaServers.com
contact:POC-Name:Network Administrator
contact:POC-Email:arin-noc@GorillaServers.com
contact:POC-Phone:
contact:Tech-Name:Network Administrator
contact:Tech-Email:arin-noc@GorillaServers.com
contact:Tech-Phone:
contact:Abuse-Name:Abuse Department
contact:Abuse-Email:arin-abuse@GorillaServers.com
%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.142.106.34

Hi,

The IP 61.142.106.34 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.142.106.34:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.140.0.0 - 61.146.255.255'

inetnum: 61.140.0.0 - 61.146.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20040914
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 117.239.103.116

Hi,

The IP 117.239.103.116 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 117.239.103.116:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '117.239.103.112 - 117.239.103.127'

inetnum: 117.239.103.112 - 117.239.103.127
netname: ADITHYABSNL
descr: ADITHYA INST OF TECHNOLOGY
descr: adithya inst of technology
descr: SATHY RD KURUMBAPALYAM CBT
descr:
admin-c: NK232-AP
tech-c: NK234-AP
country: IN
admin-c: NIC5-AP
admin-c: NC83-AP
tech-c: CDN1-AP
mnt-by: MAINT-IN-DOT
mnt-irt: IRT-BSNL-IN
status: ASSIGNED NON-PORTABLE
changed: dnw_jtotech@bsnl.in 20111226
source: APNIC

irt: IRT-BSNL-IN
address: Internet Cell
address: Bharat Sanchar Nigam Limited
address: 8th Floor,148-B Statesman House
address: Barakhamba Road, New Delhi - 110 001
e-mail: abuse@bsnl.in
abuse-mailbox: abuse@bsnl.in
admin-c: NC83-AP
tech-c: CGMD1-AP
auth: # Filtered
mnt-by: MAINT-IN-DOT
changed: abuse@bsnl.in 20101111
changed: hm-changed@apnic.net 20101112
source: APNIC

role: CGM Data Networks
address: CTS Compound
address: Netaji Nagar
address: New Delhi- 110 023
country: IN
phone: +91-11-24106782
phone: +91-11-24102119
fax-no: +91-11-26116783
fax-no: +91-11-26887888
e-mail: dnwplg@bsnl.in
e-mail: hostmaster@bsnl.in
admin-c: CGMD1-AP
tech-c: DT197-AP
tech-c: BH155-AP
nic-hdl: CDN1-AP
mnt-by: MAINT-IN-DOT
changed: dnwplg@sancharnet.in 20030120
changed: hm-changed@apnic.net 20071227
source: APNIC

role: NS Cell
address: Internet Cell
address: Bharat Sanchar Nigam Limited
address: 8th Floor,148-B Statesman House
address: Barakhamba Road, New Delhi - 110 001
country: IN
phone: +91-11-23734057
phone: +91-11-23710183
fax-no: +91-11-23734052
e-mail: hostmaster@bsnl.in
e-mail: abuse@bsnl.in
admin-c: CGMD1-AP
tech-c: DT197-AP
nic-hdl: NC83-AP
mnt-by: MAINT-IN-DOT
changed: dnwplg@sancharnet.in 20030120
changed: hm-changed@apnic.net 20071227
source: APNIC

person: Node Incharge COIMBATORE
nic-hdl: NIC5-AP
address: NIB COIMBATORE
address: Telephone Exchange ,Race Course,Coimbatore-18
phone: +91-0422-396028
fax-no: +91-0422-216869
country: IN
e-mail: nib_coimbatore@sancharnet.in
mnt-by: MAINT-IN-PER-DOT
changed: dnwplg@sancharnet.in 20030716
source: APNIC

person: NAVANEETHA KRISHNAN
nic-hdl: NK232-AP
address: adithya inst of technology
address: SATHY RD KURUMBAPALYAM CBT
address:
phone: +91-422-2654504
fax-no: +91-422-2654504
country: IN
e-mail: navaneethakrishnan@adithya.com
mnt-by: MAINT-IN-PER-DOT
changed: dnw_jtotech@bsnl.in 20111226
source: APNIC

person: NAVANEETHA KRISHNAN
nic-hdl: NK234-AP
address: adithya inst of technology
address: SATHY RD KURUMBAPALYAM CBT
address:
phone: +91-422-2654504
fax-no: +91-422-2654504
country: IN
e-mail: navaneethakrishnan@adithya.com
mnt-by: MAINT-IN-PER-DOT
changed: dnw_jtotech@bsnl.in 20111226
source: APNIC

% Information related to '117.239.96.0/20AS9829'

route: 117.239.96.0/20
descr: BSNL Internet
country: IN
origin: AS9829
mnt-lower: MAINT-IN-DOT
mnt-routes: MAINT-IN-DOT
mnt-by: MAINT-IN-AS9829
changed: dnw_jtotech@bsnl.in 20070914
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

Thursday, 31 October 2013

[Fail2Ban] SSH: banned 222.219.96.45

Hi,

The IP 222.219.96.45 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.219.96.45:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.219.0.0 - 222.221.255.255'

inetnum: 222.219.0.0 - 222.221.255.255
netname: CHINANET-YN
descr: CHINANET yunnan province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: ZL48-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-YN
mnt-routes: MAINT-CHINANET-YN
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20040621
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: zhiyong liu
nic-hdl: ZL48-AP
e-mail: ynipm@126.com
address: 136 beijin roadkunmingchina
phone: +86-871-8223073
fax-no: +86-871-8221536
country: CN
changed: ynipm@126.com 20070813
mnt-by: MAINT-CHINANET-YN
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 80.87.64.3

Hi,

The IP 80.87.64.3 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 80.87.64.3:

[Querying whois.afrinic.net]
[whois.afrinic.net]
% This is the AfriNIC Whois server.

% Note: this output has been filtered.

% Information related to '80.87.64.0 - 80.87.64.255'

inetnum: 80.87.64.0 - 80.87.64.255
netname: Vodafone-Ghana
descr: Vodafone Ghana
country: GH
admin-c: MKN4-AFRINIC
tech-c: JT4-AFRINIC
status: ASSIGNED PA
mnt-by: GHANATEL-MNT
remarks: data has been transferred from RIPE Whois Database 20050221
source: AFRINIC # Filtered
parent: 80.87.64.0 - 80.87.95.255

person: Michael Komla Nfodzo
nic-hdl: MKN4-AFRINIC
address: South Liberation Link, Plot No. 25
address: Manet Towers, Airport City
address: Accra
address: Ghana
e-mail: abuse.gh@vodafone.com
phone: +233 302 200200
remarks: data has been transferred from RIPE Whois Database 20050221
mnt-by: MNT-MKN4
source: AFRINIC # Filtered

person: Joana Thompson
nic-hdl: JT4-Afrinic
address: Ghana Telecommunications Company Limited
address: Headquarters
address: Telecom House
address: Nsawam Road
address: Accra-North Ghana
address: Accra
address: Ghana
e-mail: abuse.gh@vodafone.com
phone: +233302200200
source: AFRINIC # Filtered

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 189.254.67.26

Hi,

The IP 189.254.67.26 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 189.254.67.26:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-10-31 13:26:29 (BRST -02:00)

inetnum: 189.240/12
status: allocated
aut-num: N/A
owner: Uninet S.A. de C.V.
ownerid: MX-USCV4-LACNIC
responsible: No hay informacion
address: Periferico Sur, 3190, Jardines del Pedregal
address: 01900 - Cd. de México, Álvaro Obregon - DF
country: MX
phone: +52 55 56244400 []
owner-c: GEC10
tech-c: DCA
abuse-c: SRU
inetrev: 189.254/16
nserver: NSMEX4.UNINET.NET.MX
nsstat: 20131028 AA
nslastaa: 20131028
nserver: NSMEX3.UNINET.NET.MX
nsstat: 20131028 AA
nslastaa: 20131028
nserver: NSMEX2.UNINET.NET.MX
nsstat: 20131028 AA
nslastaa: 20131028
created: 20070905
changed: 20120227

nic-hdl: DCA
person: GESTION DE CAMBIOS
e-mail: gccips1@REDUNO.COM.MX
address: PERIFERICO SUR, 3190, ALVARO OBREG
address: 01900 - MEXICO DF - DF
country: MX
phone: +52 5 556244400 []
created: 20021210
changed: 20111027

nic-hdl: GEC10
person: GESTION DE CAMBIOS
e-mail: gccips@REDUNO.COM.MX
address: PERIFERICO SUR, 3190, ALVARO OBREG
address: 01900 - MEXICO DF - DF
country: MX
phone: +52 5556244400 []
created: 20110706
changed: 20111027

nic-hdl: SRU
person: SEGURIDAD DE RED UNINET
e-mail: abuse@UNINET.NET.MX
address: PERIFERICO SUR, 3190, ALVARO OBREG
address: 01900 - MEXICO - DF
country: MX
phone: +52 55 52237234 []
created: 20030701
changed: 20030703

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

Wednesday, 30 October 2013

[Fail2Ban] SSH: banned 46.173.74.240

Hi,

The IP 46.173.74.240 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 46.173.74.240:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '46.173.64.0 - 46.173.95.255'

inetnum: 46.173.64.0 - 46.173.95.255
netname: AXILAN-NETWORK
descr: Axi-Lan Ltd
country: UA
org: ORG-AXIL1-RIPE
admin-c: AZ2305-RIPE
tech-c: AZ2305-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: AXILANUA-MNT
mnt-by: KCT-MNT
mnt-routes: AXILANUA-MNT
mnt-routes: KCT-MNT
mnt-domains: AXILANUA-MNT
mnt-domains: KCT-MNT
source: RIPE # Filtered

organisation: ORG-AXIL1-RIPE
org-name: Axi-Lan Ltd.
org-type: OTHER
address: 98400, Ukraine, Crimea, Bachchisaray, Frunze 26
mnt-ref: AXILANUA-MNT
mnt-by: AXILANUA-MNT
source: RIPE # Filtered

person: Artem Zubkov
address: Proletarskaya 4/2, Simferopol
address: Crimea, Ukraine
phone: +380634010111
nic-hdl: AZ2305-RIPE
mnt-by: KCT-MNT
source: RIPE # Filtered

% Information related to '46.173.64.0/20AS48004'

route: 46.173.64.0/20
descr: AXILan-Net
origin: AS48004
mnt-by: KCT-MNT
mnt-by: AXILANUA-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 117.79.91.204

Hi,

The IP 117.79.91.204 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 117.79.91.204:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '117.79.80.0 - 117.79.95.255'

inetnum: 117.79.80.0 - 117.79.95.255
netname: SANXIN
descr: Beijing Sanxin Shidai Co.Ltd
descr: 1513 Xinjishu building Beijing link west road
descr: Haidian District, Beijing, PRC
country: CN
admin-c: SJ1535-AP
tech-c: AUTO1-SK
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: ipas@cnnic.cn 20101229
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Shi Kai
nic-hdl: AUTO1-SK
address: 65th Haidian xinjishu building 1513
address: Beijing Haidian District North four link west road
country: CN
phone: +86-10-52789029
fax-no: +86-10-52789032
e-mail: sailor0156@hotmail.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20090513
source: APNIC

person: Shi Jianmin
nic-hdl: SJ1535-AP
address: 65th Haidian xinjishu building 1513
address: Beijing Haidian District North four link west road
country: CN
phone: +86-10-82888393
fax-no: +86-10-82610575-15131
e-mail: antepc@sina.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20090513
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 220.178.18.67

Hi,

The IP 220.178.18.67 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 220.178.18.67:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '220.178.0.0 - 220.180.255.255'

inetnum: 220.178.0.0 - 220.180.255.255
netname: CHINANET-AH
country: CN
descr: CHINANET anhui province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
admin-c: CH93-AP
tech-c: AT318-AP
status: ALLOCATED non-PORTABLE
changed: wanglinlin2@anhuitelecom.com 20060317
mnt-by: MAINT-CHINANET
source: APNIC

role: ANHUI TELECOM
address: 305 Changjiang West Road
address: Hefei Anhui China
country: CN
phone: +86 0551 5185089
fax-no: +86 0551 5185500
e-mail: wanglinlin2@anhuitelecom.com
remarks: send spam reports to abuse@anhuitelecom.com
remarks: and abuse reports to abuse@anhuitelecom.com
remarks: Please include detailed information and
remarks: times in GMT+8:00
remarks: http://www.ah163.net
admin-c: LW604-AP
tech-c: LW604-AP
nic-hdl: AT318-AP
notify: wanglinlin2@anhuitelecom.com
mnt-by: MAINT-CHINANET-AH
changed: wanglinlin2@anhuitelecom.com 20060323
changed: hm-changed@apnic.net 20111114
changed: zhengzm@gsta.com 20130710
abuse-mailbox: abuse@anhuitelecom.com
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.39.57.99

Hi,

The IP 59.39.57.99 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 59.39.57.99:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.32.0.0 - 59.42.255.255'

inetnum: 59.32.0.0 - 59.42.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20040802
changed: hm-changed@apnic.net 20041123
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 92.47.149.213

Hi,

The IP 92.47.149.213 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 92.47.149.213:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '92.47.149.208 - 92.47.149.215'

% Abuse contact for '92.47.149.208 - 92.47.149.215' is 'abuse.spam@telecom.kz'

inetnum: 92.47.149.208 - 92.47.149.215
netname: Uni_Demirelya
descr: Universitet Demirelya
descr: Uni_Demirelya
country: KZ
admin-c: AM26023-RIPE
tech-c: AM26023-RIPE
status: ASSIGNED PA
mnt-by: KNIC-MNT
source: RIPE # Filtered

person: Amreev Maksat
address: Karasaiskii raion, trassa 0
address: KZ
phone: +7 777 2777575
nic-hdl: AM26023-RIPE
mnt-by: KNIC-MNT
source: RIPE # Filtered

% Information related to '92.47.148.0/23AS9198'

route: 92.47.148.0/23
descr: Kazakhtelecom Data Network Administration
origin: AS9198
mnt-by: KNIC-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

Tuesday, 29 October 2013

[Fail2Ban] SSH: banned 49.117.147.86

Hi,

The IP 49.117.147.86 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 49.117.147.86:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '49.112.0.0 - 49.119.255.255'

inetnum: 49.112.0.0 - 49.119.255.255
netname: CHINANET-XJ
descr: CHINANET xinjiang province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
status: ALLOCATED PORTABLE
notify: guoming@xjtelecom.com.cn
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20101022
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CHINANET-XINJIANG
mnt-routes: MAINT-CN-CHINANET-XINJIANG
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 212.83.150.11

Hi,

The IP 212.83.150.11 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.83.150.11:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.83.128.0 - 212.83.153.255'

% Abuse contact for '212.83.128.0 - 212.83.153.255' is 'abuse@proxad.net'

inetnum: 212.83.128.0 - 212.83.153.255
netname: FRWOL
descr: Tiscali France
country: FR
admin-c: BG34
admin-c: LTAD1-RIPE
tech-c: TTFR1-RIPE
status: ASSIGNED PA
remarks: ******************
remarks: All abuse requests MUST be sent to 'abuse@tiscali.fr'
remarks: and the logs must include the timezone and GMT offset.
remarks: ripe-mnt@net.tiscali.fr IS NOT the mail to use to report abuses
remarks: Toute requete abuse DOIT etre envoyee a 'abuse@tiscali.fr'
remarks: en les logs doivent inclure l'heure exacte et le decalage GMT.
remarks: ripe-mnt@net.tiscali.fr N'EST PAS le mail a utiliser pour signaler un abuse.
remarks: ******************
mnt-by: MNT-TISCALIFR
mnt-lower: MNT-TISCALIFR
remarks: Tag: Int
source: RIPE # Filtered

role: LIBERTYSURF TELECOM ABUSE DEPARTMENT
remarks: now known as Online S.A.S. / Iliad-Entreprises
address: 8, rue de la ville l'eveque
address: 75008 Paris
address: France
admin-c: IENT-RIPE
tech-c: IENT-RIPE
nic-hdl: LTAD1-RIPE
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

role: Tiscali Telecom France Registry
remarks: now known as Online S.A.S. / Iliad-Entreprises
address: 8 rue de la ville l'évèque
address: 75008 Paris
address: France
abuse-mailbox: abuse@iliad-entreprises.fr
admin-c: IENT-RIPE
tech-c: IENT-RIPE
tech-c: NR1053-RIPE
nic-hdl: TTFR1-RIPE
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

person: Benoit Grange
address: Tiscali Telecom
address: 37 bis rue Greneta
address: 75002 Paris - France
phone: +33 1 45 08 20 00
fax-no: +33 1 45 08 20 01
remarks: +-----------------------------------------------------------------------+
remarks: | ATTENTION: Pour nous signaler un probleme (intrusion, spam, etc), |
remarks: | merci de respecter la procedure suivante: |
remarks: | Envoyer un mail a "abuse@tiscali.fr" avec les informations suivantes: |
remarks: | - date & heure (y compris le fuseau horaire ou l'heure GMT) |
remarks: | - adresse IP source ou toutes les en-tetes du mail |
remarks: | - nature du probleme (en quelques mots) |
remarks: | Nous ne repondons pas aux demandes par telephone. |
remarks: | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
remarks: | Je ne suis que le representant legal de Tiscali et non pas |
remarks: | l'utilisateur final de l'adresse IP renvoyee par votre firewall |
remarks: | Les adresses IP sont generalement allouees dynamiquement a nos abonnes|
remarks: | et donc votre logiciel ne peut PAS connaitre le nom de l'utilisateur |
remarks: | reel de l'IP. Merci d'avoir lu jusqu'au bout. |
remarks: +-----------------------------------------------------------------------+
nic-hdl: BG34
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

% Information related to '212.83.128.0/19AS12876'

route: 212.83.128.0/19
descr: Online SAS
descr: Paris, France
origin: AS12876
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.8.155.179

Hi,

The IP 61.8.155.179 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.8.155.179:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.8.152.0 - 61.8.155.255'

inetnum: 61.8.152.0 - 61.8.155.255
netname: NET4
descr: Bangalore Network Operations
descr: Net4India Ltd.
descr: Internet Service Provider
descr: D-25, Sector 3, Noida,
descr: UP - 201301, INDIA
country: IN
admin-c: NET4-AP
tech-c: NET4-AP
mnt-by: MAINT-STERCAP-IN
mnt-irt: IRT-NET4-IN
status: ASSIGNED NON-PORTABLE
changed: networkadmin@net4.in 20101109
source: APNIC

irt: IRT-NET4-IN
address: Net4India Ltd.
address: D-25, Sector 3, Noida,
address: UP - 201301,
address: INDIA
e-mail: abuse@net4india.net
abuse-mailbox: abuse@net4india.net
admin-c: NET4-AP
tech-c: NET4-AP
auth: # Filtered
mnt-by: MAINT-STERCAP-IN
changed: networkadmin@net4.in 20101108
source: APNIC

role: Net4 NOC
nic-hdl: NET4-AP
address: Net4India Ltd.
address: D-25, Sector 3, Noida,
address: UP - 201301, INDIA
phone: +91-120-4323500
fax-no: +91-120-4323520
country: IN
e-mail: ipadmin@net4india.net
admin-c: NLIA4-AP
tech-c: NLNA4-AP
mnt-by: MAINT-STERCAP-IN
changed: networkadmin@net4.in 20080912
source: APNIC

% Information related to '61.8.155.0/24AS17447'

route: 61.8.155.0/24
descr: NET4 route object
country: IN
origin: AS17447
mnt-by: MAINT-STERCAP-IN
changed: networkadmin@net4.in 20080915
source: APNIC

% This query was served by the APNIC Whois Service version 1.68.5 (WHOIS3)

Regards,

Fail2Ban