HideMyAss.com

Sunday, 5 January 2014

[Fail2Ban] SSH: banned 103.23.244.22

Hi,

The IP 103.23.244.22 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 103.23.244.22:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '103.23.244.0 - 103.23.244.255'

inetnum: 103.23.244.0 - 103.23.244.255
netname: UPI-ID
descr: Universitas Pendidikan Indonesia
descr: University / Direct Member IDNIC
descr: Jl. Dr. Setiabudhi no. 229
descr: Bandung Jawa Barat
country: ID
admin-c: MRS8-AP
tech-c: MRS8-AP
remarks: Send Spam& Abuse Reports to munir@upi.edu
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-UPI
mnt-irt: IRT-UPI-ID
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20111212
changed: hostmaster@idnic.net 20111219
source: APNIC

irt: IRT-UPI-ID
address: Universitas Pendidikan Indonesia
address: Jl. Dr. Setiabudhi no. 229
address: Bandung Jawa Barat
e-mail: munir@upi.edu
abuse-mailbox: munir@upi.edu
admin-c: MRS8-AP
tech-c: MRS8-AP
auth: # Filtered
mnt-by: MAINT-ID-UPI
changed: munir@upi.edu 20111216
source: APNIC

person: Moh Riky Saadilah
address: Jl. Dr.Setiabudhi No. 229
address: Bandung 40154
address: Jawa Barat - Indonesia
country: ID
phone: +62-22-70619000
fax-no: +62-22-2013651
e-mail: riky@upi.edu
nic-hdl: MRS8-AP
mnt-by: MAINT-ID-UPI
changed: hostmaster@idnic.net 20111202
source: APNIC

% Information related to '103.23.244.0/24AS18394'

route: 103.23.244.0/24
descr: Universitas Pendidikan Indonesia
descr: University / Direct Member IDNIC
descr: Jl. Dr. Setiabudhi no. 229
descr: Bandung - Jawa Barat
country: ID
origin: AS18394
mnt-by: MAINT-ID-UPI
changed: hostmaster@telkom.net.id 20111223
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 89.248.172.58

Hi,

The IP 89.248.172.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 89.248.172.58:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '89.248.172.58 - 89.248.172.61'

% Abuse contact for '89.248.172.58 - 89.248.172.61' is 'admin@ecatel.net'

inetnum: 89.248.172.58 - 89.248.172.61
netname: NL-ALTUSHOST
descr: AltusHost.com
country: NL
admin-c: EL25-RIPE
tech-c: EL25-RIPE
status: ASSIGNED PA
mnt-by: ECATEL-MNT
mnt-lower: ECATEL-MNT
mnt-routes: ECATEL-MNT
source: RIPE # Filtered

role: Ecatel LTD
address: P.O.Box 19533
address: 2521 CA The Hague
address: Netherlands
abuse-mailbox: abuse@ecatel.info
remarks: ----------------------------------------------------
remarks: ECATEL LTD
remarks: Dedicated and Co-location hosting services
remarks: ----------------------------------------------------
remarks: for abuse complaints : abuse@ecatel.info
remarks: for any other questions : info@ecatel.info
remarks: ----------------------------------------------------
admin-c: EL25-RIPE
tech-c: EL25-RIPE
nic-hdl: EL25-RIPE
mnt-by: ECATEL-MNT
source: RIPE # Filtered

% Information related to '89.248.172.0/23AS29073'

route: 89.248.172.0/23
descr: AS29073, Route object
origin: AS29073
mnt-by: ECATEL-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.13.103.134

Hi,

The IP 198.13.103.134 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.13.103.134:

[Querying whois.arin.net]
[Redirected to rwhois.psychz.net:4321]
[Querying rwhois.psychz.net]
[rwhois.psychz.net]
%rwhois V-1.0,V-1.5:00090h:00 portal.psychz.net (Ubersmith RWhois Server V-2.3.0)
autharea=198.13.96.0/19
xautharea=198.13.96.0/19
network:Class-Name:network
network:Auth-Area:198.13.96.0/19
network:ID:NET-13379.198.13.103.128/28
network:Network-Name:198.13.103.128/28
network:IP-Network:198.13.103.128/28
network:IP-Network-Block:198.13.103.128
- 198.13.103.143
network:Org-Name:heiying
network:Street-Address:152 Lexington Eldes Avenue, 66th Floor, Room 808
network:City:Lexington
network:State:CT
network:Postal-Code:11355
network:Country-Code:US
network:Tech-Contact:MAINT-13379.198.13.103.128/28
network:Created:20130102233311000
network:Updated:20130102233311000
network:Updated-By:abuse@psychz.net
contact:POC-Name:Network Administrator
contact:POC-Email:abuse@psychz.net
contact:POC-Phone:
contact:Tech-Name:Network Administrator
contact:Tech-Email:abuse@psychz.net
contact:Tech-Phone:
%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 50.30.33.6

Hi,

The IP 50.30.33.6 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 50.30.33.6:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 50.30.33.6"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=50.30.33.6?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 50.30.32.0 - 50.30.47.255
CIDR: 50.30.32.0/20
OriginAS: AS30083
NetName: HSI-4
NetHandle: NET-50-30-32-0-1
Parent: NET-50-0-0-0-0
NetType: Direct Allocation
RegDate: 2011-01-21
Updated: 2013-03-18
Ref: http://whois.arin.net/rest/net/NET-50-30-32-0-1

OrgName: Hosting Solutions International, Inc.
OrgId: SERVE-6
Address: 210 North Tucker Blvd.
Address: Suite 910
City: Saint Louis
StateProv: MO
PostalCode: 63101
Country: US
RegDate: 2003-04-15
Updated: 2013-03-25
Comment: Please forward abuse complaints to abuse@hostingsolutionsinternational.com
Ref: http://whois.arin.net/rest/org/SERVE-6

OrgAbuseHandle: HAD16-ARIN
OrgAbuseName: HSI Abuse Department
OrgAbusePhone: +1-314-266-3638
OrgAbuseEmail: abuse@hostingsolutionsinternational.com
OrgAbuseRef: http://whois.arin.net/rest/poc/HAD16-ARIN

OrgNOCHandle: SWI19-ARIN
OrgNOCName: Wintz, Sascha
OrgNOCPhone: +1-314-480-6840
OrgNOCEmail: s.wintz@hostingsolutionsinternational.com
OrgNOCRef: http://whois.arin.net/rest/poc/SWI19-ARIN

OrgTechHandle: SWI19-ARIN
OrgTechName: Wintz, Sascha
OrgTechPhone: +1-314-480-6840
OrgTechEmail: s.wintz@hostingsolutionsinternational.com
OrgTechRef: http://whois.arin.net/rest/poc/SWI19-ARIN

RTechHandle: SWI19-ARIN
RTechName: Wintz, Sascha
RTechPhone: +1-314-480-6840
RTechEmail: s.wintz@hostingsolutionsinternational.com
RTechRef: http://whois.arin.net/rest/poc/SWI19-ARIN

RNOCHandle: SWI19-ARIN
RNOCName: Wintz, Sascha
RNOCPhone: +1-314-480-6840
RNOCEmail: s.wintz@hostingsolutionsinternational.com
RNOCRef: http://whois.arin.net/rest/poc/SWI19-ARIN

RAbuseHandle: HAD16-ARIN
RAbuseName: HSI Abuse Department
RAbusePhone: +1-314-266-3638
RAbuseEmail: abuse@hostingsolutionsinternational.com
RAbuseRef: http://whois.arin.net/rest/poc/HAD16-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

Saturday, 4 January 2014

[Fail2Ban] SSH: banned 87.106.251.18

Hi,

The IP 87.106.251.18 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 87.106.251.18:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '87.106.240.0 - 87.106.255.255'

% Abuse contact for '87.106.240.0 - 87.106.255.255' is 'abuse@oneandone.net'

inetnum: 87.106.240.0 - 87.106.255.255
netname: SCHLUND-CUSTOMERS
descr: 1&1 Internet AG
country: DE
org: ORG-SA12-RIPE
admin-c: IPAD-RIPE
tech-c: IPOP-RIPE
status: ASSIGNED PA
remarks: For abuse issues, please use only abuse@oneandone.net
mnt-by: AS8560-MNT
source: RIPE # Filtered

organisation: ORG-SA12-RIPE
org-name: 1&1 Internet AG
org-type: LIR
address: 1&1 Internet AG Axel Fischer Brauerstr.48 76135 Karlsruhe GERMANY
phone: +49 721 91374 0
fax-no: +49 721 91374 212
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: AS8560-MNT
mnt-ref: SCHLUND-MNT
mnt-by: RIPE-NCC-HM-MNT
admin-c: IPAD-RIPE
admin-c: RME9-RIPE
admin-c: AFI5-RIPE
admin-c: JR2342-RIPE
abuse-c: ABDE2-RIPE
source: RIPE # Filtered

role: IP Administration
address: 1&1 Internet AG
admin-c: AFI5-RIPE
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
admin-c: LTO3-RIPE
admin-c: ZIG-RIPE
admin-c: MI-RIPE
admin-c: MINK-RIPE
admin-c: VR-RIPE
tech-c: AFI5-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
tech-c: LTO3-RIPE
nic-hdl: IPAD-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
source: RIPE # Filtered

role: IP Operations
address: 1&1 Internet AG
admin-c: AFI5-RIPE
admin-c: RME9-RIPE
admin-c: JR2342-RIPE
admin-c: LTO3-RIPE
tech-c: AFI5-RIPE
tech-c: RME9-RIPE
tech-c: JR2342-RIPE
tech-c: LTO3-RIPE
nic-hdl: IPOP-RIPE
abuse-mailbox: abuse@oneandone.net
mnt-by: AS8560-MNT
source: RIPE # Filtered

% Information related to '87.106.0.0/16AS8560'

route: 87.106.0.0/16
descr: SCHLUND-PA-5
origin: AS8560
mnt-by: AS8560-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 162.243.132.27

Hi,

The IP 162.243.132.27 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 162.243.132.27:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 162.243.132.27"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=162.243.132.27?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 162.243.0.0 - 162.243.255.255
CIDR: 162.243.0.0/16
OriginAS: AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-7
NetHandle: NET-162-243-0-0-1
Parent: NET-162-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2013-09-06
Updated: 2013-09-06
Ref: http://whois.arin.net/rest/net/NET-162-243-0-0-1


OrgName: Digital Ocean, Inc.
OrgId: DO-13
Address: 270 Lafayette St
Address: Suite 1105
City: New York
StateProv: NY
PostalCode: 10012
Country: US
RegDate: 2012-05-14
Updated: 2013-12-12
Ref: http://whois.arin.net/rest/org/DO-13

OrgAbuseHandle: URETS-ARIN
OrgAbuseName: Uretsky, Ben
OrgAbusePhone: +1-646-397-8051
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: http://whois.arin.net/rest/poc/URETS-ARIN

OrgTechHandle: URETS-ARIN
OrgTechName: Uretsky, Ben
OrgTechPhone: +1-646-397-8051
OrgTechEmail: abuse@digitalocean.com
OrgTechRef: http://whois.arin.net/rest/poc/URETS-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 208.43.87.82

Hi,

The IP 208.43.87.82 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 208.43.87.82:

[Querying whois.arin.net]
[Redirected to rwhois.softlayer.com:4321]
[Querying rwhois.softlayer.com]
[rwhois.softlayer.com]
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.208.43.64.0/19
network:Auth-Area:208.43.64.0/19
network:Network-Name:SOFTLAYER-208.43.64.0
network:IP-Network:208.43.87.80/29
network:IP-Network-Block:208.43.87.80-208.43.87.87

network:Organization;I:sievenpark
network:Street-Address:nexter BLDG 176-21 Nonhyun-dong, Gangnam-Gu
network:City:seoul
network:Postal-Code:135-010
network:Country-Code:KR
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:jbkim@sieven.co.kr
network:Admin-Contact;I:IPADM258-ARIN
network:Created:2013-12-26 06:13:53
network:Updated:2013-12-26 06:14:18
network:Updated-By:ipadmin@softlayer.com

%ok

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 211.202.2.162

Hi,

The IP 211.202.2.162 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 211.202.2.162:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 211.202.2.162


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.200.0.0 - 211.205.255.255 (/14+/15)
서비스명 : broadNnet
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울특별ì&lsqauo;œ ì¤'구 퇴계로 24, SK남산그린빌ë"© (남대문로5ê°€)
우편번호 : 100-711
í• ë&lsqauo;¹ì¼ìž : 20000823

[ IPv4주소 책임자 정보 ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
ì „í™"번호 : +82-2-106-2
전자우편 : abuse@skbroadband.com

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 211.202.0.0 - 211.202.3.255 (/22)
네트워크 이름 : HANANET-INFRA
기관명 : 에스케이브로ë"œë°´ë"œì£¼ì&lsqauo;íšŒì‚¬
기관고유번호 : ORG3930
주소 : 서울특별ì&lsqauo;œ ì¤'구 퇴계로 24, SK남산그린빌ë"© (남대문로5ê°€)
우편번호 : 100-711
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20041015
공개여부 : Y

[ 네트워크 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : 관리자
기관명 : broadNnet
주소 : 서울특별ì&lsqauo;œ ì¤'구 퇴계로 24, SK남산그린빌ë"© (남대문로5ê°€)
우편번호 : 100-711
ì „í™"번호 : +82-2-106-2
전자우편 : ip-adm@skbroadband.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 211.200.0.0 - 211.205.255.255 (/14+/15)
Service Name : broadNnet
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Jung-gu Toegye-ro
Zip Code : 100-711
Registration Date : 20000823

[ Admin Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Tech Contact Information ]
Name : IP manager
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com

[ Network Abuse Contact Information ]
Name : manager
Phone : +82-2-106-2
E-Mail : abuse@skbroadband.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 211.202.0.0 - 211.202.3.255 (/22)
Network Name : HANANET-INFRA
Organization Name : SK Broadband Co Ltd
Organization ID : ORG3930
Address : 267, Seoul Jung-gu Toegye-ro
Zip Code : 100-711
Registration Date : 20041015
Publishes : Y

[ Technical Contact Information ]
Name : IP manager
Organization Name : SK Broadband Co Ltd
Address : 267, Seoul Jung-gu Toegye-ro
Zip Code : 100-711
Phone : +82-2-106-2
E-Mail : ip-adm@skbroadband.com


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 162.243.74.184

Hi,

The IP 162.243.74.184 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 162.243.74.184:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 162.243.74.184"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=162.243.74.184?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 162.243.0.0 - 162.243.255.255
CIDR: 162.243.0.0/16
OriginAS: AS14061, AS62567, AS46652
NetName: DIGITALOCEAN-7
NetHandle: NET-162-243-0-0-1
Parent: NET-162-0-0-0-0
NetType: Direct Allocation
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
RegDate: 2013-09-06
Updated: 2013-09-06
Ref: http://whois.arin.net/rest/net/NET-162-243-0-0-1


OrgName: Digital Ocean, Inc.
OrgId: DO-13
Address: 270 Lafayette St
Address: Suite 1105
City: New York
StateProv: NY
PostalCode: 10012
Country: US
RegDate: 2012-05-14
Updated: 2013-12-12
Ref: http://whois.arin.net/rest/org/DO-13

OrgAbuseHandle: URETS-ARIN
OrgAbuseName: Uretsky, Ben
OrgAbusePhone: +1-646-397-8051
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: http://whois.arin.net/rest/poc/URETS-ARIN

OrgTechHandle: URETS-ARIN
OrgTechName: Uretsky, Ben
OrgTechPhone: +1-646-397-8051
OrgTechEmail: abuse@digitalocean.com
OrgTechRef: http://whois.arin.net/rest/poc/URETS-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 89.248.172.58

Hi,

The IP 89.248.172.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 89.248.172.58:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '89.248.172.58 - 89.248.172.61'

% Abuse contact for '89.248.172.58 - 89.248.172.61' is 'admin@ecatel.net'

inetnum: 89.248.172.58 - 89.248.172.61
netname: NL-ALTUSHOST
descr: AltusHost.com
country: NL
admin-c: EL25-RIPE
tech-c: EL25-RIPE
status: ASSIGNED PA
mnt-by: ECATEL-MNT
mnt-lower: ECATEL-MNT
mnt-routes: ECATEL-MNT
source: RIPE # Filtered

role: Ecatel LTD
address: P.O.Box 19533
address: 2521 CA The Hague
address: Netherlands
abuse-mailbox: abuse@ecatel.info
remarks: ----------------------------------------------------
remarks: ECATEL LTD
remarks: Dedicated and Co-location hosting services
remarks: ----------------------------------------------------
remarks: for abuse complaints : abuse@ecatel.info
remarks: for any other questions : info@ecatel.info
remarks: ----------------------------------------------------
admin-c: EL25-RIPE
tech-c: EL25-RIPE
nic-hdl: EL25-RIPE
mnt-by: ECATEL-MNT
source: RIPE # Filtered

% Information related to '89.248.172.0/23AS29073'

route: 89.248.172.0/23
descr: AS29073, Route object
origin: AS29073
mnt-by: ECATEL-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 196.200.176.92

Hi,

The IP 196.200.176.92 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 196.200.176.92:

[Querying whois.afrinic.net]
[whois.afrinic.net]
% This is the AfriNIC Whois server.

% Note: this output has been filtered.

% Information related to '196.200.176.0 - 196.200.176.255'

inetnum: 196.200.176.0 - 196.200.176.255
netname: ma-marwan-ucam
descr: Universite Cadi Ayyad - Marrekech -
country: MA
admin-c: MEMB2-AFRINIC
tech-c: MEMB2-AFRINIC
status: ASSIGNED PA
mnt-by: MARWAN-MNT
mnt-lower: MARWAN-MNT
mnt-domains: MARWAN-MNT
source: AFRINIC # Filtered
parent: 196.200.128.0 - 196.200.191.255

person: My El Mehdi Bouhamidi
address: Universite Cadi Ayyad - Marrekech -
address: Presidence Universite Cadi Ayyad
address: Avenue Prince My Abdellah BP 511 - 40000- Marrakech
address: Morocco
phone: +212 24 43 48 13
phone: +212 60 40 42 24
fax-no: +212 24 43 44 94
e-mail: Bouhamidi@ucam.ac.ma
nic-hdl: MEMB2-AFRINIC
source: AFRINIC # Filtered

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.164.110.130

Hi,

The IP 61.164.110.130 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.164.110.130:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.164.108.0 - 61.164.111.255'

inetnum: 61.164.108.0 - 61.164.111.255
netname: RUIAN-TELECOM
country: CN
descr: Ruian Telecom
descr:
admin-c: ZH1429-AP
tech-c: CW27-AP
status: ASSIGNED NON-PORTABLE
changed: auto-dbm@dcb.hz.zj.cn 20080715
mnt-by: MAINT-CN-CHINANET-ZJ-WZ
source: APNIC

role: CHINANET-ZJ Wenzhou
address: No.2-1 Huancheng Road(East),Wenzhou,Zhejiang.325000
country: CN
phone: +86-577-88818629
fax-no: +86-577-88818635
e-mail: anti_spam@wz.zj.cn
remarks: send spam reports to anti_spam@wz.zj.cn
remarks: and abuse reports to anti_spam@wz.zj.cn
remarks: Please include detailed information and times in UTC
admin-c: CH117-AP
tech-c: CH117-AP
nic-hdl: CW27-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master@dcb.hz.zj.cn 20031204
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Zeng Hu
nic-hdl: ZH1429-AP
e-mail: huzeng@sina.com
address: Rui'an,Wenzhou,Zhejiang.Postcode:325200
phone: +86-577-65699099
country: CN
changed: auto-dbm@dcb.hz.zj.cn 20080625
mnt-by: MAINT-CN-CHINANET-ZJ-WZ
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 195.96.235.35

Hi,

The IP 195.96.235.35 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 195.96.235.35:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '195.96.235.0 - 195.96.235.127'

% Abuse contact for '195.96.235.0 - 195.96.235.127' is 'abuse@bas.bg'

inetnum: 195.96.235.0 - 195.96.235.127
netname: BASNET
descr: Bulgarian Academy of Sciences Network
country: BG
admin-c: BNAC1-RIPE
tech-c: BNTC1-RIPE
status: ASSIGNED PA
mnt-by: BASNET-MNT
mnt-lower: BASNET-MNT
source: RIPE # Filtered

role: BASNet administrative contact
remarks: trouble: billing, legal, case clearing
remarks: trouble: and other administrative issues
remarks: --------
remarks: BASNet address space and domains are currently
remarks: maintained by Lirex Net. Please use this
remarks: contact information for administrative issues
remarks: ONLY!
remarks: --------
address: Bulgarian Academy of Sciences - Computing Center
address: Acad. G. Bonchev str., bld. 25A
address: BG-1113 Sofia, Bulgaria
phone: +359 2 979 6602
phone: +359 2 979 6609
fax-no: +359 2 70 72 73
abuse-mailbox: abuse@lirex.net
admin-c: DS1039-RIPE
admin-c: KT316-RIPE
tech-c: BNTC1-RIPE
nic-hdl: BNAC1-RIPE
mnt-by: BASNET-MNT
source: RIPE # Filtered

role: BASNet technical contact
remarks: trouble: spam, portscans, hacks, floods
remarks: trouble: routing, filters and other technical issues
remarks: -----------------
remarks: BASNet address space and domains are currently
remarks: maintained by Lirex Net. Please use this
remarks: contact information for technical issues ONLY!
remarks: -----------------
address: Lirex BG Ltd.
address: Mladost 1, bl. 9,
address: BG-1784 Sofia,
address: Bulgaria
phone: +359 2 969 1555
fax-no: +359 2 971 0084
admin-c: BNAC1-RIPE
tech-c: MIS111-RIPE
tech-c: KOBE-RIPE
nic-hdl: BNTC1-RIPE
mnt-by: BASNET-MNT
source: RIPE # Filtered

% Information related to '195.96.235.0/24AS8745'

route: 195.96.235.0/24
descr: BASNET
descr: Bulgarian Academy of Sciences
origin: AS8745
mnt-by: BASNET-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS1)

Regards,

Fail2Ban

Friday, 3 January 2014

[Fail2Ban] SSH: banned 124.115.18.10

Hi,

The IP 124.115.18.10 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 124.115.18.10:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '124.114.0.0 - 124.115.255.255'

inetnum: 124.114.0.0 - 124.115.255.255
netname: CHINANET-SN
descr: CHINANET Shanxi(SN) province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: XC9-AP
mnt-by: APNIC-HM
mnt-routes: MAINT-CHINANET-SHAANXI
mnt-lower: MAINT-CHINANET-SHAANXI
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20060331
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: Xianghong Cao
address: Shanxi provice data communication Bureau
address: 185# zhuque Road
address: Xi'an city, Shanxi provice 710061
country: CN
phone: +8629-523-3633
fax-no: +8629-522-8093
e-mail: sxic@public.xa.sn.cn
nic-hdl: XC9-AP
mnt-by: MAINT-NULL
changed: caoxianghong@263.net 19990409
source: APNIC

% Information related to '124.114.0.0/15AS4134'

route: 124.114.0.0/15
descr: From Shanxi(CHINANET-SN) Network of ChinaTelecom
origin: AS4134
mnt-by: MAINT-CHINANET
changed: dingsy@cndata.com 20060707
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 89.248.172.58

Hi,

The IP 89.248.172.58 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 89.248.172.58:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '89.248.172.58 - 89.248.172.61'

% Abuse contact for '89.248.172.58 - 89.248.172.61' is 'admin@ecatel.net'

inetnum: 89.248.172.58 - 89.248.172.61
netname: NL-ALTUSHOST
descr: AltusHost.com
country: NL
admin-c: EL25-RIPE
tech-c: EL25-RIPE
status: ASSIGNED PA
mnt-by: ECATEL-MNT
mnt-lower: ECATEL-MNT
mnt-routes: ECATEL-MNT
source: RIPE # Filtered

role: Ecatel LTD
address: P.O.Box 19533
address: 2521 CA The Hague
address: Netherlands
abuse-mailbox: abuse@ecatel.info
remarks: ----------------------------------------------------
remarks: ECATEL LTD
remarks: Dedicated and Co-location hosting services
remarks: ----------------------------------------------------
remarks: for abuse complaints : abuse@ecatel.info
remarks: for any other questions : info@ecatel.info
remarks: ----------------------------------------------------
admin-c: EL25-RIPE
tech-c: EL25-RIPE
nic-hdl: EL25-RIPE
mnt-by: ECATEL-MNT
source: RIPE # Filtered

% Information related to '89.248.172.0/23AS29073'

route: 89.248.172.0/23
descr: AS29073, Route object
origin: AS29073
mnt-by: ECATEL-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.108.0.73

Hi,

The IP 218.108.0.73 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 218.108.0.73:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.108.0.0 - 218.109.255.255'

inetnum: 218.108.0.0 - 218.109.255.255
netname: WASU
descr: WASU TV & Communication Holding Co.,Ltd.
descr: 6/F, Jian Gong Building, NO.20 Wen San Road, Hangzhou,
descr: Zhejiang province, P.R.China 310012
country: CN
admin-c: XZ1291-AP
tech-c: TF142-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
changed: hm-changed@apnic.net 20080123
source: APNIC

person: Tao Feng
nic-hdl: TF142-AP
e-mail: fengtao@chinahcn.com
address: No.9 ShuGuang Road,HangZhou City,ZheJiang Province
phone: +86-0571-28958888-8108
fax-no: +86-0571-85214455
country: CN
changed: ipas@cnnic.cn 20100513
mnt-by: MAINT-CNNIC-AP
source: APNIC

person: Xianlong Zeng
nic-hdl: XZ1291-AP
e-mail: allon@chinahcn.com
address: No.9 ShuGuang Road,HangZhou City,ZheJiang Province
phone: +86-0571-28958852
fax-no: +86-0571-85214455
country: CN
changed: ipas@cnnic.cn 20071123
mnt-by: MAINT-CNNIC-AP
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.147.116.54

Hi,

The IP 61.147.116.54 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.147.116.54:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.147.0.0 - 61.147.255.255'

inetnum: 61.147.0.0 - 61.147.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.147.0.0/16AS23650'

route: 61.147.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 103.7.52.61

Hi,

The IP 103.7.52.61 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 103.7.52.61:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '103.7.52.0 - 103.7.53.255'

inetnum: 103.7.52.0 - 103.7.53.255
netname: IDNIC-KKP-ID
descr: PUSDATIN KKP
descr: Kementerian Kelautan dan Perikanan
descr: Government / Direct Member IDNIC
descr: Gedung Mina Bahari Lt.16
descr: Jl. Medan Merdeka Timur No.16
descr: Jakarta Pusat, DKI Jakarta, 10110
country: ID
admin-c: AW641-AP
tech-c: AW641-AP
remarks: Send Spam & Abuse Reports to abuse@kkp.go.id
mnt-by: MNT-APJII-ID
mnt-routes: MAINT-ID-KKP
mnt-irt: IRT-KKP-ID
status: ASSIGNED PORTABLE
changed: hm-changed@apnic.net 20120315
source: APNIC

irt: IRT-KKP-ID
address: Kementerian Kelautan dan Perikanan
address: Gedung Mina Bahari Lt.16
address: Jl. Medan Merdeka Timur No.16
address: Jakarta Pusat, DKI Jakarta, 10110
e-mail: hostmaster@kkp.go.id
abuse-mailbox: hostmaster@kkp.go.id
admin-c: AW641-AP
tech-c: AW641-AP
auth: # Filtered
mnt-by: MAINT-ID-KKP
changed: hostmaster@kkp.go.id 20120307
source: APNIC

person: Ary Widyanto
address: Gedung Mina Bahari Lt.16
address: Jl. Medan Merdeka Timur No.16
address: Jakarta Pusat, DKI Jakarta, 10110.
country: ID
phone: +62-21-3519075
fax-no: +62-21-3519075
e-mail: arywid@kkp.go.id
nic-hdl: AW641-AP
mnt-by: MAINT-ID-KKP
changed: hostmaster@idnic.net 20120306
changed: hostmaster@idnic.net 20120307
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.91.240.230

Hi,

The IP 112.91.240.230 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.91.240.230:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.91.240.0 - 112.91.247.255'

inetnum: 112.91.240.0 - 112.91.247.255
netname: UNICOM-GDJY
descr: China Unicom Jieyang city network, Leased line address
descr: China Unicom Jieyang Branch
country: CN
admin-c: CG272-AP
tech-c: CG272-AP
status: ALLOCATED NON-PORTABLE
changed: wangjj238@chinaunicom.cn 20090514
mnt-by: MAINT-CNCGROUP-GD
mnt-irt: IRT-CU-CN
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

role: CNCGROUP GD
nic-hdl: CG272-AP
e-mail: gdipnoc@chinaunicom.cn
address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
phone: +86-20-22214226
fax-no: +86-20-22214228
admin-c: RP181-AP
tech-c: RP181-AP
country: CN
changed: wangjj238@chinaunicom.cn 20090414
mnt-by: MAINT-CNCGROUP-GD
source: APNIC

% Information related to '112.88.0.0/13AS17816'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS17816
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% Information related to '112.88.0.0/13AS4837'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 125.39.22.154

Hi,

The IP 125.39.22.154 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 125.39.22.154:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '125.36.0.0 - 125.39.255.255'

inetnum: 125.36.0.0 - 125.39.255.255
netname: UNICOM-TJ
descr: China Unicom Tianjin province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: HZ19-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-TJ
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20051230
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: huang zheng
nic-hdl: HZ19-AP
e-mail: tj-ipaddr3@chinaunicom.cn
address: 76 NO, ShiZiLin Street ,HeBei district of Tianjin,China
phone: +86-22-24459190
fax-no: +86-22-24454499
country: CN
changed: tj-ipaddr3@chinaunicom.cn 20120713
mnt-by: MAINT-CNCGROUP-TJ
source: APNIC

% Information related to '125.36.0.0/14AS4837'

route: 125.36.0.0/14
descr: CNC Group CHINA169 Tianjin Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.189.239.138

Hi,

The IP 222.189.239.138 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.189.239.138:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.184.0.0 - 222.191.255.255'

inetnum: 222.184.0.0 - 222.191.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040223
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.26.89.179

Hi,

The IP 218.26.89.179 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 218.26.89.179:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.26.89.128 - 218.26.89.255'

inetnum: 218.26.89.128 - 218.26.89.255
netname: cz-xxghw
country: CN
descr: changzhi xxghw gov
admin-c: YZ225-AP
tech-c: YZ225-AP
status: ASSIGNED NON-PORTABLE
changed: xyp@public.ty.sx.cn 20060512
mnt-by: MAINT-CNCGROUP-SX
source: APNIC

person: Ying Zhao
nic-hdl: YZ225-AP
e-mail: zhy0607@public.ty.sx.cn
address: Taiyuan Shanxi
phone: +86-351-4091749
fax-no: +86-351-4088347
country: CN
changed: zhy0607@public.ty.sx.cn 20030321
mnt-by: MAINT-NEW
source: APNIC

% Information related to '218.26.0.0/16AS4837'

route: 218.26.0.0/16
descr: CNC Group CHINA169 Shanxi Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 122.225.102.43

Hi,

The IP 122.225.102.43 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 122.225.102.43:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '122.225.102.0 - 122.225.102.63'

inetnum: 122.225.102.0 - 122.225.102.63
netname: WENZHOU-GAOJIE-CO
country: CN
descr: WENZHOU GAOJIE TECHNOLOGY CO.LTD
descr:
admin-c: SL2710-AP
tech-c: CH119-AP
mnt-irt: IRT-CHINANET-ZJ
status: ASSIGNED NON-PORTABLE
changed: auto-dbm@dcb.hz.zj.cn 20110927
mnt-by: MAINT-CN-CHINANET-ZJ-HU
source: APNIC

irt: IRT-CHINANET-ZJ
address: Hangzhou, 288 fucun Road, China
e-mail: lfliu@pubinfo.com.cn
abuse-mailbox: antispam@dcb.hz.zj.cn
admin-c: CZ61-AP
tech-c: CZ61-AP
auth: # Filtered
mnt-by: MAINT-CHINANET-ZJ
changed: auto-dbm@dcb.hz.zj.cn 20101129
source: APNIC

role: CHINANET-ZJ Huzhou
address: No.18 Hongqi Road,Huzhou,Zhejiang.313000
country: CN
phone: +86-572-2022163
fax-no: +86-572-2210609
e-mail: anti_spam@mail.huptt.zj.cn
remarks: send spam reports to anti_spam@mail.huptt.zj.cn
remarks: and abuse reports to anti_spam@mail.huptt.zj.cn
remarks: Please include detailed information and times in UTC
admin-c: CH50-AP
tech-c: CH50-AP
nic-hdl: CH119-AP
mnt-by: MAINT-CHINANET-ZJ
changed: master@dcb.hz.zj.cn 20031204
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Shengzhong Liu
nic-hdl: SL2710-AP
e-mail: anti_spam@mail.huptt.zj.cn
address: lanjiang Software Park B3009,Lanjiang Road 188, Airport Road, Wenzhou
phone: +86-13738375522
phone: +86-577-88800077
country: CN
changed: auto-dbm@dcb.hz.zj.cn 20110815
mnt-by: MAINT-CN-CHINANET-ZJ-HU
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 31.210.112.174

Hi,

The IP 31.210.112.174 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 31.210.112.174:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '31.210.112.0 - 31.210.112.255'

% Abuse contact for '31.210.112.0 - 31.210.112.255' is 'abuse@as42926.net'

inetnum: 31.210.112.0 - 31.210.112.255
netname: SAYFA-NET
descr: INTER NET BILGISAYAR LTD STI
country: TR
admin-c: SN3028-RIPE
tech-c: SN3028-RIPE
status: ASSIGNED PA
mnt-by: AS42926-MNT
source: RIPE # Filtered

person: Sayfa Net
address: adres mevcut degildir
address: musteri bilgisi icin email atiniz
address: Istanbul
address: Turkey, TR
phone: +90 (000) 000 00 00
fax-no: +90 (000) 000 00 00
nic-hdl: SN3028-RIPE
mnt-by: ISTANBULDC-MNT
abuse-mailbox: ripe26@sayfa.net
source: RIPE # Filtered

% Information related to '31.210.112.0/24AS42926'

route: 31.210.112.0/24
descr: AS42926-NETWORK
origin: AS42926
mnt-by: AS42926-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)

Regards,

Fail2Ban

Thursday, 2 January 2014

[Fail2Ban] SSH: banned 195.32.28.101

Hi,

The IP 195.32.28.101 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 195.32.28.101:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '195.32.28.0 - 195.32.31.255'

% Abuse contact for '195.32.28.0 - 195.32.31.255' is 'abuse@officine.it'

inetnum: 195.32.28.0 - 195.32.31.255
netname: IDPNET
descr: IDP s.n.c. di Repetto Davide e Magnone Paolo
descr: Via dei Confini, 6
descr: I-15068 - Pozzolo F.ro (AL)
country: IT
admin-c: DR245-RIPE
tech-c: DR245-RIPE
tech-c: PM761-RIPE
remarks: rev-srv: dns1.idp.it
remarks: rev-srv: dante.italia.com
status: ASSIGNED PA
mnt-by: ITALIACOM-MNT
source: RIPE # Filtered
remarks: rev-srv attribute deprecated by RIPE NCC on 02/09/2009

person: Davide Repetto
address: Via dei Confini, 6
address: I-15068 Pozzolo F.ro, (AL)
address: Italy
phone: +39 0143 419095
fax-no: +39 0143 1970197
nic-hdl: DR245-RIPE
mnt-by: idp-mnt
source: RIPE # Filtered

person: Paolo Magnone
address: Via dei Confini, 6
address: I-15068 - Pozzolo F.ro (AL)
address: Italy
phone: +39 143 419095
fax-no: +39 143 419086
nic-hdl: PM761-RIPE
mnt-by: IDP-MNT
source: RIPE # Filtered

% Information related to '195.32.28.0/22AS20992'

route: 195.32.28.0/22
descr: IDP Main Block
origin: AS20992
mnt-by: IDP-MNT
mnt-by: ITALIACOM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.167.199.232

Hi,

The IP 61.167.199.232 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.167.199.232:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.167.0.0 - 61.167.255.255'

inetnum: 61.167.0.0 - 61.167.255.255
netname: UNICOM-HL
country: CN
descr: China Unicom Heilongjiang province network
descr: China Unicom
admin-c: CH1302-AP
tech-c: LZ31-AP
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNCGROUP
mnt-lower: MAINT-CNCGROUP-HL
mnt-routes: MAINT-CNCGROUP-RR
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20031110
changed: hm-changed@apnic.net 20040927
changed: hm-changed@apnic.net 20060124
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Liu Zhiyong
nic-hdl: LZ31-AP
e-mail: gaobh@mail.hl.cn
address: Data Communication Bureau of HLJ
phone: +86-451-542931
country: CN
changed: gaobh@mail.hl.cn 20030801
mnt-by: MAINT-CNCGROUP-HL
source: APNIC

% Information related to '61.167.0.0/16AS4837'

route: 61.167.0.0/16
descr: CNC Group CHINA169 Heilongjiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.189.239.72

Hi,

The IP 222.189.239.72 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.189.239.72:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.184.0.0 - 222.191.255.255'

inetnum: 222.184.0.0 - 222.191.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040223
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 222.189.239.138

Hi,

The IP 222.189.239.138 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 222.189.239.138:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '222.184.0.0 - 222.191.255.255'

inetnum: 222.184.0.0 - 222.191.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: This object can only modify by APNIC hostmaster
remarks: If you wish to modify this object details please
remarks: send email to hostmaster@apnic.net with your
remarks: organisation account name in the subject line.
changed: hm-changed@apnic.net 20040223
status: ALLOCATED PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.91.240.230

Hi,

The IP 112.91.240.230 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.91.240.230:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.91.240.0 - 112.91.247.255'

inetnum: 112.91.240.0 - 112.91.247.255
netname: UNICOM-GDJY
descr: China Unicom Jieyang city network, Leased line address
descr: China Unicom Jieyang Branch
country: CN
admin-c: CG272-AP
tech-c: CG272-AP
status: ALLOCATED NON-PORTABLE
changed: wangjj238@chinaunicom.cn 20090514
mnt-by: MAINT-CNCGROUP-GD
mnt-irt: IRT-CU-CN
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

role: CNCGROUP GD
nic-hdl: CG272-AP
e-mail: gdipnoc@chinaunicom.cn
address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
phone: +86-20-22214226
fax-no: +86-20-22214228
admin-c: RP181-AP
tech-c: RP181-AP
country: CN
changed: wangjj238@chinaunicom.cn 20090414
mnt-by: MAINT-CNCGROUP-GD
source: APNIC

% Information related to '112.88.0.0/13AS17816'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS17816
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% Information related to '112.88.0.0/13AS4837'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

Wednesday, 1 January 2014

[Fail2Ban] SSH: banned 77.65.0.86

Hi,

The IP 77.65.0.86 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 77.65.0.86:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '77.65.0.0 - 77.65.23.255'

% Abuse contact for '77.65.0.0 - 77.65.23.255' is 'abuse@inea.com.pl'

inetnum: 77.65.0.0 - 77.65.23.255
netname: ICPNET-5
descr: ICP Network
descr: static assignment address space
country: PL
admin-c: IS4930-RIPE
tech-c: IS4930-RIPE
status: ASSIGNED PA
mnt-by: ICP-MNT
mnt-lower: ICP-MNT
mnt-routes: ICP-MNT
source: RIPE # Filtered

role: INEA S.A.
address: ul. Klaudyny Potockiej 25
address: 60-211 Poznan
address: Poland
nic-hdl: IS4930-RIPE
mnt-by: ICP-MNT
source: RIPE # Filtered
tech-c: PM8821-RIPE
tech-c: PA7317-RIPE
admin-c: PM8821-RIPE

% Information related to '77.65.0.0/17AS13110'

route: 77.65.0.0/17
descr: PL-ICP
descr: Poznan
origin: AS13110
mnt-by: ICP-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.70.1 (WHOIS2)

Regards,

Fail2Ban