HideMyAss.com

Monday, 16 December 2013

[Fail2Ban] SSH: banned 5.45.176.44

Hi,

The IP 5.45.176.44 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 5.45.176.44:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '5.45.176.32 - 5.45.176.63'

% Abuse contact for '5.45.176.32 - 5.45.176.63' is 'abuse@as29141.net'

inetnum: 5.45.176.32 - 5.45.176.63
netname: QHOSTER-BNK-DE-20130417
descr: IP Space for dedicated servers
country: DE
admin-c: NK1916-RIPE
tech-c: NK1916-RIPE
status: ASSIGNED PA
mnt-by: MNT-BNK
remarks: T#430384
source: RIPE # Filtered

person: Nikolay Kolev
address: QHoster Ltd
address: 27 Nikola D. Petkov Str.
address: BG-5400 Sevlievo
address: Bulgaria
phone: +359-898-547122
nic-hdl: NK1916-RIPE
source: RIPE # Filtered
mnt-by: MNT-BNK

% Information related to '5.45.176.0/21AS29141'

route: 5.45.176.0/21
descr: Routed by AS29141
remarks: ###########################################
remarks: In case of abuse, please send an e-mail to
remarks: abuse@as29141.net
remarks: ###########################################
origin: AS29141
mnt-by: MNT-BNK
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 113.108.211.131

Hi,

The IP 113.108.211.131 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 113.108.211.131:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '113.96.0.0 - 113.111.255.255'

inetnum: 113.96.0.0 - 113.111.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
mnt-routes: MAINT-CHINANET-GD
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20081103
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 221.234.231.190

Hi,

The IP 221.234.231.190 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 221.234.231.190:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '221.232.0.0 - 221.235.255.255'

inetnum: 221.232.0.0 - 221.235.255.255
netname: CHINANET-HB
descr: CHINANET Hubei province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CHA1-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CHINANET-HB
mnt-routes: MAINT-CN-CHINANET-HB
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20030715
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET HB ADMIN
address: 8th floor of JinGuang Building
address: #232 of Macao Road
address: HanKou Wuhan Hubei Province
address: P.R.China
country: CN
phone: +86 27 82862199
fax-no: +86 27 82861499
e-mail: hbadd@189.cn
remarks: send spam reports to hbadd@189.cn
remarks: and abuse reports to hbadd@189.cn
remarks: Please include detailed information and
remarks: times in GMT+8
admin-c: YZ83-AP
admin-c: ZC77-AP
tech-c: YZ83-AP
tech-c: ZC77-AP
nic-hdl: CHA1-AP
notify: hbadd@189.cn
mnt-by: MAINT-CN-CHINANET-HB
changed: zhangyl68@public.wh.hb.cn 20031114
changed: hm-changed@apnic.net 20111114
changed: zhengzm@gsta.com 20130806
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 32.65.240.44

Hi,

The IP 32.65.240.44 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 32.65.240.44:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 32.65.240.44"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=32.65.240.44?showDetails=true&showARIN=false&ext=netref2
#

IDC Beatle RWC1 ATT-IDC-BEATLE-RWC1-20131004 (NET-32-65-240-0-1) 32.65.240.0 - 32.65.241.255
AT&T Global Network Services, LLC ATTGLB-CLCOM-32-65-0-0-16 (NET-32-65-0-0-1) 32.65.0.0 - 32.65.255.255
AT&T Global Network Services, LLC ATT-32-0-0-0-A (NET-32-0-0-0-1) 32.0.0.0 - 32.255.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 74.208.167.237

Hi,

The IP 74.208.167.237 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 74.208.167.237:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 74.208.167.237"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=74.208.167.237?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 74.208.0.0 - 74.208.255.255
CIDR: 74.208.0.0/16
OriginAS: AS8560
NetName: 1AN1-NETWORK
NetHandle: NET-74-208-0-0-1
Parent: NET-74-0-0-0-0
NetType: Direct Allocation
Comment: For abuse issues, please use only abuse@1and1.com
RegDate: 2006-11-22
Updated: 2012-02-02
Ref: http://whois.arin.net/rest/net/NET-74-208-0-0-1

OrgName: 1&1 Internet Inc.
OrgId: 11INT
Address: 701 Lee Rd
Address: Suite 300
City: Chesterbrook
StateProv: PA
PostalCode: 19087
Country: US
RegDate: 2006-09-05
Updated: 2013-04-23
Comment: http://www.1and1.com
Comment: For abuse issues, please use only abuse@1and1.com
Ref: http://whois.arin.net/rest/org/11INT

OrgAbuseHandle: 1AD-ARIN
OrgAbuseName: 1and1 Abuse Department
OrgAbusePhone: +1-877-206-4253
OrgAbuseEmail: abuse@1and1.com
OrgAbuseRef: http://whois.arin.net/rest/poc/1AD-ARIN

OrgTechHandle: 1NO-ARIN
OrgTechName: 1and1 ARIN Role
OrgTechPhone: +1-610-560-1617
OrgTechEmail: arin-role@oneandone.net
OrgTechRef: http://whois.arin.net/rest/poc/1NO-ARIN

RNOCHandle: 1NO-ARIN
RNOCName: 1and1 ARIN Role
RNOCPhone: +1-610-560-1617
RNOCEmail: arin-role@oneandone.net
RNOCRef: http://whois.arin.net/rest/poc/1NO-ARIN

RAbuseHandle: 1AD-ARIN
RAbuseName: 1and1 Abuse Department
RAbusePhone: +1-877-206-4253
RAbuseEmail: abuse@1and1.com
RAbuseRef: http://whois.arin.net/rest/poc/1AD-ARIN

RTechHandle: 1NO-ARIN
RTechName: 1and1 ARIN Role
RTechPhone: +1-610-560-1617
RTechEmail: arin-role@oneandone.net
RTechRef: http://whois.arin.net/rest/poc/1NO-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.103.226.189

Hi,

The IP 202.103.226.189 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 202.103.226.189:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '202.103.192.0 - 202.103.255.255'

inetnum: 202.103.192.0 - 202.103.255.255
netname: CHINANET-GX
descr: CHINANET Guangxi province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: CR766-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GX
changed: hostmaster@ns.chinanet.cn.net 20000101
changed: hm-changed@apnic.net 20040906
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20041210
source: APNIC

role: CHINANET GUANGXI
address: No.35,Minzhu Road,Nanning 530015
country: CN
phone: +86-771-2815987
fax-no: +86-771-2839278
e-mail: hostmaster@gx163.net
remarks: send spam reports to hostmaster@gx163.net
remarks: send abuse reports to hostmaster@gx163.net
remarks: times in GMT+8
admin-c: CR76-AP
tech-c: BD37-AP
nic-hdl: CR766-AP
remarks: http://www.gx.cninfo.net
notify: hostmaster@gx163.net
mnt-by: MAINT-CHINANET-GX
changed: hostmaster@gx163.net 20021024
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 85.232.244.50

Hi,

The IP 85.232.244.50 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 85.232.244.50:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '85.232.244.0 - 85.232.244.255'

% Abuse contact for '85.232.244.0 - 85.232.244.255' is 'abuse@atman.pl'

inetnum: 85.232.244.0 - 85.232.244.255
netname: Domenomania-NET
descr: Domenomania.pl S.A.
descr: ul. Grabiszyńska 151
descr: 53-439 Wrocław
descr: Poland
country: PL
admin-c: LB1131-RIPE
tech-c: ATMA1-RIPE
status: ASSIGNED PA
mnt-by: ATMAN-MNT
source: RIPE # Filtered

role: ATMAN NOC
address: ATM S.A.
address: ul. Grochowska 21a
address: 04-186 Warsaw
address: Poland
phone: +48-22-5156900
fax-no: +48-22-5156777
admin-c: DZ124-RIPE
admin-c: AW1695-RIPE
admin-c: SSZ3-RIPE
admin-c: SO1041-RIPE
admin-c: MW2381-RIPE
admin-c: AB26186-RIPE
admin-c: KT2172-RIPE
tech-c: SSZ3-RIPE
tech-c: DZ124-RIPE
tech-c: AW1695-RIPE
tech-c: SO1041-RIPE
tech-c: MW2381-RIPE
tech-c: AB26186-RIPE
tech-c: KT2172-RIPE
nic-hdl: ATMA1-RIPE
mnt-by: ATMAN-MNT
source: RIPE # Filtered
abuse-mailbox: abuse@atman.pl

person: Lukasz Brekiesz
address: Middle.pl
address: ul. Walbrzyska 11/85
address: 02-739 Warszawa
address: POLAND
phone: +48 510556183
nic-hdl: LB1131-RIPE
mnt-by: ATMAN-MNT
source: RIPE # Filtered

% Information related to '85.232.224.0/19AS15694'

route: 85.232.224.0/19
descr: ATMAN (PL)
origin: AS15694
mnt-by: ATMAN-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 77.242.223.124

Hi,

The IP 77.242.223.124 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 77.242.223.124:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '77.242.214.0 - 77.242.223.255'

% Abuse contact for '77.242.214.0 - 77.242.223.255' is 'hostmaster@telecomitalia.sm'

inetnum: 77.242.214.0 - 77.242.223.255
netname: TISM-XDSL
descr: Telecom Italia San Marino S.p.A. is the International
descr: Telecomunications Company of the Republic of San Marino,
descr: entrusted to carry all the International services
descr: (Voice, Data and Added Value Services) of the Rupublic,
descr: where TISM is located and registered.
country: SM
admin-c: TISM1-RIPE
tech-c: TISM1-RIPE
remarks: rev-srv: dns.omniway.sm
remarks: rev-srv: dns.intelcom.sm
status: ASSIGNED PA
mnt-by: TISM-MNT
remarks: INFRA-AW
source: RIPE # Filtered
remarks: rev-srv attribute deprecated by RIPE NCC on 02/09/2009

person: Telecom Italia San Marino Hostmaster
address: Telecom Italia San Marino S.p.A.
address: Strada degli Angariari, 3
address: 47891 Rovereta
address: Republic of San Marino
phone: +378 0549 886111
fax-no: +378 0549 908654
nic-hdl: TISM1-RIPE
mnt-by: TISM-MNT
source: RIPE # Filtered

% Information related to '77.242.223.0/24AS15433'

route: 77.242.223.0/24
descr: TISM
origin: AS15433
mnt-by: TISM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.189.239.72

Hi,

The IP 222.189.239.72 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.189.239.72:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.184.0.0 - 222.191.255.255'

inetnum: 222.184.0.0 - 222.191.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040223
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 212.146.83.246

Hi,

The IP 212.146.83.246 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.146.83.246:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.146.83.0 - 212.146.83.255'

% Abuse contact for '212.146.83.0 - 212.146.83.255' is 'abuse@gtstelecom.ro'

inetnum: 212.146.83.0 - 212.146.83.255
netname: SPLIT-CUSTOMERS-212-146-83
descr: GTS TELECOM
country: RO
admin-c: GTRO1-RIPE
tech-c: GTRO1-RIPE
status: ASSIGNED PA
mnt-by: AS5606-MNT
source: RIPE # Filtered

role: GTS Telecom Romania Operations
address: GTS Telecom Romania
address: Electromagnetica Business Park
address: Calea Rahovei 266-268, Corp 3, Et. 1
address: 050912, Sector 5, Bucharest
address: Romania
phone: +40 31 220 0455
fax-no: +40 31 220 0299
abuse-mailbox: abuse@gtstelecom.ro
admin-c: VI2-RIPE
tech-c: CCM4-RIPE
tech-c: VI2-RIPE
nic-hdl: GTRO1-RIPE
mnt-by: AS5606-MNT
source: RIPE # Filtered

% Information related to '212.146.64.0/18AS5588'

route: 212.146.64.0/18
descr: GTS Telecom
descr: Member of GTS Central Europe
descr: Bucharest / ROMANIA
origin: AS5588
mnt-by: GTSCE-MNT
source: RIPE # Filtered

% Information related to '212.146.64.0/18AS5606'

route: 212.146.64.0/18
descr: GTS Telecom
descr: Member of GTS Central Europe
descr: Bucharest / ROMANIA
origin: AS5606
mnt-by: AS5606-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 60.190.186.202

Hi,

The IP 60.190.186.202 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 60.190.186.202:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '60.190.186.200 - 60.190.186.207'

inetnum: 60.190.186.200 - 60.190.186.207
netname: SHAOXING-TELECOM-LTD
country: CN
descr: Shaoxing Telecom Co.,Ltd
descr:
admin-c: FK82-AP
tech-c: CS64-AP
status: ASSIGNED NON-PORTABLE
changed: auto-dbm@dcb.hz.zj.cn 20081201
mnt-by: MAINT-CN-CHINANET-ZJ-SX
source: APNIC

role: CHINANET-ZJ Shaoxing
address: No.9 Sima Road,Shaoxing,Zhejiang.312000
country: CN
phone: +86-575-5136199
fax-no: +86-575-5114449
e-mail: anti-spam@mail.sxptt.zj.cn
remarks: send spam reports to anti-spam@mail.sxptt.zj.cn
remarks: and abuse reports to anti-spam@mail.sxptt.zj.cn
remarks: Please include detailed information and times in UTC
admin-c: CH109-AP
tech-c: CH109-AP
nic-hdl: CS64-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master@dcb.hz.zj.cn 20031204
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Feng Ke
nic-hdl: FK82-AP
e-mail: anti-spam@mail.sxptt.zj.cn
address: Shaoxing,Zhejiang.Postcode:312000
phone: +86-575-85880635
country: CN
changed: auto-dbm@dcb.hz.zj.cn 20081201
mnt-by: MAINT-CN-CHINANET-ZJ-SX
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 91.211.124.77

Hi,

The IP 91.211.124.77 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 91.211.124.77:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.211.124.0 - 91.211.127.255'

% Abuse contact for '91.211.124.0 - 91.211.127.255' is 'abuse@overta.ru'

inetnum: 91.211.124.0 - 91.211.127.255
netname: RTC-ORENBURG-NET
descr: CJSC "Comstar-Regions"
descr: Regional Technical Center CJSC
descr: affiliate RTC-Orenburg
descr: CJS Komstar-Regiony
country: RU
org: ORG-TOL1-RIPE
admin-c: OZ67-RIPE
tech-c: OZ67-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: MNT-RTC-ORENBURG
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: MNT-RTC-ORENBURG
mnt-domains: MNT-RTC-ORENBURG
source: RIPE # Filtered

organisation: ORG-TOL1-RIPE
org-name: CJSC "Comstar-Regions"
org-type: LIR
address: Privolgsky Branch CJSC "Comstar-Regions"
address: Aleksandr Volnov
address: Vavilova 38/114, Business Center "Kovcheg", 5 th Floor
address: 410017 Saratov
address: RUSSIAN FEDERATION
phone: +78452480003
fax-no: +78452489998
mnt-ref: OVERTA-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: NL799-RIPE
admin-c: EVK10-RIPE
admin-c: AG572-RIPE
admin-c: LY10-RIPE
admin-c: VVS41-RIPE
abuse-c: OIC2-RIPE
source: RIPE # Filtered

person: Oleg Zavalishin
address: RTC-Orenburg
address: 14,Karavannaya st.,
address: 460000 Orenburg Russia
phone: +7 3532 372111
fax-no: +7 3532 375204
nic-hdl: OZ67-RIPE
source: RIPE # Filtered
mnt-by: MNT-RTC-ORENBURG

% Information related to '91.211.124.0/24AS48612'

route: 91.211.124.0/24
descr: Regional Technical Center CJSC
descr: affiliate RTC-Orenburg
origin: AS48612
mnt-by: MNT-RTC-ORENBURG
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)

Regards,

Fail2Ban

Sunday, 15 December 2013

[Fail2Ban] SSH: banned 121.52.220.66

Hi,

The IP 121.52.220.66 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 121.52.220.66:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '121.52.216.0 - 121.52.223.255'

inetnum: 121.52.216.0 - 121.52.223.255
netname: TopnewNET
descr: Beijing Topnew Info&Tech co., LTD.
descr: No.9, Jintaili, Chaoyang District,
descr: Beijing, China 100026
country: CN
admin-c: LC1626-AP
tech-c: XW1364-AP
mnt-by: MAINT-AP-CNISP
mnt-irt: IRT-CNISP-CN
status: allocated non-portable
changed: ip@cnisp.org.cn 20130814
source: APNIC

irt: IRT-CNISP-CN
address: CNISP-Union Technology (Beijing) Co., Ltd
e-mail: ip@cnisp.org.cn
abuse-mailbox: ip@cnisp.org.cn
admin-c: DY1-AUTO
tech-c: WF1-AUTO
auth: # Filtered
mnt-by: MAINT-AP-CNISP
changed: ip@cnisp.org.cn 20101109
changed: hm-changed@apnic.net 20101111
source: APNIC

person: Li Chaocheng
nic-hdl: LC1626-AP
e-mail: lcc@topnew.cn
address: No.9 A Jintaili District Chaoyang Beijing China
phone: +10-52081208
fax-no: +10-52081280
country: CN
changed: ipas@cnnic.cn 20081103
mnt-by: MAINT-CN-PUTIAN
source: APNIC

person: Xiaoli Wang
nic-hdl: XW1364-AP
e-mail: wxl@topnew.cn
address: No.9 A Jintaili District Chaoyang Beijing China
phone: +10-52081238
fax-no: +10-52081280
country: CN
changed: ipas@cnnic.cn 20081103
mnt-by: MAINT-CN-PUTIAN
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.172.23.11

Hi,

The IP 198.172.23.11 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.172.23.11:

[Querying whois.arin.net]
[Redirected to rwhois.gin.ntt.net:4321]
[Querying rwhois.gin.ntt.net]
[rwhois.gin.ntt.net]
%rwhois V-1.5:0078b6:00 rwhois.gin.ntt.net (Vipar 0.1a. Comments to vipar@us.ntt.net)
network:Class-Name:network
network:Auth-Area:198.172.20.0/22
network:ID:NETBLK-W015-198-172-23-0-24.127.0.0.1/32
network:Handle:NETBLK-W015-198-172-23-0-24
network:Network-Name:W015-198-172-23-0-24
network:IP-Network:198.172.23.0/24
network:In-Addr-Server;I:NS8629-HST.127.0.0.1/32
network:In-Addr-Server;I:NS8630-HST.127.0.0.1/32
network:IP-Network-Block:198.172.23.0
- 198.172.23.255
network:Org-Name:Verio Web Hosting - Orem
network:Street-Address:1203 North Research Way
network:City:Orem
network:State:UT
network:Postal-Code:84097
network:Country-Code:US
network:Tech-Contact;I:IA20254-VRIO.127.0.0.1/32
network:Created:2010-05-18 16:12:57.580695+00
network:Updated:2010-05-18 16:12:57.580695+00

network:Class-Name:network
network:Auth-Area:198.172.20.0/22
network:ID:NETBLK-W015-198-172-020.127.0.0.1/32
network:Handle:NETBLK-W015-198-172-020
network:Network-Name:W015-198-172-020
network:IP-Network:198.172.20.0/22
network:In-Addr-Server;I:NS3820-VRIO-HST.127.0.0.1/32
network:In-Addr-Server;I:NS3821-VRIO-HST.127.0.0.1/32
network:IP-Network-Block:198.172.20.0
- 198.172.23.255
network:Org-Name:Verio Web Hosting - Orem
network:Street-Address:1203 North Research Way
network:City:Orem
network:State:UT
network:Postal-Code:84097
network:Country-Code:US
network:Tech-Contact;I:IA20254-VRIO.127.0.0.1/32
network:Created:2009-07-21 22:04:14.931405+00
network:Updated:2009-07-21 22:04:14.931405+00

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.160.251.140

Hi,

The IP 61.160.251.140 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.160.251.140:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.160.0.0 - 61.160.255.255'

inetnum: 61.160.0.0 - 61.160.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.160.0.0/16AS23650'

route: 61.160.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.202.2.135

Hi,

The IP 211.202.2.135 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.202.2.135:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 211.202.2.135


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.200.0.0 - 211.205.255.255 (/14+/15)
서비스명 : broadNnet
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울특별ì&lsqauo;œ ì¤'구 퇴계로 24, SK남산그린빌ë"© (남대문로5ê°€)
우편번호 : 100-711
í• ë&lsqauo;¹ì¼ìž : 20000823

[ IPv4주소 책임자 정보 ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : abuse@skbroadband.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.202.0.0 - 211.202.3.255 (/22)
네트워크 이름 : HANANET-INFRA
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울특별ì&lsqauo;œ ì¤'구 퇴계로 24, SK남산그린빌ë"© (남대문로5ê°€)
우편번호 : 100-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20041015
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
기관명 : broadNnet
주소 : 서울특별ì&lsqauo;œ ì¤'구 퇴계로 24, SK남산그린빌ë"© (남대문로5ê°€)
우편번호 : 100-711
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 211.200.0.0 - 211.205.255.255 (/14+/15)
Service Name : broadNnet
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Jung-gu Toegye-ro
Zip Code : 100-711
Registration Date : 20000823

[ Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@skbroadband.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 211.202.0.0 - 211.202.3.255 (/22)
Network Name : HANANET-INFRA
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Jung-gu Toegye-ro
Zip Code : 100-711
Registration Date : 20041015
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : SK Broadband Co Ltd
Address : 267, Seoul Jung-gu Toegye-ro
Zip Code : 100-711
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 190.114.254.151

Hi,

The IP 190.114.254.151 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 190.114.254.151:

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2013-12-15 12:01:15 (BRST -02:00)

inetnum: 190.114.252/22
status: allocated
aut-num: N/A
owner: ZAM LTDA.
ownerid: CL-ZALT-LACNIC
responsible: Chi-Yin Feng
address: Arturo Prat, 549,
address: 3341656 - Curico - MA
country: CL
phone: +56 75 543220 []
owner-c: CCF3
tech-c: CCF3
abuse-c: ZAL2
inetrev: 190.114.252/22
nserver: NS1.NSPRIVADO.NET
nsstat: 20131215 AA
nslastaa: 20131215
nserver: NS2.NSPRIVADO.NET
nsstat: 20131215 AA
nslastaa: 20131215
created: 20120227
changed: 20120812

nic-hdl: CCF3
person: Chan Chun Feng
e-mail: lacnic@ZAMLTDA.COM
address: Arturo Prat, 549,
address: 3341656 - Curico - MA
country: CL
phone: +56 75 543220 [1]
created: 20111227
changed: 20131118

nic-hdl: ZAL2
person: Zam Ltda
e-mail: abuso@ZAMLTDA.COM
address: Arturo Prat, 549,
address: 3341656 - Curico - Ma
country: CL
phone: +56 75 543220 []
created: 20120703
changed: 20120703

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.4.79.69

Hi,

The IP 122.4.79.69 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 122.4.79.69:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.4.0.0 - 122.7.255.255'

inetnum: 122.4.0.0 - 122.7.255.255
netname: CHINANET-SD
descr: CHINANET SHANDONG PROVINCE NETWORK
descr: Shandong Telecom Corporation
descr: No.999,Shunhua road,Jinan,Shandong
country: CN
admin-c: XR55-AP
tech-c: CH93-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-SD
mnt-routes: MAINT-CHINANET-SD
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20060920
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: Xin Ruosheng
nic-hdl: XR55-AP
e-mail: ipreport@sdtele.com
address: No.999, road Shunhua, Jinan, Shandong province,China
phone: +86-531-83190000
fax-no: +86-531-83190000
country: CN
changed: ipreport@sdtele.com 20060905
mnt-by: MAINT-CHINANET-SD
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 60.169.22.118

Hi,

The IP 60.169.22.118 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 60.169.22.118:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '60.166.0.0 - 60.175.255.255'

inetnum: 60.166.0.0 - 60.175.255.255
netname: CHINANET-AH
descr: CHINANET anhui province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: JW89-AP
mnt-by: APNIC-HM
mnt-routes: MAINT-CHINANET-AH
mnt-lower: MAINT-CHINANET-AH
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20040721
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: Jinneng Wang
address: 17/F, Postal Building No.120 Changjiang
address: Middle Road, Hefei, Anhui, China
country: CN
phone: +86-551-2659073
fax-no: +86-551-2659287
e-mail: wang@mail.hf.ah.cninfo.net
nic-hdl: JW89-AP
mnt-by: MAINT-NEW
changed: wang@mail.hf.ah.cninfo.net 19990818
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 195.154.15.225

Hi,

The IP 195.154.15.225 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 195.154.15.225:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '195.154.0.0 - 195.154.127.255'

% Abuse contact for '195.154.0.0 - 195.154.127.255' is 'abuse@proxad.net'

inetnum: 195.154.0.0 - 195.154.127.255
netname: FR-ILIAD-ENTREPRISES-CUSTOMERS
descr: Iliad Entreprises Customers
country: FR
admin-c: IENT-RIPE
tech-c: IENT-RIPE
status: LIR-PARTITIONED PA
mnt-by: MNT-TISCALIFR-B2B
source: RIPE # Filtered

role: Iliad Entreprises Admin and Tech Contact
remarks: Iliad Entreprises is an hosting and services provider
address: 8, rue de la ville l'eveque
address: 75008 Paris
address: France
phone: +33 1 73 50 20 00
fax-no: +33 1 73 50 29 01
abuse-mailbox: abuse@online.net
tech-c: NLI-RIPE
nic-hdl: IENT-RIPE
mnt-by: ONLINE-NET-MNT
source: RIPE # Filtered

% Information related to '195.154.0.0/16AS12876'

route: 195.154.0.0/16
descr: Online SAS
descr: Paris, France
origin: AS12876
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 103.23.244.22

Hi,

The IP 103.23.244.22 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 103.23.244.22:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '103.23.244.0 - 103.23.244.255'

inetnum: 103.23.244.0 - 103.23.244.255
netname: UPI-ID
descr: Universitas Pendidikan Indonesia
descr: University / Direct Member IDNIC
descr: Jl. Dr. Setiabudhi no. 229
descr: Bandung Jawa Barat
country: ID
admin-c: MRS8-AP
tech-c: MRS8-AP
remarks: Send Spam& Abuse Reports to munir@upi.edu
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-UPI
mnt-irt: IRT-UPI-ID
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20111212
changed: hostmaster@idnic.net 20111219
source: APNIC

irt: IRT-UPI-ID
address: Universitas Pendidikan Indonesia
address: Jl. Dr. Setiabudhi no. 229
address: Bandung Jawa Barat
e-mail: munir@upi.edu
abuse-mailbox: munir@upi.edu
admin-c: MRS8-AP
tech-c: MRS8-AP
auth: # Filtered
mnt-by: MAINT-ID-UPI
changed: munir@upi.edu 20111216
source: APNIC

person: Moh Riky Saadilah
address: Jl. Dr.Setiabudhi No. 229
address: Bandung 40154
address: Jawa Barat - Indonesia
country: ID
phone: +62-22-70619000
fax-no: +62-22-2013651
e-mail: riky@upi.edu
nic-hdl: MRS8-AP
mnt-by: MAINT-ID-UPI
changed: hostmaster@idnic.net 20111202
source: APNIC

% Information related to '103.23.244.0/24AS18394'

route: 103.23.244.0/24
descr: Universitas Pendidikan Indonesia
descr: University / Direct Member IDNIC
descr: Jl. Dr. Setiabudhi no. 229
descr: Bandung - Jawa Barat
country: ID
origin: AS18394
mnt-by: MAINT-ID-UPI
changed: hostmaster@telkom.net.id 20111223
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 206.220.193.189

Hi,

The IP 206.220.193.189 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 206.220.193.189:

[Querying whois.arin.net]
[Redirected to rwhois.voinetworks.net:4321]
[Querying rwhois.voinetworks.net]
[rwhois.voinetworks.net]
%rwhois V-1.5:003eff:00 rwhois.voinetworks.net (by Network Solutions, Inc. V-1.5.9.6)
network:Class-Name:network
network:ID:206.220.193.160/27
network:Auth-Area:206.220.192.0/21
network:Network-Name:QKSTREAM-206.220.193.160/27
network:IP-Network:206.220.193.160/27
network:IP-Network-Block:206.220.193.160
- 206.220.193.191
network:Organization;I:QuickStream Wireless Internet
network:Created:20121212
network:Updated:20121214
network:Updated-By:internet.operations@noc.voinetworks.net

network:Class-Name:network
network:ID:NETBLK-VOINET.206.220.192.0/21
network:Auth-Area:206.220.192.0/21
network:Network-Name:VOINET-1
network:IP-Network:206.220.192.0/21
network:IP-Network-Block:206.220.192.0
- 206.220.199.255
network:Organization;I:Voi Networks Inc
network:Tech-Contact;I:internet.operations@noc.voinetworks.net
network:Admin-Contact;I:NETWO2905-ARIN
network:Created:20081201
network:Updated:20121212
network:Updated-By:internet.operations@noc.voinetworks.net

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 142.0.41.156

Hi,

The IP 142.0.41.156 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 142.0.41.156:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 142.0.41.156"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=142.0.41.156?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 142.0.32.0 - 142.0.47.255
CIDR: 142.0.32.0/20
OriginAS: AS46664
NetName: VOLUM-ARIN
NetHandle: NET-142-0-32-0-1
Parent: NET-142-0-0-0-0
NetType: Direct Allocation
RegDate: 2012-05-30
Updated: 2012-05-30
Ref: http://whois.arin.net/rest/net/NET-142-0-32-0-1

OrgName: VolumeDrive
OrgId: VOLUM-2
Address: 1143 Northern Blvd
City: Clarks Summit
StateProv: PA
PostalCode: 18411
Country: US
RegDate: 2008-08-26
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/VOLUM-2

OrgAbuseHandle: VOLUM1-ARIN
OrgAbuseName: VolumeDrive POC
OrgAbusePhone: +1-862-266-1083
OrgAbuseEmail: info@volumedrive.com
OrgAbuseRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN

OrgTechHandle: VOLUM1-ARIN
OrgTechName: VolumeDrive POC
OrgTechPhone: +1-862-266-1083
OrgTechEmail: info@volumedrive.com
OrgTechRef: http://whois.arin.net/rest/poc/VOLUM1-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

Saturday, 14 December 2013

[Fail2Ban] SSH: banned 1.93.26.149

Hi,

The IP 1.93.26.149 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 1.93.26.149:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '1.93.0.0 - 1.93.255.255'

inetnum: 1.93.0.0 - 1.93.255.255
netname: HSOFT
descr: Beijing hsoft technologies inc
descr: Beijing City, Haidian District Madian 8 South Road
descr: crown sea building three layer
country: CN
admin-c: ZT587-AP
tech-c: ZT587-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20121122
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Zhang Tao
address: Beijing City, Haidian District Madian 8 South Road crown sea building three layer
country: CN
phone: +86-13051336272
e-mail: 13051336272@wo.com.cn
nic-hdl: ZT587-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20121107
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 125.140.114.215

Hi,

The IP 125.140.114.215 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 125.140.114.215:

[Querying whois.apnic.net]
[Redirected to whois.nic.or.kr]
[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 125.140.114.215


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 125.128.0.0 - 125.159.255.255 (/11)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90 (정자동) 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20050822

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
네트워크 이름 : KORNET-INFRA000001
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로
우편번호 : 463-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20130320
공개여부 : N

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
기관명 : KORNET
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로
우편번호 : 463-711
전자우편 : kornet_ip@kt.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 125.128.0.0 - 125.159.255.255 (/11)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20050822

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
Network Name : KORNET-INFRA000001
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20130320
Publishes : N

[ Technical Contact Information ]
Organization Name : Korea Telecom
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
E-Mail : kornet_ip@kt.com


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.189.239.126

Hi,

The IP 222.189.239.126 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.189.239.126:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.184.0.0 - 222.191.255.255'

inetnum: 222.184.0.0 - 222.191.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040223
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.147.116.54

Hi,

The IP 61.147.116.54 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.116.54:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 123.232.122.162

Hi,

The IP 123.232.122.162 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 123.232.122.162:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '123.232.122.160 - 123.232.122.175'

inetnum: 123.232.122.160 - 123.232.122.175
netname: JN-jnsjswyh
country: CN
descr: JiNan-JINANSHIJIANSHEWEIYUANHUI
admin-c: DS95-AP
tech-c: DS95-AP
status: ASSIGNED NON-PORTABLE
changed: ip@sdinfo.net 20071231
mnt-by: MAINT-CNCGROUP-SD
source: APNIC

person: Data Communication Bureau Shandong
nic-hdl: DS95-AP
e-mail: ip@sdinfo.net
address: No.77 Jingsan Road,Jinan,Shandong,P.R.China
phone: +86-531-6052611
fax-no: +86-531-6052414
country: CN
changed: ip@sdinfo.net 20050330
mnt-by: MAINT-CNCGROUP-SD
source: APNIC

% Information related to '123.232.0.0/14AS4837'

route: 123.232.0.0/14
descr: CNC Group CHINA169 Shandong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20070215
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.104.100.90

Hi,

The IP 211.104.100.90 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.104.100.90:

[Querying whois.nic.or.kr]
[whois.nic.or.kr]
query : 211.104.100.90


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.104.0.0 - 211.105.255.255 (/15)
서비스명 : KORNET
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90 (정자동) 한국통ì&lsqauo;  e-Biz본부 기획팀
우편번호 : 463-711
í• ë&lsqauo;¹ì¼ìž : 20000424

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : kornet_ip@kt.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 스팸/해킹ë&lsqauo;´ë&lsqauo;¹
ì „í™"번호 : +82-2-100-0000
전자우편 : abuse@kornet.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
네트워크 이름 : KORNET-INFRA000001
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
기관고유번호 : ORG1600
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로
우편번호 : 463-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20120307
공개여부 : N

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
기관명 : KORNET
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로
우편번호 : 463-711
전자우편 : kornet_ip@kt.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 211.104.0.0 - 211.105.255.255 (/15)
Service Name : KORNET
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : 206, Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20000424

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Tech Contact Information ]
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : kornet_ip@kt.com

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-100-0000
E-Mail : abuse@kornet.net

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
Network Name : KORNET-INFRA000001
Organization Name : Korea Telecom
Organization ID : ORG1600
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
Registration Date : 20120307
Publishes : N

[ Technical Contact Information ]
Organization Name : Korea Telecom
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro
Zip Code : 463-711
E-Mail : kornet_ip@kt.com


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban