HideMyAss.com

Wednesday, 13 November 2013

[Fail2Ban] SSH: banned 212.83.145.35

Hi,

The IP 212.83.145.35 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 212.83.145.35:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '212.83.128.0 - 212.83.153.255'

% Abuse contact for '212.83.128.0 - 212.83.153.255' is 'abuse@proxad.net'

inetnum: 212.83.128.0 - 212.83.153.255
netname: FRWOL
descr: Tiscali France
country: FR
admin-c: BG34
admin-c: LTAD1-RIPE
tech-c: TTFR1-RIPE
status: ASSIGNED PA
remarks: ******************
remarks: All abuse requests MUST be sent to 'abuse@tiscali.fr'
remarks: and the logs must include the timezone and GMT offset.
remarks: ripe-mnt@net.tiscali.fr IS NOT the mail to use to report abuses
remarks: Toute requete abuse DOIT etre envoyee a 'abuse@tiscali.fr'
remarks: en les logs doivent inclure l'heure exacte et le decalage GMT.
remarks: ripe-mnt@net.tiscali.fr N'EST PAS le mail a utiliser pour signaler un abuse.
remarks: ******************
mnt-by: MNT-TISCALIFR
mnt-lower: MNT-TISCALIFR
remarks: Tag: Int
source: RIPE # Filtered

role: LIBERTYSURF TELECOM ABUSE DEPARTMENT
remarks: now known as Online S.A.S. / Iliad-Entreprises
address: 8, rue de la ville l'eveque
address: 75008 Paris
address: France
admin-c: IENT-RIPE
tech-c: IENT-RIPE
nic-hdl: LTAD1-RIPE
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

role: Tiscali Telecom France Registry
remarks: now known as Online S.A.S. / Iliad-Entreprises
address: 8 rue de la ville l'évèque
address: 75008 Paris
address: France
abuse-mailbox: abuse@iliad-entreprises.fr
admin-c: IENT-RIPE
tech-c: IENT-RIPE
tech-c: NR1053-RIPE
nic-hdl: TTFR1-RIPE
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

person: Benoit Grange
address: Tiscali Telecom
address: 37 bis rue Greneta
address: 75002 Paris - France
phone: +33 1 45 08 20 00
fax-no: +33 1 45 08 20 01
remarks: +-----------------------------------------------------------------------+
remarks: | ATTENTION: Pour nous signaler un probleme (intrusion, spam, etc), |
remarks: | merci de respecter la procedure suivante: |
remarks: | Envoyer un mail a "abuse@tiscali.fr" avec les informations suivantes: |
remarks: | - date & heure (y compris le fuseau horaire ou l'heure GMT) |
remarks: | - adresse IP source ou toutes les en-tetes du mail |
remarks: | - nature du probleme (en quelques mots) |
remarks: | Nous ne repondons pas aux demandes par telephone. |
remarks: | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - |
remarks: | Je ne suis que le representant legal de Tiscali et non pas |
remarks: | l'utilisateur final de l'adresse IP renvoyee par votre firewall |
remarks: | Les adresses IP sont generalement allouees dynamiquement a nos abonnes|
remarks: | et donc votre logiciel ne peut PAS connaitre le nom de l'utilisateur |
remarks: | reel de l'IP. Merci d'avoir lu jusqu'au bout. |
remarks: +-----------------------------------------------------------------------+
nic-hdl: BG34
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

% Information related to '212.83.128.0/19AS12876'

route: 212.83.128.0/19
descr: Online SAS
descr: Paris, France
origin: AS12876
mnt-by: MNT-TISCALIFR
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 117.79.91.16

Hi,

The IP 117.79.91.16 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 117.79.91.16:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '117.79.80.0 - 117.79.95.255'

inetnum: 117.79.80.0 - 117.79.95.255
netname: SANXIN
descr: Beijing Sanxin Shidai Co.Ltd
descr: 1513 Xinjishu building Beijing link west road
descr: Haidian District, Beijing, PRC
country: CN
admin-c: SJ1535-AP
tech-c: AUTO1-SK
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: ipas@cnnic.cn 20101229
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Shi Kai
nic-hdl: AUTO1-SK
address: 65th Haidian xinjishu building 1513
address: Beijing Haidian District North four link west road
country: CN
phone: +86-10-52789029
fax-no: +86-10-52789032
e-mail: sailor0156@hotmail.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20090513
source: APNIC

person: Shi Jianmin
nic-hdl: SJ1535-AP
address: 65th Haidian xinjishu building 1513
address: Beijing Haidian District North four link west road
country: CN
phone: +86-10-82888393
fax-no: +86-10-82610575-15131
e-mail: antepc@sina.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20090513
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 117.79.148.53

Hi,

The IP 117.79.148.53 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 117.79.148.53:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '117.79.128.0 - 117.79.191.255'

inetnum: 117.79.128.0 - 117.79.191.255
netname: SANXIN
descr: Beijing Sanxin Shidai Co.Ltd
descr: 1513 Xinjishu building Beijing link west road
descr: Haidian District, Beijing, PRC
country: CN
admin-c: SJ1535-AP
tech-c: AUTO1-SK
status: ASSIGNED NON-PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: ipas@cnnic.cn 20101229
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Shi Kai
nic-hdl: AUTO1-SK
address: 65th Haidian xinjishu building 1513
address: Beijing Haidian District North four link west road
country: CN
phone: +86-10-52789029
fax-no: +86-10-52789032
e-mail: sailor0156@hotmail.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20090513
source: APNIC

person: Shi Jianmin
nic-hdl: SJ1535-AP
address: 65th Haidian xinjishu building 1513
address: Beijing Haidian District North four link west road
country: CN
phone: +86-10-82888393
fax-no: +86-10-82610575-15131
e-mail: antepc@sina.com
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20090513
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 1.93.45.211

Hi,

The IP 1.93.45.211 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 1.93.45.211:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '1.93.0.0 - 1.93.255.255'

inetnum: 1.93.0.0 - 1.93.255.255
netname: HSOFT
descr: Beijing hsoft technologies inc
descr: Beijing City, Haidian District Madian 8 South Road
descr: crown sea building three layer
country: CN
admin-c: ZT587-AP
tech-c: ZT587-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
changed: hm-changed@apnic.net 20121122
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20110428
source: APNIC

person: Zhang Tao
address: Beijing City, Haidian District Madian 8 South Road crown sea building three layer
country: CN
phone: +86-13051336272
e-mail: 13051336272@wo.com.cn
nic-hdl: ZT587-AP
mnt-by: MAINT-CNNIC-AP
changed: ipas@cnnic.cn 20121107
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.23.231.222

Hi,

The IP 198.23.231.222 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.23.231.222:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.23.231.222"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.23.231.222?showDetails=true&showARIN=false&ext=netref2
#

ColoCrossing CC-10 (NET-198-23-128-0-1) 198.23.128.0 - 198.23.255.255
New Wave NetConnect, LLC CC-198-23-231-128-25 (NET-198-23-231-128-1) 198.23.231.128 - 198.23.231.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 193.24.30.55

Hi,

The IP 193.24.30.55 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 193.24.30.55:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '193.24.30.0 - 193.24.30.255'

inetnum: 193.24.30.0 - 193.24.30.255
netname: UKRTEKHSTROY
descr: Ukrtekhstroy Ltd
org: ORG-UL86-RIPE
country: UA
admin-c: OAA1-RIPE
tech-c: SIE2-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-lower: RIPE-NCC-END-MNT
mnt-by: UKRTEKHSTROY-MNT
mnt-routes: UKRTEKHSTROY-MNT
source: RIPE # Filtered

organisation: ORG-UL86-RIPE
org-name: Ukrtechstroy Ltd
org-type: OTHER
address: ap. 407a
address: Kosmicheskaya str. 21
address: Kharkiv
address: Ukraine
address: 61072
mnt-ref: UKRTEKHSTROY-MNT
mnt-by: UKRTEKHSTROY-MNT
source: RIPE # Filtered

person: Ovcharenko Aleksey Aleksandrovich
address: ap. 119
address: Kurchatova ave. 28
address: 61108
address: Kharkov
address: Ukraine
phone: +380 097 5396120
nic-hdl: OAA1-RIPE
mnt-by: OAA1-RIPE-MNT
source: RIPE # Filtered

person: Senchenko Igor Eugenievich
address: Kharkov, Ukraine
phone: +380 57 752 36 35
nic-hdl: SIE2-RIPE
mnt-by: OAA1-RIPE-MNT
source: RIPE # Filtered

% Information related to '193.24.30.0/24AS31187'

route: 193.24.30.0/24
descr: 193.24.30.0/24 route
origin: AS31187
org: ORG-UL86-RIPE
mnt-by: UKRTEKHSTROY-MNT
source: RIPE # Filtered

organisation: ORG-UL86-RIPE
org-name: Ukrtechstroy Ltd
org-type: OTHER
address: ap. 407a
address: Kosmicheskaya str. 21
address: Kharkiv
address: Ukraine
address: 61072
mnt-ref: UKRTEKHSTROY-MNT
mnt-by: UKRTEKHSTROY-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 217.168.45.184

Hi,

The IP 217.168.45.184 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 217.168.45.184:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '217.168.45.176 - 217.168.45.191'

% Abuse contact for '217.168.45.176 - 217.168.45.191' is 'abuse@upc-cablecom.ch'

inetnum: 217.168.45.176 - 217.168.45.191
netname: CRIMANETIT1-NET
descr: Crimanet IT Sagl
descr: Via El Temeris 5, 6513 Monte Carasso
country: CH
admin-c: CGRA1-RIPE
tech-c: CAN6-RIPE
status: ASSIGNED PA
mnt-by: AS8404-MNT
source: RIPE # Filtered

role: cablecom GmbH NOC
address: Foerrlibuckstrasse 181
address: CH-8005 Zurich
address: Switzerland
remarks: ******************************************************
remarks: For spam/abuse, please contact abuse@upccablecom.ch
remarks: E-mails to the persons below will be IGNORED!!
remarks: ******************************************************
abuse-mailbox: abuse@upc-cablecom.ch
admin-c: CGRA1-RIPE
tech-c: CM4989-RIPE
tech-c: MK7243-RIPE
tech-c: TSYS4-RIPE
nic-hdl: CAN6-RIPE
mnt-by: AS8404-MNT
source: RIPE # Filtered

role: Cablecom GmbH RIPE Admin
address: Foerrlibuckstrasse 181
address: CH-8005 Zurich
address: Switzerland
remarks: ******************************************************
remarks: For spam/abuse, please contact abuse@upc-cablecom.ch
remarks: E-mails to the persons below will be IGNORED!!
remarks: ******************************************************
abuse-mailbox: abuse@upc-cablecom.ch
admin-c: CL1831-RIPE
admin-c: FH36-RIPE
admin-c: PF3906-RIPE
admin-c: TSYS4-RIPE
tech-c: CAN6-RIPE
nic-hdl: CGRA1-RIPE
mnt-by: AS8404-MNT
source: RIPE # Filtered

% Information related to '217.168.32.0/19AS6830'

route: 217.168.32.0/19
descr: cablecom GmbH
descr: Zollstrasse 42
descr: CH-8021 Zuerich
descr: SWITZERLAND
origin: AS6830
remarks: ***************************************************
remarks: For Spam/Abuse, please contact abuse@cablecom.ch
remarks: E-mails to the persons below will be IGNORED!!
remarks: ***************************************************
mnt-by: AS8404-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 183.62.48.44

Hi,

The IP 183.62.48.44 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 183.62.48.44:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '183.0.0.0 - 183.63.255.255'

inetnum: 183.0.0.0 - 183.63.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: IC83-AP
tech-c: IC83-AP
status: ALLOCATED PORTABLE
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091009
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

Tuesday, 12 November 2013

[Fail2Ban] SSH: banned 31.210.63.175

Hi,

The IP 31.210.63.175 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 31.210.63.175:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '31.210.63.0 - 31.210.63.255'

inetnum: 31.210.63.0 - 31.210.63.255
netname: Mars-Customer31
descr: Mars-Customer31
remarks: www.marsglobaldatacenter.com
country: TR
org: ORG-MGDS1-RIPE
admin-c: MN4961-RIPE
tech-c: MN4961-RIPE
status: ASSIGNED PA
mnt-by: MNT-MARSNET
source: RIPE # Filtered

organisation: ORG-MGDS1-RIPE
org-name: Mars Global Datacenter Services LLC
remarks: www.marsglobaldatacenter.com
org-type: OTHER
address: Pobrezni 118, Prague, Czech Republic Turkey
mnt-ref: MNT-MARSNET
mnt-by: MNT-MARSNET
source: RIPE # Filtered

person: Mars Noc
address: Nadiama St. No:28 Turkey
remarks: www.marsglobaldatacenter.com
mnt-by: MNT-MARSNET
phone: +90 213 437 87 87
nic-hdl: MN4961-RIPE
source: RIPE # Filtered

% Information related to '31.210.63.0/24AS42910'

route: 31.210.63.0/24
descr: MarsGlobal1-Net1
origin: AS42910
mnt-by: MNT-MARSNET
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 201.76.170.236

Hi,

The IP 201.76.170.236 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 201.76.170.236:

[Querying whois.lacnic.net]
[Redirected to whois.registro.br]
[Querying whois.registro.br]
[whois.registro.br]

% Copyright (c) Nic.br
% The use of the data below is only permitted as described in
% full by the terms of use (http://registro.br/termo/en.html),
% being prohibited its distribution, comercialization or
% reproduction, in particular, to use it for advertising or
% any similar purpose.
% 2013-11-13 02:06:00 (BRST -02:00)

inetnum: 201.76.170.192/26
aut-num
: AS17222
abuse-c: AIJ6
owner: TECWAY TECNOLOGIA LTDA
ownerid: 003.102.680/0001-42
responsible: Sergio de Queiroz Teles Gomes
country: BR
owner-c: SEG17
tech-c: SEG17
created: 20090429
changed: 20090429
inetnum-up: 201.76.160/19

nic-hdl-br: AIJ6
person: Alberto Ivan Duran de la Jara
e-mail: dns-adm@mundivox.com
created: 20010710
changed: 20101014

nic-hdl-br: SEG17
person: Sergio Gomes
e-mail: sergio.gomes@tecway.com.br
created: 19980316
changed: 20090629

% Security and mail abuse issues should also be addressed to
% cert.br, http://www.cert.br/, respectivelly to cert@cert.br
% and mail-abuse@cert.br
%
% whois.registro.br accepts only direct match queries. Types
% of queries are: domain (.br), registrant (tax ID), ticket,
% provider, contact handle (ID), CIDR block, IP and ASN.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 178.254.36.206

Hi,

The IP 178.254.36.206 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 178.254.36.206:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '178.254.0.0 - 178.254.63.255'

% Abuse contact for '178.254.0.0 - 178.254.63.255' is 'abuse@1blu.de'

inetnum: 178.254.0.0 - 178.254.63.255
netname: DE-EVANZO-20100618
descr: EVANZO e-commerce GmbH
country: DE
org: ORG-EeG3-RIPE
admin-c: JD536-RIPE
tech-c: JD536-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: MNT-RN1131-RIPE
mnt-lower: LEVEL3-MNT
mnt-routes: MNT-RN1131-RIPE
mnt-routes: HRW-NOC
mnt-domains: MNT-RN1131-RIPE
source: RIPE # Filtered

organisation: ORG-EeG3-RIPE
org-name: EVANZO e-commerce GmbH
org-type: LIR
address: EVANZO e-commerce GmbH Johann Dasch Stromstr. 1-5 10555 Berlin GERMANY
phone: +493020181000
fax-no: +493020181001
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: MNT-RN1131-RIPE
mnt-by: RIPE-NCC-HM-MNT
admin-c: RN1131-RIPE
abuse-c: OA1725-RIPE
source: RIPE # Filtered

person: Johann Dasch
address: evanzo e-commerce GmbH
address: Stromstrasse 1-5
address: 10555 Berlin
phone: +421 20871000
fax-no: +421 20871055
nic-hdl: JD536-RIPE
abuse-mailbox: abuse@1blu.de
source: RIPE # Filtered
mnt-by: MNT-RN1131-RIPE

% Information related to '178.254.32.0/20AS42730'

route: 178.254.32.0/20
descr: DE-EVANZO-MK
origin: AS42730
mnt-by: MNT-RN1131-RIPE
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 198.7.57.203

Hi,

The IP 198.7.57.203 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 198.7.57.203:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 198.7.57.203"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=198.7.57.203?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 198.7.56.0 - 198.7.63.255
CIDR: 198.7.56.0/21
OriginAS: AS30633
NetName: LEASEWEB-US
NetHandle: NET-198-7-56-0-1
Parent: NET-198-0-0-0-0
NetType: Direct Allocation
RegDate: 2012-09-12
Updated: 2012-09-13
Ref: http://whois.arin.net/rest/net/NET-198-7-56-0-1

OrgName: Leaseweb USA, Inc.
OrgId: LU
Address: 9480 Innovation Dr
City: Manassas
StateProv: VA
PostalCode: 20109
Country: US
RegDate: 2010-09-13
Updated: 2013-08-06
Comment: www.leaseweb.com
Ref: http://whois.arin.net/rest/org/LU

OrgNOCHandle: LEASE-ARIN
OrgNOCName: Leaseweb ARIN
OrgNOCPhone: +1-571-814-3777
OrgNOCEmail: arin@leaseweb.com
OrgNOCRef: http://whois.arin.net/rest/poc/LEASE-ARIN

OrgAbuseHandle: LUAD1-ARIN
OrgAbuseName: Leaseweb US abuse dept
OrgAbusePhone: +1-571-814-3777
OrgAbuseEmail: abuse@leaseweb.us
OrgAbuseRef: http://whois.arin.net/rest/poc/LUAD1-ARIN

OrgTechHandle: LEASE-ARIN
OrgTechName: Leaseweb ARIN
OrgTechPhone: +1-571-814-3777
OrgTechEmail: arin@leaseweb.com
OrgTechRef: http://whois.arin.net/rest/poc/LEASE-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.160.194.32

Hi,

The IP 61.160.194.32 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.160.194.32:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '61.160.0.0 - 61.160.255.255'

inetnum: 61.160.0.0 - 61.160.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-JS
mnt-routes: maint-chinanet-js
changed: hostmaster@ns.chinanet.cn.net 20020209
changed: hostmaster@ns.chinanet.cn.net 20030306
status: ALLOCATED non-PORTABLE
source: APNIC

role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail: ip@jsinfo.net
remarks: send anti-spam reports to spam@jsinfo.net
remarks: send abuse reports to abuse@jsinfo.net
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify: ip@jsinfo.net
mnt-by: MAINT-CHINANET-JS
changed: dns@jsinfo.net 20090831
changed: ip@jsinfo.net 20090831
changed: hm-changed@apnic.net 20090901
source: APNIC
changed: hm-changed@apnic.net 20111114

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% Information related to '61.160.0.0/16AS23650'

route: 61.160.0.0/16
descr: CHINANET jiangsu province network
country: CN
origin: AS23650
mnt-by: MAINT-CHINANET-JS
changed: ip@jsinfo.net 20030414
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 183.57.57.44

Hi,

The IP 183.57.57.44 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 183.57.57.44:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '183.0.0.0 - 183.63.255.255'

inetnum: 183.0.0.0 - 183.63.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: IC83-AP
tech-c: IC83-AP
status: ALLOCATED PORTABLE
remarks: service provider
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20091009
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@189.cn
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@189.cn 20110418
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse_gdnoc@189.cn
abuse-mailbox: abuse_gdnoc@189.cn
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 217.129.35.154

Hi,

The IP 217.129.35.154 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 217.129.35.154:

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '217.129.32.0 - 217.129.39.255'

% Abuse contact for '217.129.32.0 - 217.129.39.255' is 'abuse@netvisao.pt'

inetnum: 217.129.32.0 - 217.129.39.255
netname: NETVISAO
descr: Cabovisao, SA -
descr: Internet Service Provider
descr: F.Ferro Residential Customers
country: PT
admin-c: CNT4-RIPE
tech-c: CNT4-RIPE
status: ASSIGNED PA
remarks: INFRA-AW
remarks: IMPORTANT: To report intrusion attempts, hacking,
remarks: IMPORTANT: spamming, or other unaccepted behavior
remarks: IMPORTANT: by a Netvisao/Cabovisao customer, please
remarks: IMPORTANT: send a message to abuse@netvisao.pt
mnt-by: AS13156-MNT
source: RIPE # Filtered

role: Cabovisao Network Team
address: Cabovisao, SA
address: Lugar de pocos
address: Palmela
address: Portugal
phone: +351 21 080 10 80
fax-no: +351 21 080 10 01
abuse-mailbox: abuse@netvisao.pt
admin-c: AL3206-RIPE
admin-c: LP1252-RIPE
tech-c: LP1252-RIPE
tech-c: AL3206-RIPE
nic-hdl: CNT4-RIPE
mnt-by: AS13156-MNT
source: RIPE # Filtered

% Information related to '217.129.32.0/21AS13156'

route: 217.129.32.0/21
descr: Cabovisao SA - Internet Provider
descr: F.Ferro (Equip1) Residential Customers Net
origin: AS13156
mnt-by: AS13156-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 61.35.186.89

Hi,

The IP 61.35.186.89 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 61.35.186.89:

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 61.35.186.89


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 61.32.0.0 - 61.39.255.255 (/13)
서비스명 : BORANET
기관명 : 주ì&lsqauo;íšŒì‚¬ 엘지유í"ŒëŸ¬ìŠ¤
기관고유번호 : ORG572
주소 : 서울특별ì&lsqauo;œ ì¤'구 소ì›"ë¡œ2길 30 (남대문로5ê°€)
우편번호 : 100-095
í• ë&lsqauo;¹ì¼ìž : 20041115

[ IPv4주소 책임자 정보 ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ IPv4주소 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : IP주소관리자
ì „í™"번호 : +82-2-6928-3087
전자우편 : ipadm@lguplus.co.kr

[ 스팸 해킹 ë&lsqauo;´ë&lsqauo;¹ìž ì •ë³´ ]
이름 : Network Abuse ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-2089-0101
전자우편 : security@bora.net

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 61.32.0.0 - 61.39.255.255 (/13)
Service Name : BORANET
Organization Name : LG DACOM Corporation
Organization ID : ORG572
Address : 827, Seoul Jung-gu Sowol-ro 2-gil
Zip Code : 100-095
Registration Date : 20041115

[ Admin Contact Information ]
Name : IP Administrator
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Tech Contact Information ]
Name : IP ADMIN
Phone : +82-2-6928-3087
E-Mail : ipadm@lguplus.co.kr

[ Network Abuse Contact Information ]
Name : Network Abuse
Phone : +82-2-2089-0101
E-Mail : security@bora.net


- KISA/KRNIC Whois Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 58.240.17.250

Hi,

The IP 58.240.17.250 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 58.240.17.250:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '58.240.17.248 - 58.240.17.255'

inetnum: 58.240.17.248 - 58.240.17.255
netname: ShengFenXinXiHuaBu
country: CN
descr: ShengFenXinXiHuaBu,NANJING,JIANGSU PROVINCE
admin-c: LL58-AP
tech-c: LL58-AP
status: ASSIGNED NON-PORTABLE
changed: chenxy@chinaunicom.cn 20100126
mnt-by: MAINT-CNCGROUP-JS
source: APNIC

person: Lan Li
nic-hdl: LL58-AP
e-mail: js-cu-ipmanage@chinaunicom.cn
address: No. 65 Beijing West Road,Nanjing,China
phone: +86257900060
fax-no: +86252900280
country: CN
changed: js-cu-ipmanage@chinaunicom.cn 20130815
mnt-by: MAINT-NEW
source: APNIC

% Information related to '58.240.0.0/15AS4837'

route: 58.240.0.0/15
descr: CNC Group Jiangsu province network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20050603
changed: hm-changed@apnic.net 20050622
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.82.244.132

Hi,

The IP 202.82.244.132 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 202.82.244.132:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '202.82.244.128 - 202.82.244.135'

inetnum: 202.82.244.128 - 202.82.244.135
netname: ELITEPRINTINGCOLTD-HK
descr: ELITE PRINTING CO LTD
country: HK
admin-c: KM378-AP
tech-c: TA66-AP
mnt-by: MAINT-HK-PCCW-BIA-CS
changed: netapp@imsbiz.com 20050418
source: APNIC
status: ASSIGNED NON-PORTABLE

role: TECHNICAL ADMINISTRATORS
address: HKT Limited
address: PO Box 9896 GPO
phone: +852-2883-5151
country: HK
e-mail: noc@imsbiz.com
admin-c: NOC18-AP
admin-c: WC109-AP
tech-c: NOC18-AP
tech-c: WC109-AP
nic-hdl: TA66-AP
notify: noc@imsbiz.com
mnt-by: MAINT-HK-PCCW-BIA
changed: wilson.cheung@pccw.com 20111111
source: APNIC

person: KARSON MAK
address: FT 1-8 14/F HONG MAN IND CTR
address: 2 HONG MAN STREET
address: CHAI WAN
address: HONG KONG
country: HK
phone: +852-25580119
fax-no: +852-28972675
e-mail: cs@imsbiz.com
nic-hdl: KM378-AP
mnt-by: MAINT-HK-PCCW-BIA-CS
changed: netapp@imsbiz.com 20050418
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 23.23.201.248

Hi,

The IP 23.23.201.248 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 23.23.201.248:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 23.23.201.248"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=23.23.201.248?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 23.20.0.0 - 23.23.255.255
CIDR: 23.20.0.0/14
OriginAS: AS16509
NetName: AMAZON-EC2-USEAST-10
NetHandle: NET-23-20-0-0-1
Parent: NET-23-0-0-0-0
NetType: Direct Assignment
Comment: The activity you have detected originates from a dynamic hosting environment.
Comment: For fastest response, please submit abuse reports at http://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/AWSAbuse
Comment: For more information regarding EC2 see:
Comment: http://ec2.amazonaws.com/
Comment: All reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
RegDate: 2011-09-19
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-23-20-0-0-1


OrgName: Amazon.com, Inc.
OrgId: AMAZO-4
Address: Amazon Web Services, Elastic Compute Cloud, EC2
Address: 1200 12th Avenue South
City: Seattle
StateProv: WA
PostalCode: 98144
Country: US
RegDate: 2005-09-29
Updated: 2009-06-02
Comment: For details of this service please see
Comment: http://ec2.amazonaws.com/
Ref: http://whois.arin.net/rest/org/AMAZO-4

OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-266-4064
OrgTechEmail: aes-noc@amazon.com
OrgTechRef: http://whois.arin.net/rest/poc/ANO24-ARIN

OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-266-4064
OrgAbuseEmail: ec2-abuse@amazon.com
OrgAbuseRef: http://whois.arin.net/rest/poc/AEA8-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

Monday, 11 November 2013

[Fail2Ban] SSH: banned 124.117.249.242

Hi,

The IP 124.117.249.242 has just been banned by Fail2Ban after
6 attempts against SSH.


Here are more information about 124.117.249.242:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '124.117.0.0 - 124.117.255.255'

inetnum: 124.117.0.0 - 124.117.255.255
netname: CHINANET-XJ
descr: CHINANET Xinjiang province network
descr: China Telecom
descr: No1,jin-rong Street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: NA15-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CHINANET-XJ
mnt-routes: MAINT-CN-CHINANET-XJ
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20060406
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

person: NIBIJIANG ABDUKADIR
address: XINJIANG DATA COMMUNICATION BUREAU
address: HUANG HE ROAD 30# URUMQI CITY ,XINJIANG
country: CN
phone: +86 991 5820832
fax-no: +86 991 5820831
e-mail: nba@mail.wl.xj.cn
nic-hdl: NA15-AP
mnt-by: MAINT-CN-CHINANET-XJ
changed: nba@mail.wl.xj.cn 20000212
source: APNIC

% Information related to '124.117.0.0/16AS4134'

route: 124.117.0.0/16
descr: From Xinjiang Network of ChinaTelecom
origin: AS4134
mnt-by: MAINT-CHINANET
changed: dingsy@cndata.com 20060707
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.63.174.67

Hi,

The IP 59.63.174.67 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 59.63.174.67:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.62.0.0 - 59.63.255.255'

inetnum: 59.62.0.0 - 59.63.255.255
netname: CHINANET-JX
descr: CHINANET Jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: JN113-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
changed: hm-changed@apnic.net 20050208
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: wzzx_2013@189.cn
remarks: send spam reports to wzzx_2013@189.cn
remarks: and abuse reports to wzzx_2013@189.cn
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: wzzx_2013@189.cn
mnt-by: MAINT-IP-WWF
changed: hm-changed@apnic.net 20020812
changed: chenyiq@gsta.com 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 123.108.45.24

Hi,

The IP 123.108.45.24 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 123.108.45.24:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '123.108.32.0 - 123.108.63.255'

inetnum: 123.108.32.0 - 123.108.63.255
netname: NETMAGIC-NET
descr: NETMAGIC DATACENTER
country: IN
admin-c: SS87-AP
tech-c: SS87-AP
remarks:
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-irt: IRT-NETMAGIC-IN
changed: hm-changed@apnic.net 20070201
mnt-by: APNIC-HM
mnt-lower: MAINT-IN-NETMAGIC
status: ALLOCATED PORTABLE
source: APNIC

irt: IRT-NETMAGIC-IN
address: Mehra Industrial Estate,
address: Near Asha Usha Compound ,
address: LBS Marg Vikhroli(W),
address: Mumbai - 400 079
e-mail: network@netmagicsolutions.com
abuse-mailbox: network@netmagicsolutions.com
admin-c: SS87-AP
tech-c: SS87-AP
auth: # Filtered
mnt-by: MAINT-IN-NETMAGIC
changed: network@netmagicsolutions.com 20110119
source: APNIC

person: Sharad Sanghi
address: Mehra Industrial Estate,
address: Near Asha Usha Compound ,
address: LBS Marg Vikhroli(W),
address: Mumbai - 400 079
country: IN
phone: +91 022-67851799
phone: +91 022-40411799
fax-no: +91 22-67851501
fax-no: +91 22-40411501
e-mail: network@netmagicsolutions.com
nic-hdl: SS87-AP
mnt-by: MAINT-IN-NETMAGIC
changed: prasanna@netmagicsolutions.com 20090923
changed: hm-changed@apnic.net 20090928
changed: hm-changed@apnic.net 20090930
source: APNIC

% Information related to '123.108.45.0/24AS17439'

route: 123.108.45.0/24
descr: NETMAGIC_DATACENTER
origin: AS17439
mnt-by: MAINT-IN-NETMAGIC
changed: nitink@netmagicsolutions.com 20081128
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.95.149.187

Hi,

The IP 112.95.149.187 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 112.95.149.187:

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.88.0.0 - 112.95.255.255'

inetnum: 112.88.0.0 - 112.95.255.255
netname: UNICOM-GD
descr: China Unicom Guangdong province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: RP181-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-GD
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
mnt-irt: IRT-CU-CN
changed: hm-changed@apnic.net 20090112
changed: hm-changed@apnic.net 20090507
changed: hm-changed@apnic.net 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: zhouxm@chinaunicom.cn
abuse-mailbox: zhouxm@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: zhouxm@chinaunicom.cn 20101110
changed: hm-changed@apnic.net 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@cnc-noc.net
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: abuse@cnc-noc.net 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: runkeng pan
nic-hdl: RP181-AP
e-mail: wangjj238@chinaunicom.cn
address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
phone: +86-20-22214174
fax-no: +86-20-22212266-4174
country: CN
changed: wangjj238@chinaunicom.cn 20071221
mnt-by: MAINT-CNCGROUP-GD
source: APNIC

% Information related to '112.88.0.0/13AS17816'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS17816
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% Information related to '112.88.0.0/13AS4837'

route: 112.88.0.0/13
descr: China Unicom CHINA169 Guangdong Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20090112
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 202.102.219.38

Hi,

The IP 202.102.219.38 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 202.102.219.38:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '202.102.219.32 - 202.102.219.47'

inetnum: 202.102.219.32 - 202.102.219.47
netname: LIUAN-GOV
descr: liuan gov
country: CN
admin-c: JW89-AP
tech-c: JW89-AP
mnt-by: MAINT-CHINANET-AH
status: ASSIGNED NON-PORTABLE
changed: wjn@mail.hf.ah.cn 20010109
changed: hm-changed@apnic.net 20040928
changed: hm-changed@apnic.net 20040928
source: APNIC

person: Jinneng Wang
address: 17/F, Postal Building No.120 Changjiang
address: Middle Road, Hefei, Anhui, China
country: CN
phone: +86-551-2659073
fax-no: +86-551-2659287
e-mail: wang@mail.hf.ah.cninfo.net
nic-hdl: JW89-AP
mnt-by: MAINT-NEW
changed: wang@mail.hf.ah.cninfo.net 19990818
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 67.208.117.162

Hi,

The IP 67.208.117.162 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 67.208.117.162:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 67.208.117.162"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=67.208.117.162?showDetails=true&showARIN=false&ext=netref2
#

Jeyan Snyers CRUCIALUS (NET-67-208-117-160-1) 67.208.117.160 - 67.208.117.167
Crucial Paradigm CRUCIALP (NET-67-208-112-0-1) 67.208.112.0 - 67.208.127.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 31.199.3.178

Hi,

The IP 31.199.3.178 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 31.199.3.178:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '31.199.3.160 - 31.199.3.191'

% Abuse contact for '31.199.3.160 - 31.199.3.191' is 'abuse@business.telecomitalia.it'

inetnum: 31.199.3.160 - 31.199.3.191
netname: ERICSSON-TELECOMUNICAZIONI
descr: ERICSSON TELECOMUNICAZIONI S.P.A.
country: IT
admin-c: PT6067-RIPE
tech-c: PT6067-RIPE
status: ASSIGNED PA
mnt-by: INTERB-MNT
source: RIPE # Filtered

person: PIERO TOLLIS
address: ERICSSON TELECOMUNICAZIONI S.P.A.
address: VIA ANAGNINA 203
address: 00100 ROMA
address: IT
phone: +39 0672582887
nic-hdl: PT6067-RIPE
mnt-by: INTERB-MNT
source: RIPE # Filtered

% Information related to '31.198.0.0/15AS3269'

route: 31.198.0.0/15
descr: INTERBUSINESS
origin: AS3269
remarks: ************************************************
remarks: * Pay attention *
remarks: * Any communication sent to email different *
remarks: * from the following will be ignored! *
remarks: * Any abuse reports, please send them to *
remarks: * abuse@business.telecomitalia.it *
remarks: ************************************************
mnt-by: INTERB-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS4)

Regards,

Fail2Ban

Sunday, 10 November 2013

[Fail2Ban] SSH: banned 221.12.29.170

Hi,

The IP 221.12.29.170 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 221.12.29.170:

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '221.12.29.168 - 221.12.29.175'

inetnum: 221.12.29.168 - 221.12.29.175
netname: HANGZHOUBANSHANDIANCHANGHZ
country: CN
descr: HANGZHOUBANSHANDIANCHANG,HANGZHOU,ZHEJIANG
admin-c: JQ16-AP
tech-c: JQ16-AP
status: ASSIGNED NON-PORTABLE
changed: ipmaster@zjnetcom.com 20100903
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

person: Jianhuaq Qian
nic-hdl: JQ16-AP
e-mail: zj_ipmaster@126.com
address: No 1336,BinAn Road,Hangzhou, Zhejiang,China
phone: +86-571-28868063
fax-no: +86-571-28868069
country: CN
changed: zj_ipmaster@126.com 20130709
mnt-by: MAINT-CNCGROUP-ZJ
source: APNIC

% Information related to '221.12.0.0/17AS4837'

route: 221.12.0.0/17
descr: CNC Group CHINA169 Zhejiang Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 92.42.248.54

Hi,

The IP 92.42.248.54 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 92.42.248.54:

[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '92.42.248.0 - 92.42.255.255'

% Abuse contact for '92.42.248.0 - 92.42.255.255' is 'abuse@oriontelekom.rs'

inetnum: 92.42.248.0 - 92.42.255.255
netname: RS-ORIONTELEKOM-20071231
descr: Drustvo za telekomunikacije Orion telekom doo Beograd, Gandijeva 76a
country: RS
org: ORG-MW1-RIPE
admin-c: VZ525-RIPE
tech-c: OTN7-RIPE
status: ALLOCATED PA
remarks: Please send abuse reports to abuse@oriontelekom.rs
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: ORIONTELEKOM-MNT
mnt-domains: ORIONTELEKOM-MNT
mnt-routes: ORIONTELEKOM-MNT
source: RIPE # Filtered

organisation: ORG-MW1-RIPE
org-name: Drustvo za telekomunikacije Orion telekom doo Beograd, Gandijeva 76a
org-type: LIR
address: Orion Telekom
address: Jelena Lalic
address: Gandijeva 76a
address: 11070
address: Belgrade
address: SERBIA
phone: +381 11 2228 333
fax-no: +381 11 2228 334
remarks: Please send abuse reports to abuse@oriontelekom.rs
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: ORIONTELEKOM-MNT
mnt-by: RIPE-NCC-HM-MNT
tech-c: OTN7-RIPE
admin-c: OTN7-RIPE
admin-c: BL3549-RIPE
admin-c: TERZ1-RIPE
admin-c: VZ525-RIPE
admin-c: ZA1048-RIPE
abuse-c: OTN7-RIPE
source: RIPE # Filtered

role: Orion Telekom NOC
address: Orion Telekom
address: Gandijeva 76a, Belgrade, Serbia
phone: +381 11 2228 388
fax-no: +381 11 2228 334
remarks: *******************************************************************
remarks: Please send abuse reports to abuse@oriontelekom.rs
remarks: *******************************************************************
abuse-mailbox: abuse@oriontelekom.rs
admin-c: TERZ1-RIPE
admin-c: BL3549-RIPE
admin-c: ZA1048-RIPE
tech-c: VG1799-RIPE
nic-hdl: OTN7-RIPE
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

person: Vladimir Zolnjan
address: Orion Telekom NOC
address: Gandijeva 76a
address: Belgrade, Serbia
phone: +381 11 2228 388
nic-hdl: VZ525-RIPE
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

% Information related to '92.42.248.0/22AS9125'

route: 92.42.248.0/22
descr: Orion Telekom ISP IP network
origin: AS9125
mnt-by: ORIONTELEKOM-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.69 (WHOIS2)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 216.53.198.34

Hi,

The IP 216.53.198.34 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 216.53.198.34:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 216.53.198.34"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=216.53.198.34?showDetails=true&showARIN=false&ext=netref2
#

NetRange: 216.53.128.0 - 216.53.255.255
CIDR: 216.53.128.0/17
OriginAS:
NetName: MPRD-MPINET
NetHandle: NET-216-53-128-0-1
Parent: NET-216-0-0-0-0
NetType: Direct Allocation
Comment: For abuse and/or spam complaints, please email
Comment: abuse@mpinet.com.
RegDate: 1999-06-10
Updated: 2012-03-02
Ref: http://whois.arin.net/rest/net/NET-216-53-128-0-1

OrgName: MPInet
OrgId: MPRD
Address: 1101 N. Keller Rd.
Address: Suite B
City: Orlando
StateProv: FL
PostalCode: 32810
Country: US
RegDate: 1999-06-10
Updated: 2011-11-30
Ref: http://whois.arin.net/rest/org/MPRD

OrgNOCHandle: IAS6-ARIN
OrgNOCName: IP Admin Services
OrgNOCPhone: +1-407-660-7900
OrgNOCEmail: ipadmin@mpinet.com
OrgNOCRef: http://whois.arin.net/rest/poc/IAS6-ARIN

OrgTechHandle: IAS6-ARIN
OrgTechName: IP Admin Services
OrgTechPhone: +1-407-660-7900
OrgTechEmail: ipadmin@mpinet.com
OrgTechRef: http://whois.arin.net/rest/poc/IAS6-ARIN

OrgAbuseHandle: IAS6-ARIN
OrgAbuseName: IP Admin Services
OrgAbusePhone: +1-407-660-7900
OrgAbuseEmail: ipadmin@mpinet.com
OrgAbuseRef: http://whois.arin.net/rest/poc/IAS6-ARIN

RTechHandle: IAS6-ARIN
RTechName: IP Admin Services
RTechPhone: +1-407-660-7900
RTechEmail: ipadmin@mpinet.com
RTechRef: http://whois.arin.net/rest/poc/IAS6-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 209.124.34.11

Hi,

The IP 209.124.34.11 has just been banned by Fail2Ban after
5 attempts against SSH.


Here are more information about 209.124.34.11:

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 209.124.34.11"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=209.124.34.11?showDetails=true&showARIN=false&ext=netref2
#

123.Net, Inc. 123NET-BLK-I123-7 (NET-209-124-32-0-1) 209.124.32.0 - 209.124.63.255
VR Metro LLC I123-209124034000- (NET-209-124-34-0-1) 209.124.34.0 - 209.124.34.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Regards,

Fail2Ban