HideMyAss.com

Tuesday, 12 November 2013

[Fail2Ban] SSH: banned 61.35.186.89

Hi,

The IP 61.35.186.89 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.35.186.89:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 61.35.186.89


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 61.32.0.0 - 61.39.255.255 (/13)
서비스명 : BORANET
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG572
주소 : 서울특별ì&lsqauo;œ ì¤'구 소ì›"ë¡œ2길 30 (남대문로5ê°€)
우편번호 : 100-095
í• ë&lsqauo;¹ì¼ìž : 20041115

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-2089-0101
전자우편 : security@bora.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 61.32.0.0 - 61.39.255.255 (/13)
Service Name : BORANET
Organization Name : LG DACOM Corporation
Organization ID : ORG572
Address : 827, Seoul Jung-gu Sowol-ro 2-gil
Zip Code : 100-095
Registration Date : 20041115

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Tech Contact Information ]
Name : IP ADMIN
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-2089-0101
E-Mail : security@bora.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 58.240.17.250

Hi,

The IP 58.240.17.250 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 58.240.17.250:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '58.240.17.248 - 58.240.17.255'

inetnum: 58.240.17.248 - 58.240.17.255
netname: ShengFenXinXiHuaBu
country: CN
descr: ShengFenXinXiHuaBu,NANJING,JIANGSU PROVINCE
admin-c: LL58-AP
tech-c: LL58-AP
status: ASSIGNED NON-PORTABLE
changed: chenxy@chinaunicom.cn 20100126
mnt-by: MAINT-CNCGROUP-JS
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: js-cu-ipmanage@chinaunicom.cn
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
changed: js-cu-ipmanage@chinaunicom.cn 20130815
mnt-by: MAINT-NEW
source: APNIC

% Information related to '58.240.0.0/15AS4837'

route: 58.240.0.0/15
descr: CNC Group Jiangsu province network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20050603
changed: hm-changed@apnic.net 20050622
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.82.244.132

Hi,

The IP 202.82.244.132 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 202.82.244.132:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '202.82.244.128 - 202.82.244.135'

inetnum: 202.82.244.128 - 202.82.244.135
netname: ELITEPRINTINGCOLTD-HK
descr: ELITE PRINTING CO LTD
country: HK
admin-c: KM378-AP
tech-c: TA66-AP
mnt-by: MAINT-HK-PCCW-BIA-CS
changed: netapp@imsbiz.com 20050418
source: APNIC
status: ASSIGNED NON-PORTABLE

role: TECHNICAL ADMINISTRATORS
address: HKT Limited
address: PO Box 9896 GPO
phone: +852-2883-5151
country: HK
e-mail: noc@imsbiz.com
admin-c: NOC18-AP
admin-c: WC109-AP
tech-c: NOC18-AP
tech-c: WC109-AP
nic-hdl: TA66-AP
notify: noc@imsbiz.com
mnt-by: MAINT-HK-PCCW-BIA
changed: wilson.cheung@pccw.com 20111111
source: APNIC

person: KARSON MAK
address: FT 1-8 14/F HONG MAN IND CTR
address: 2 HONG MAN STREET
address: CHAI WAN
address: HONG KONG
country: HK
phone: +852-25580119
fax-no: +852-28972675
e-mail: cs@imsbiz.com
nic-hdl: KM378-AP
mnt-by: MAINT-HK-PCCW-BIA-CS
changed: netapp@imsbiz.com 20050418
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 23.23.201.248

Hi,

The IP 23.23.201.248 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 23.23.201.248:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 23.23.201.248"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=23.23.201.248?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 23.20.0.0 - 23.23.255.255
CIDR: 23.20.0.0/14
OriginAS: AS16509
NetName: AMAZON-EC2-USEAST-10
NetHandle: NET-23-20-0-0-1
Parent: NET-23-0-0-0-0
NetType: Direct Assignment
Comment: The activity you have detected originates from a dynamic hosting environment.
Comment: For fastest response, please submit abuse reports at http://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse
Comment: For more information regarding EC2 see:
Comment: http://ec2.amazonaws.com/
Comment: All reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
RegDate: 2011-09-19
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-23-20-0-0-1


OrgName: Amazon.com, Inc.
OrgId: AMAZO-4
Address: Amazon Web Services, Elastic Compute Cloud, EC2
Address: 1200 12th Avenue South
City: Seattle
StateProv: WA
PostalCode: 98144
Country: US
RegDate: 2005-09-29
Updated: 2009-06-02
Comment: For details of this service please see
Comment: http://ec2.amazonaws.com/
Ref: http://whois.arin.net/rest/org/AMAZO-4

OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: aes-noc@amazon.com
OrgTechRef: http://whois.arin.net/rest/poc/ANO24-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: ec2-abuse@amazon.com
OrgAbuseRef: http://whois.arin.net/rest/poc/AEA8-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

Monday, 11 November 2013

[Fail2Ban] SSH: banned 124.117.249.242

Hi,

The IP 124.117.249.242 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 124.117.249.242:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '124.117.0.0 - 124.117.255.255'

inetnum: 124.117.0.0 - 124.117.255.255
netname: CHINANET-XJ
descr: CHINANET Xinjiang province network
descr: China Telecom
descr: No1,jin-rong Street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: NA15-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CHINANET-XJ
mnt-routes: MAINT-CN-CHINANET-XJ
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20060406
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: NIBIJIANG ABDUKADIR
address: XINJIANG DATA COMMUNICATION BUREAU
address: HUANG HE ROAD 30# URUMQI CITY ,XINJIANG
country: CN
phone: +86 991 5820832
fax-no: +86 991 5820831
e-mail: nba@mail.wl.xj.cn
nic-hdl: NA15-AP
mnt-by: MAINT-CN-CHINANET-XJ
changed: nba@mail.wl.xj.cn 20000212
source: APNIC

% Information related to '124.117.0.0/16AS4134'

route: 124.117.0.0/16
descr: From Xinjiang Network of ChinaTelecom
origin: AS4134
mnt-by: MAINT-CHINANET
changed: dingsy@cndata.com 20060707
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.63.174.67

Hi,

The IP 59.63.174.67 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 59.63.174.67:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.62.0.0 - 59.63.255.255'

inetnum: 59.62.0.0 - 59.63.255.255
netname: CHINANET-JX
descr: CHINANET Jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: JN113-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
changed: hm-changed@apnic.net 20050208
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: wzzx_2013@189.cn
remarks: send spam reports to wzzx_2013@189.cn
remarks: and abuse reports to wzzx_2013@189.cn
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: wzzx_2013@189.cn
mnt-by: MAINT-IP-WWF
changed: hm-changed@apnic.net 20020812
changed: chenyiq@gsta.com 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 123.108.45.24

Hi,

The IP 123.108.45.24 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 123.108.45.24:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '123.108.32.0 - 123.108.63.255'

inetnum: 123.108.32.0 - 123.108.63.255
netname: NETMAGIC-NET
descr: NETMAGIC DATACENTER
country: IN
admin-c: SS87-AP
tech-c: SS87-AP
remarks:
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-irt: IRT-NETMAGIC-IN
changed: hm-changed@apnic.net 20070201
mnt-by: APNIC-HM
mnt-lower: MAINT-IN-NETMAGIC
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-NETMAGIC-IN
address: Mehra Industrial Estate,
address: Near Asha Usha Compound ,
address: LBS Marg Vikhroli(W),
address: Mumbai - 400 079
e-mail: network@netmagicsolutions.com
abuse-mailbox: network@netmagicsolutions.com
admin-c: SS87-AP
tech-c: SS87-AP
auth: # Filtered
mnt-by: MAINT-IN-NETMAGIC
changed: network@netmagicsolutions.com 20110119
source: APNIC

person: Sharad Sanghi
address: Mehra Industrial Estate,
address: Near Asha Usha Compound ,
address: LBS Marg Vikhroli(W),
address: Mumbai - 400 079
country: IN
phone: +91 022-67851799
phone: +91 022-40411799
fax-no: +91 22-67851501
fax-no: +91 22-40411501
e-mail: network@netmagicsolutions.com
nic-hdl: SS87-AP
mnt-by: MAINT-IN-NETMAGIC
changed: prasanna@netmagicsolutions.com 20090923
changed: hm-changed@apnic.net 20090928
changed: hm-changed@apnic.net 20090930
source: APNIC

% Information related to '123.108.45.0/24AS17439'

route: 123.108.45.0/24
descr: NETMAGIC_DATACENTER
origin: AS17439
mnt-by: MAINT-IN-NETMAGIC
changed: nitink@netmagicsolutions.com 20081128
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.95.149.187

Hi,

The IP 112.95.149.187 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.95.149.187:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.88.0.0 - 112.95.255.255'

inetnum: 112.88.0.0 - 112.95.255.255
netname: UNICOM-GD
descr: China Unicom Guangdong province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: RP181-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-GD
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20090112
changed: hm-changed@apnic.net 20090507
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: runkeng pan
nic-hdl: RP181-AP
e-mail: wangjj238@chinaunicom.cn
address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
phone: +86-20-22214174
fax-no: +86-20-22212266-4174
country: CN
changed: wangjj238@chinaunicom.cn 20071221
mnt-by: MAINT-CNCGROUP-GD
source: APNIC

% Information related to '112.88.0.0/13AS17816'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS17816
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% Information related to '112.88.0.0/13AS4837'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.102.219.38

Hi,

The IP 202.102.219.38 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 202.102.219.38:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '202.102.219.32 - 202.102.219.47'

inetnum: 202.102.219.32 - 202.102.219.47
netname: LIUAN-GOV
descr: liuan gov
country: CN
admin-c: JW89-AP
tech-c: JW89-AP
mnt-by: MAINT-CHINANET-AH
status: ASSIGNED NON-PORTABLE
changed: wjn@mail.hf.ah.cn 20010109
changed: hm-changed@apnic.net 20040928
changed: hm-changed@apnic.net 20040928
source: APNIC

person: Jinneng Wang
address: 17/F, Postal Building No.120 Changjiang
address: Middle Road, Hefei, Anhui, China
country: CN
phone: +86-551-2659073
fax-no: +86-551-2659287
e-mail: wang@mail.hf.ah.cninfo.net
nic-hdl: JW89-AP
mnt-by: MAINT-NEW
changed: wang@mail.hf.ah.cninfo.net 19990818
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 67.208.117.162

Hi,

The IP 67.208.117.162 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 67.208.117.162:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 67.208.117.162"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=67.208.117.162?showDetails=true&showARIN=false&ext=netref2
#

Jeyan Snyers CRUCIALUS (NET-67-208-117-160-1) 67.208.117.160 - 67.208.117.167
Crucial Paradigm CRUCIALP (NET-67-208-112-0-1) 67.208.112.0 - 67.208.127.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 31.199.3.178

Hi,

The IP 31.199.3.178 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 31.199.3.178:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '31.199.3.160 - 31.199.3.191'

% Abuse contact for '31.199.3.160 - 31.199.3.191' is 'abuse@business.telecomitalia.it'

inetnum: 31.199.3.160 - 31.199.3.191
netname: ERICSSON-TELECOMUNICAZIONI
descr: ERICSSON TELECOMUNICAZIONI S.P.A.
country: IT
admin-c: PT6067-RIPE
tech-c: PT6067-RIPE
status: ASSIGNED PA
mnt-by: INTERB-MNT
source: RIPE # Filtered

person: PIERO TOLLIS
address: ERICSSON TELECOMUNICAZIONI S.P.A.
address: VIA ANAGNINA 203
address: 00100 ROMA
address: IT
phone: +39 0672582887
nic-hdl: PT6067-RIPE
mnt-by: INTERB-MNT
source: RIPE # Filtered

% Information related to '31.198.0.0/15AS3269'

route: 31.198.0.0/15
descr: INTERBUSINESS
origin: AS3269
remarks: ************************************************
remarks: * Pay attention *
remarks: * Any communication sent to email different *
remarks: * from the following will be ignored! *
remarks: * Any abuse reports, please send them to *
remarks: * abuse@business.telecomitalia.it *
remarks: ************************************************
mnt-by: INTERB-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

Sunday, 10 November 2013

[Fail2Ban] SSH: banned 221.12.29.170

Hi,

The IP 221.12.29.170 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 221.12.29.170:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '221.12.29.168 - 221.12.29.175'

inetnum: 221.12.29.168 - 221.12.29.175
netname: HANGZHOUBANSHANDIANCHANGHZ
country: CN
descr: HANGZHOUBANSHANDIANCHANG,HANGZHOU,ZHEJIANG
admin-c: JQ16-AP
tech-c: JQ16-AP
status: ASSIGNED NON-PORTABLE
changed: ipmaster@zjnetcom.com 20100903
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

person: Jianhuaq Qian
nic-hdl: JQ16-AP
e-mail: zj_ipmaster@126.com
address: No 1336,BinAn Road,Hangzhou, Zhejiang,China
phone: +86-571-28868063
fax-no: +86-571-28868069
country: CN
changed: zj_ipmaster@126.com 20130709
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

% Information related to '221.12.0.0/17AS4837'

route: 221.12.0.0/17
descr: CNC Group CHINA169 Zhejiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 92.42.248.54

Hi,

The IP 92.42.248.54 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 92.42.248.54:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '92.42.248.0 - 92.42.255.255'

% Abuse contact for '92.42.248.0 - 92.42.255.255' is 'abuse@oriontelekom.rs'

inetnum: 92.42.248.0 - 92.42.255.255
netname: RS-ORIONTELEKOM-20071231
descr: Drustvo za telekomunikacije Orion telekom doo Beograd, Gandijeva 76a
country: RS
org: ORG-MW1-RIPE
admin-c: VZ525-RIPE
tech-c: OTN7-RIPE
status: ALLOCATED PA
remarks: Please send abuse reports to abuse@oriontelekom.rs
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: ORIONTELEKOM-MNT
mnt-domains: ORIONTELEKOM-MNT
mnt-routes: ORIONTELEKOM-MNT
source: RIPE # Filtered

organisation: ORG-MW1-RIPE
org-name: Drustvo za telekomunikacije Orion telekom doo Beograd, Gandijeva 76a
org-type: LIR
address: Orion Telekom
address: Jelena Lalic
address: Gandijeva 76a
address: 11070
address: Belgrade
address: SERBIA
phone: +381 11 2228 333
fax-no: +381 11 2228 334
remarks: Please send abuse reports to abuse@oriontelekom.rs
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: ORIONTELEKOM-MNT
mnt-by: RIPE-NCC-HM-MNT
tech-c: OTN7-RIPE
admin-c: OTN7-RIPE
admin-c: BL3549-RIPE
admin-c: TERZ1-RIPE
admin-c: VZ525-RIPE
admin-c: ZA1048-RIPE
abuse-c: OTN7-RIPE
source: RIPE # Filtered

role: Orion Telekom NOC
address: Orion Telekom
address: Gandijeva 76a, Belgrade, Serbia
phone: +381 11 2228 388
fax-no: +381 11 2228 334
remarks: *******************************************************************
remarks: Please send abuse reports to abuse@oriontelekom.rs
remarks: *******************************************************************
abuse-mailbox: abuse@oriontelekom.rs
admin-c: TERZ1-RIPE
admin-c: BL3549-RIPE
admin-c: ZA1048-RIPE
tech-c: VG1799-RIPE
nic-hdl: OTN7-RIPE
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

person: Vladimir Zolnjan
address: Orion Telekom NOC
address: Gandijeva 76a
address: Belgrade, Serbia
phone: +381 11 2228 388
nic-hdl: VZ525-RIPE
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

% Information related to '92.42.248.0/22AS9125'

route: 92.42.248.0/22
descr: Orion Telekom ISP IP network
origin: AS9125
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 216.53.198.34

Hi,

The IP 216.53.198.34 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 216.53.198.34:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 216.53.198.34"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=216.53.198.34?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 216.53.128.0 - 216.53.255.255
CIDR: 216.53.128.0/17
OriginAS:
NetName: MPRD-MPINET
NetHandle: NET-216-53-128-0-1
Parent: NET-216-0-0-0-0
NetType: Direct Allocation
Comment: For abuse and/or spam complaints, please email
Comment: abuse@mpinet.com.
RegDate: 1999-06-10
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-216-53-128-0-1

OrgName: MPInet
OrgId: MPRD
Address: 1101 N. Keller Rd.
Address: Suite B
City: Orlando
StateProv: FL
PostalCode: 32810
Country: US
RegDate: 1999-06-10
Updated: 2011-11-30
Ref: http://whois.arin.net/rest/org/MPRD

OrgNOCHandle: IAS6-ARIN
OrgNOCName: IP Admin Services
OrgNOCPhone: +1-407-660-7900
OrgNOCEmail: ipadmin@mpinet.com
OrgNOCRef: http://whois.arin.net/rest/poc/IAS6-ARIN

OrgTechHandle: IAS6-ARIN
OrgTechName: IP Admin Services
OrgTechPhone: +1-407-660-7900
OrgTechEmail: ipadmin@mpinet.com
OrgTechRef: http://whois.arin.net/rest/poc/IAS6-ARIN

OrgAbuseHandle: IAS6-ARIN
OrgAbuseName: IP Admin Services
OrgAbusePhone: +1-407-660-7900
OrgAbuseEmail: ipadmin@mpinet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/IAS6-ARIN

RTechHandle: IAS6-ARIN
RTechName: IP Admin Services
RTechPhone: +1-407-660-7900
RTechEmail: ipadmin@mpinet.com
RTechRef: http://whois.arin.net/rest/poc/IAS6-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 209.124.34.11

Hi,

The IP 209.124.34.11 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 209.124.34.11:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 209.124.34.11"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=209.124.34.11?showDetails=true&showARIN=false&ext=netref2
#

123.Net, Inc. 123NET-BLK-I123-7 (NET-209-124-32-0-1) 209.124.32.0 - 209.124.63.255
VR Metro LLC I123-209124034000- (NET-209-124-34-0-1) 209.124.34.0 - 209.124.34.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.147.70.112

Hi,

The IP 61.147.70.112 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.70.112:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.3.243.223

Hi,

The IP 218.3.243.223 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 218.3.243.223:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.3.243.208 - 218.3.243.223'

inetnum: 218.3.243.208 - 218.3.243.223
netname: xuzhou-normal-university
descr: xuzhou normal university
descr: Xuzhou City
descr: Jiangsu Province
country: CN
admin-c: CH482-AP
tech-c: CH482-AP
changed: ip@jsinfo.net 20100202
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CHINANET-JS
mnt-lower: MAINT-CHINANET-JS-XZ
source: APNIC

person: CHINANET-JS-XZ Hostmaster
address: No.116,Huaihai East Road,Xuzhou 221000
country: CN
phone: +86-516-5806352
fax-no: +86-516-3712480
e-mail: ipxz@pub.xz.jsinfo.net
nic-hdl: CH482-AP
remarks: send anti-spam or abuse reports to abuse@public.xz.js.cn
remarks: or abuse@pub.xz.jsinfo.net
remarks: times in GMT+8
mnt-by: MAINT-CHINANET-JS-XZ
changed: ip@jsinfo.net 20030428
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 117.132.13.100

Hi,

The IP 117.132.13.100 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 117.132.13.100:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '117.128.0.0 - 117.191.255.255'

inetnum: 117.128.0.0 - 117.191.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
admin-c: JS686-AP
tech-c: HL1318-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
mnt-routes: MAINT-CN-CMCC
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20070717
source: APNIC

person: haijun li
nic-hdl: HL1318-AP
e-mail: hostmaster@chinamobile.com
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 10 66006688
fax-no: +86 10 52616187
country: CN
changed: hostmaster@chinamobile.com 20110824
mnt-by: MAINT-CN-CMCC
source: APNIC

person: Jinxia Sun
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
country: CN
phone: +86-10-66006688-1755
fax-no: +86-10-66006012
e-mail: sunjinxia@chinamobile.com
nic-hdl: JS686-AP
remarks: ------------------------------
remarks: Please send abuse e-mail to
remarks: abuse@chinamobile.com
remarks: Please send probe e-mail to
remarks: security@chinamobile.com
remarks: -------------------------------
mnt-by: MAINT-CN-CMCC
changed: hostmaster@chinamobile.com 20030130
source: APNIC

% Information related to '117.132.0.0/16AS9808'

route: 117.132.0.0/16
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: lihaijun@chinamobile.com 20090217
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 54.241.132.139

Hi,

The IP 54.241.132.139 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 54.241.132.139:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 54.241.132.139"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=54.241.132.139?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 54.240.0.0 - 54.255.255.255
CIDR: 54.240.0.0/12
OriginAS: AS16509
NetName: AMAZON-2011L
NetHandle: NET-54-240-0-0-1
Parent: NET-54-0-0-0-0
NetType: Direct Allocation
RegDate: 2011-12-09
Updated: 2012-04-02
Ref: http://whois.arin.net/rest/net/NET-54-240-0-0-1

OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2012-01-06
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: http://whois.arin.net/rest/org/AT-88-Z

OrgAbuseHandle: AANO1-ARIN
OrgAbuseName: Amazon AWS Network Operations
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: aes-noc@amazon.com
OrgAbuseRef: http://whois.arin.net/rest/poc/AANO1-ARIN

OrgTechHandle: AANO1-ARIN
OrgTechName: Amazon AWS Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: aes-noc@amazon.com
OrgTechRef: http://whois.arin.net/rest/poc/AANO1-ARIN

OrgTechHandle: ROLEA19-ARIN
OrgTechName: Role Account
OrgTechPhone: +1-206-266-4064
OrgTechEmail: noc@amazon.com
OrgTechRef: http://whois.arin.net/rest/poc/ROLEA19-ARIN

OrgNOCHandle: ROLEA19-ARIN
OrgNOCName: Role Account
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: noc@amazon.com
OrgNOCRef: http://whois.arin.net/rest/poc/ROLEA19-ARIN

OrgTechHandle: AC6-ORG-ARIN
OrgTechName: Amazon-com Incoroporated
OrgTechPhone: +1-206-266-4064
OrgTechEmail: NOC@amazon.com
OrgTechRef: http://whois.arin.net/rest/poc/AC6-ORG-ARIN

OrgNOCHandle: AC6-ORG-ARIN
OrgNOCName: Amazon-com Incoroporated
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: NOC@amazon.com
OrgNOCRef: http://whois.arin.net/rest/poc/AC6-ORG-ARIN

OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-266-4064
OrgNOCEmail: aes-noc@amazon.com
OrgNOCRef: http://whois.arin.net/rest/poc/AANO1-ARIN

OrgAbuseHandle: ROLEA19-ARIN
OrgAbuseName: Role Account
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: noc@amazon.com
OrgAbuseRef: http://whois.arin.net/rest/poc/ROLEA19-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.74.60.190

Hi,

The IP 198.74.60.190 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.74.60.190:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.74.60.190"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.74.60.190?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 198.74.48.0 - 198.74.63.255
CIDR: 198.74.48.0/20
OriginAS:
NetName: LINODE-US
NetHandle: NET-198-74-48-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
RegDate: 2012-08-27
Updated: 2012-08-27
Ref: http://whois.arin.net/rest/net/NET-198-74-48-0-1

OrgName: Linode
OrgId: LINOD
Address: 329 E. Jimmie Leeds Road
Address: Suite A
City: Galloway
StateProv: NJ
PostalCode: 08205
Country: US
RegDate: 2008-04-24
Updated: 2010-08-31
Comment: http://www.linode.com
Ref: http://whois.arin.net/rest/org/LINOD

OrgTechHandle: LNO21-ARIN
OrgTechName: Linode Network Operations
OrgTechPhone: +1-609-593-7103
OrgTechEmail: support@linode.com
OrgTechRef: http://whois.arin.net/rest/poc/LNO21-ARIN

OrgNOCHandle: LNO21-ARIN
OrgNOCName: Linode Network Operations
OrgNOCPhone: +1-609-593-7103
OrgNOCEmail: support@linode.com
OrgNOCRef: http://whois.arin.net/rest/poc/LNO21-ARIN

OrgAbuseHandle: LAS12-ARIN
OrgAbuseName: Linode Abuse Support
OrgAbusePhone: +1-609-593-7103
OrgAbuseEmail: abuse@linode.com
OrgAbuseRef: http://whois.arin.net/rest/poc/LAS12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 116.90.84.187

Hi,

The IP 116.90.84.187 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 116.90.84.187:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '116.90.80.0 - 116.90.87.255'

inetnum: 116.90.80.0 - 116.90.87.255
netname: TopnewNET
descr: Beijing Topnew Info&Tech co., LTD.
descr: No.9, Jintaili, Chaoyang District,
descr: Beijing, China 100026
country: CN
admin-c: LC1626-AP
tech-c: XW1364-AP
mnt-by: MAINT-AP-CNISP
mnt-irt: IRT-CNISP-CN
status: allocated non-portable
changed: ip@cnisp.org.cn 20130814
source: APNIC

irt: IRT-CNISP-CN
address: CNISP-Union Technology (Beijing) Co., Ltd
e-mail: ip@cnisp.org.cn
abuse-mailbox: ip@cnisp.org.cn
admin-c: DY1-AUTO
tech-c: WF1-AUTO
auth: # Filtered
mnt-by: MAINT-AP-CNISP
changed: ip@cnisp.org.cn 20101109
changed: hm-changed@apnic.net 20101111
source: APNIC

person: Li Chaocheng
nic-hdl: LC1626-AP
e-mail: lcc@topnew.cn
address: No.9 A Jintaili District Chaoyang Beijing China
phone: +10-52081208
fax-no: +10-52081280
country: CN
changed: ipas@cnnic.cn 20081103
mnt-by: MAINT-CN-PUTIAN
source: APNIC

person: Xiaoli Wang
nic-hdl: XW1364-AP
e-mail: wxl@topnew.cn
address: No.9 A Jintaili District Chaoyang Beijing China
phone: +10-52081238
fax-no: +10-52081280
country: CN
changed: ipas@cnnic.cn 20081103
mnt-by: MAINT-CN-PUTIAN
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 125.211.218.228

Hi,

The IP 125.211.218.228 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 125.211.218.228:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '125.211.0.0 - 125.211.255.255'

inetnum: 125.211.0.0 - 125.211.255.255
netname: UNICOM-HL
descr: China Unicom Heilongjiang Province Network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: BG63-AP
remarks: service provider
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HL
mnt-routes: MAINT-CNCGROUP-RR
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20070216
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: Binghui Gao
nic-hdl: BG63-AP
e-mail: luanfuyu@vip.hl.cn
address: Shuniu Building,No.155 Zhongshan road,Harbin,Heilongjiang
phone: +86-451-82651467
fax-no: +86-451-82651464
country: CN
changed: luanfuyu@vip.hl.cn 20100310
mnt-by: MAINT-CNCGROUP-HL
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

% Information related to '125.211.192.0/19AS4837'

route: 125.211.192.0/19
descr: CNC Group CHINA169 Heilongjiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20070319
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.11.50.7

Hi,

The IP 122.11.50.7 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 122.11.50.7:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.11.32.0 - 122.11.63.255'

inetnum: 122.11.32.0 - 122.11.63.255
netname: CDSNET
descr: Beijing capitalonline data service co.,LTD
descr: Rm.16c,Bldg.2#A,Jinyuan times business Centre,
descr: No.2,Landianchang-East Rd.,
descr: Haidian District,Beijing
country: CN
admin-c: LT708-AP
tech-c: MH1160-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-CN-BLUESKY
changed: tao.li@yun-idc.com 20131016
mnt-irt: IRT-FEIFAN-CN
source: APNIC

irt: IRT-FEIFAN-CN
address: ROAD 1, GAOXIN AREA , LIUZHOU
e-mail: 1818@cttgx.com
abuse-mailbox: 1818@cttgx.com
admin-c: AC893-AP
tech-c: AC893-AP
auth: # Filtered
mnt-by: MAINT-CN-BLUESKY
changed: 1818@cttgx.com 20110310
source: APNIC

person: Li Tao
address: Rm.16c Bldg.2#A,Jinyuan times business Centre
address: No.2,Landianchang-East Rd.
address: Haidian District Beijing
country: CN
phone: +86-10-51997733
e-mail: tao.li@yun-idc.com
nic-hdl: LT708-AP
mnt-by: MAINT-CN-BLUESKY
changed: tao.li@yun-idc.com 20131016
source: APNIC

person: Meng Hong
address: Rm.16c Bldg.2#A,Jinyuan times business Centre
address: No.2,Landianchang-East Rd.
address: Haidian District Beijing
country: CN
phone: +86-10-51997733
e-mail: hong.meng@yun-idc.com
nic-hdl: MH1160-AP
mnt-by: MAINT-CN-BLUESKY
changed: hong.meng@yun-idc.com 20131016
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

Saturday, 9 November 2013

[Fail2Ban] SSH: banned 202.111.52.58

Hi,

The IP 202.111.52.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 202.111.52.58:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '202.111.52.48 - 202.111.52.63'

inetnum: 202.111.52.48 - 202.111.52.63
netname: WUXI-langqi-tech-corp
descr: wuxi langqi tech co,.ltd
descr: Wuxi City
descr: Jiangsu Province
country: CN
admin-c: CH456-AP
tech-c: CH456-AP
changed: ip@jsinfo.net 20090605
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CHINANET-JS
mnt-lower: MAINT-CHINANET-JS-WX
source: APNIC

person: CHINANET-JS-WX Hostmaster
address: No.3,Jiankang Road,Wuxi 214001
country: CN
phone: +86-510-2730813
fax-no: +86-510-2700519
e-mail: ipwx@pub.wx.jsinfo.net
nic-hdl: CH456-AP
remarks: send anti-spam or abuse reports to abuse@public1.wx.js.cn
remarks: or abuse@pub.wx.jsinfo.net
remarks: times in GMT+8
mnt-by: MAINT-CHINANET-JS-WX
changed: ip@jsinfo.net 20021231
source: APNIC

% Information related to '202.111.0.0/17AS23650'

route: 202.111.0.0/17
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.103.190.147

Hi,

The IP 222.103.190.147 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 222.103.190.147:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 222.103.190.147


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 222.96.0.0 - 222.122.255.255 (/12+/13+/15+/16)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90 (정자동) 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20031110

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 222.96.0.0 - 222.122.255.255 (/12+/13+/15+/16)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20031110

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 36.39.246.121

Hi,

The IP 36.39.246.121 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 36.39.246.121:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 36.39.246.121


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 36.38.0.0 - 36.39.255.255 (/15)
서비스명 : CJ-HELLOVISION
기관명 : 주ì&lsqauo;íšŒì‚¬ ì"¨ì œì´í—¬ë¡œë¹„ì „
기관고유번호 : ORG809949
주소 : 서울특별ì&lsqauo;œ ì–'천구 ì&lsqauo; ì •ë¡œ 267 (ì&lsqauo; ì •ë™)
우편번호 : 158-070
í• ë&lsqauo;¹ì¼ìž : 20110210

[ IPv4주소 책임자 정보 ]
이름 : 김창선
ì „í™"번호 : +82-2-2600-2941
전자우편 : leo4u@cj.net

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 김창선
ì „í™"번호 : +82-70-8130-1751
전자우편 : leo4u@cj.net

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 김창선
ì „í™"번호 : +82-70-8130-2212
전자우편 : leo4u@cj.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 36.38.0.0 - 36.39.255.255 (/15)
Service Name : CJ-HELLOVISION
Organization Name : CJ-HELLOVISION
Organization ID : ORG809949
Address : 1254, Seoul Yangcheon-gu Sinjeong-ro
Zip Code : 158-070
Registration Date : 20110210

[ Admin Contact Information ]
Name : Kim chang sun
Phone : +82-2-2600-2941
E-Mail : leo4u@cj.net

[ Tech Contact Information ]
Name : Kim chang sun
Phone : +82-70-8130-1751
E-Mail : leo4u@cj.net

[ Network Abuse Contact Information ]
Name : YOUNGCHAN LEE
Phone : +82-70-8130-2212
E-Mail : leo4u@cj.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 113.11.208.98

Hi,

The IP 113.11.208.98 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 113.11.208.98:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '113.11.192.0 - 113.11.223.255'

inetnum: 113.11.192.0 - 113.11.223.255
netname: DIGILAND
descr: Beijing Digiland media technology Co. Ltd
descr: Apt2 No5 Jinyuanzhuang AVE shijingshan district Beijing
country: CN
admin-c: ZR412-AP
tech-c: ZH1940-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
mnt-routes: MAINT-CNNIC-AP
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20080929
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Zhang Hong
address: Apt2 No5 Jinyuanzhuang AVE shijingshan district Beijing
country: CN
phone: +86-10-88800066-5005
e-mail: 178819204@qq.com
nic-hdl: ZH1940-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20120428
source: APNIC

person: Zhang RenLiang
address: Apt2 No5 Jinyuanzhuang AVE shijingshan district Beijing
country: CN
phone: +86-10-88800066-1024
e-mail: 13911898865@139.com
nic-hdl: ZR412-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20120428
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

Friday, 8 November 2013

[Fail2Ban] SSH: banned 14.63.227.133

Hi,

The IP 14.63.227.133 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 14.63.227.133:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 14.63.227.133


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 14.32.0.0 - 14.95.255.255 (/10)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90 (정자동) 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20100805

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
네트워크 이름 : KORNET-INFRA000001
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 정자동
우편번호 : 463-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20130318
공개여부 : N

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
기관명 : KORNET
주소 : 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 정자동
우편번호 : 463-711
전자우편 : kornet_ip@kt.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 14.32.0.0 - 14.95.255.255 (/10)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20100805

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
Network Name : KORNET-INFRA000001
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : Jungja-dong, Bundang-gu, Sungnam-ci
Zip Code : 463-711
Registration Date : 20130318
Publishes : N

[ Technical Contact Information ]
Organization Name : Korea Telecom
Address : Jungja-dong, Bundang-gu, Sungnam-ci
Zip Code : 463-711
E-Mail : kornet_ip@kt.com


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 187.241.191.131

Hi,

The IP 187.241.191.131 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 187.241.191.131:

[Querying whois.arin.net]
[Redirected to whois.lacnic.net]
[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-11-08 21:15:48 (BRST -02:00)

inetnum: 187.240/13
status: allocated
aut-num: N/A
owner: Mega Cable, S.A. de C.V.
ownerid: MX-MSCV17-LACNIC
responsible: Orencio Meza
address: Av. Lazaro Cardenas, 1694, Del Fresno
address: 44900 - Guadalajara - JA
country: MX
phone: +52 3337500020 []
owner-c: NIT
tech-c: NIT
abuse-c: NIT
inetrev: 187.240/13
nserver: UNIX.MEGARED.NET.MX
nsstat: 20131107 AA
nslastaa: 20131107
nserver: UNIX2.MEGARED.NET.MX
nsstat: 20131107 AA
nslastaa: 20131107
created: 20120316
changed: 20120316

nic-hdl: NIT
person: NIC TECH
e-mail: nic_tech@MEGACABLE.COM.MX
address: Lazaro Cardenas, 1694, Del Fresno
address: 44900 - Guadalajara - Ja
country: MX
phone: +52 33 37500029 []
created: 20030303
changed: 20120105

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban