Thursday, 6 July 2017

[Fail2Ban] SSH: banned 67.2.209.23 from vps297345.ovh.net

Hi,

The IP 67.2.209.23 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 67.2.209.23 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 67.2.209.23"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=67.2.209.23?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 67.0.0.0 - 67.7.255.255
CIDR: 67.0.0.0/13
NetName: QWEST-INET-14
NetHandle: NET-67-0-0-0-1
Parent: NET67 (NET-67-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Qwest Communications Company, LLC (QCC-18)
RegDate: 2001-07-26
Updated: 2013-09-16
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Ref: https://whois.arin.net/rest/net/NET-67-0-0-0-1



OrgName: Qwest Communications Company, LLC
OrgId: QCC-18
Address: 100 CENTURYLINK DR
City: Monroe
StateProv: LA
PostalCode: 71203
Country: US
RegDate: 2005-05-09
Updated: 2017-01-28
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Comment:
Comment: For abuse issues, please email [email protected]
Comment:
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Law Enforcement Support page https://www.centurylink.com/static/Pages/AboutUs/Legal/LawEnforcement/
Ref: https://whois.arin.net/rest/org/QCC-18


OrgAbuseHandle: CAD54-ARIN
OrgAbuseName: Centurylink Abuse Desk
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/CAD54-ARIN

OrgTechHandle: QIA-ARIN
OrgTechName: Qwest IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/QIA-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 91.197.232.109 from vps297345.ovh.net

Hi,

The IP 91.197.232.109 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 91.197.232.109 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.197.232.0 - 91.197.235.255'

% Abuse contact for '91.197.232.0 - 91.197.235.255' is '[email protected]'

inetnum: 91.197.232.0 - 91.197.235.255
netname: PLANET-TELECOM-NET
country: CZ
org: ORG-PTL7-RIPE
admin-c: PTN21-RIPE
tech-c: PTN21-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: MNT-PLANET-TELECOM
mnt-routes: MNT-PLANET-TELECOM
mnt-domains: MNT-PLANET-TELECOM
mnt-routes: MNT-3W-INFRA
created: 2007-09-18T09:04:58Z
last-modified: 2016-06-03T13:03:33Z
source: RIPE
sponsoring-org: ORG-NA225-RIPE

organisation: ORG-PTL7-RIPE
org-name: Planet Telecom Ltd.
org-type: OTHER
address: Sokolovska 395, 186 00 Praha 8, Prague, Czech Republic
abuse-c: PTN21-RIPE
mnt-ref: MNT-PLANET-TELECOM
mnt-by: MNT-PLANET-TELECOM
created: 2007-09-15T14:57:20Z
last-modified: 2016-03-23T09:42:12Z
source: RIPE # Filtered

role: Planet Telecom NOC
address: Sokolovska 395
address: 186 00 Praha 8
abuse-mailbox: [email protected]
address: Prague
address: Czech Republic
phone: +420234262111
nic-hdl: PTN21-RIPE
mnt-by: MNT-PLANET-TELECOM
created: 2016-03-15T20:48:44Z
last-modified: 2016-03-23T09:42:33Z
source: RIPE # Filtered

% Information related to '91.197.232.0/24AS43715'

route: 91.197.232.0/24
origin: AS43715
mnt-by: MNT-PLANET-TELECOM
created: 2016-03-23T09:37:31Z
last-modified: 2016-03-23T09:37:31Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (ANGUS)

Regards,

Fail2Ban

[Fail2Ban] ProFTPD: banned 112.29.170.189 from vps297345.ovh.net

Hi,

The IP 112.29.170.189 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 112.29.170.189 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.0.0.0 - 112.63.255.255'

inetnum: 112.0.0.0 - 112.63.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
admin-c: lcj-AP
tech-c: HL1318-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
mnt-routes: MAINT-CN-CMCC
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
source: APNIC
mnt-irt: IRT-CHINAMOBILE2-CN
changed: [email protected] 20081215

irt: IRT-CHINAMOBILE2-CN
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: JS686-AP
tech-c: CT74-AP
auth: # Filtered
mnt-by: MAINT-CN-CMCC
changed: [email protected] 20101123
source: APNIC

person: haijun li
nic-hdl: HL1318-AP
e-mail: [email protected]
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 1052686688
fax-no: +86 10 52616187
country: CN
changed: [email protected] 20161129
mnt-by: MAINT-CN-CMCC
abuse-mailbox: [email protected]
source: APNIC

person: li changjun
address: 29 jinrong ave. xicheng district, beijing China
country: CN
phone: +86 52686688
e-mail: [email protected]
nic-hdl: lcj-ap
mnt-by: MAINT-CN-CMCC
changed: [email protected] 20071010
source: APNIC

% Information related to '112.24.0.0/13AS9808'

route: 112.24.0.0/13
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: [email protected] 20091020
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 213.113.220.156 from vps297345.ovh.net

Hi,

The IP 213.113.220.156 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 213.113.220.156 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '213.113.208.0 - 213.113.223.255'

% Abuse contact for '213.113.208.0 - 213.113.223.255' is '[email protected]'

inetnum: 213.113.208.0 - 213.113.223.255
netname: B2-FAST
descr: B2 customers in upp2.se
country: SE
admin-c: BR3045-RIPE
tech-c: BR3045-RIPE
status: ASSIGNED PA
mnt-by: B2-MNT
mnt-routes: B2-MNT
created: 2014-09-09T09:18:15Z
last-modified: 2014-09-09T09:18:15Z
source: RIPE

role: Bredbandsbolaget Routing Registry
address: Box 4247
address: 102 65 Stockholm
address: Sweden
remarks: trouble: *********************************
remarks: trouble: Abuse related issues is reported
remarks: trouble: to [email protected]
remarks: trouble: Abuse issues sent to other e-mail
remarks: trouble: adresses will be discarded
remarks: trouble: *********************************
admin-c: JN1883-RIPE
admin-c: EB78-RIPE
admin-c: NE102-RIPE
admin-c: ARL1-RIPE
admin-c: CPE1-RIPE
tech-c: JN1883-RIPE
tech-c: EB78-RIPE
tech-c: NE102-RIPE
tech-c: ARL1-RIPE
tech-c: CPE1-RIPE
tech-c: MARK13-RIPE
nic-hdl: BR3045-RIPE
mnt-by: B2-MNT
abuse-mailbox: [email protected]
created: 2002-04-25T09:56:23Z
last-modified: 2014-09-01T13:41:55Z
source: RIPE # Filtered

% Information related to '213.112.0.0/14AS2119'

route: 213.112.0.0/14
descr: Broadband customers in Scandinavia
descr: Please report improper use to [email protected]
origin: AS2119
member-of: AS2119:RS-SE-B2
mnt-by: AS2119-MNT
created: 2007-06-08T07:39:19Z
last-modified: 2007-10-26T12:03:16Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.89.2 (WAGYU)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.87.109.151 from vps297345.ovh.net

Hi,

The IP 218.87.109.151 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 218.87.109.151 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.87.0.0 - 218.87.255.255'

inetnum: 218.87.0.0 - 218.87.255.255
netname: CHINANET-JX
country: CN
descr: CHINANET jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
admin-c: CH93-AP
tech-c: JN113-AP
status: ALLOCATED NON-PORTABLE
changed: [email protected] 20020829
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-IP-WWF
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: [email protected]
remarks: send spam reports to [email protected]
remarks: and abuse reports to [email protected]
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: [email protected]
mnt-by: MAINT-IP-WWF
changed: [email protected] 20020812
changed: [email protected] 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: [email protected]
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: [email protected] 20070416
changed: [email protected] 20140227
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] ProFTPD: banned 69.64.52.176 from vps297345.ovh.net

Hi,

The IP 69.64.52.176 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 69.64.52.176 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 69.64.52.176"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=69.64.52.176?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 69.64.32.0 - 69.64.63.255
CIDR: 69.64.32.0/19
NetName: HEGUS-1
NetHandle: NET-69-64-32-0-1
Parent: NET69 (NET-69-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS30083
Organization: HEG US Inc. (SERVE-6)
RegDate: 2003-07-30
Updated: 2017-03-01
Ref: https://whois.arin.net/rest/net/NET-69-64-32-0-1


OrgName: HEG US Inc.
OrgId: SERVE-6
Address: 210 North Tucker Blvd.
Address: Suite 910
City: Saint Louis
StateProv: MO
PostalCode: 63101
Country: US
RegDate: 2003-04-15
Updated: 2017-03-01
Ref: https://whois.arin.net/rest/org/SERVE-6


OrgNOCHandle: SWI19-ARIN
OrgNOCName: Wintz, Sascha
OrgNOCPhone: +1-314-300-2200
OrgNOCEmail: [email protected]
OrgNOCRef: https://whois.arin.net/rest/poc/SWI19-ARIN

OrgTechHandle: SWI19-ARIN
OrgTechName: Wintz, Sascha
OrgTechPhone: +1-314-300-2200
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/SWI19-ARIN

OrgAbuseHandle: HUAD-ARIN
OrgAbuseName: HEG US Abuse Department
OrgAbusePhone: +1-314-266-3638
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/HUAD-ARIN

RNOCHandle: SWI19-ARIN
RNOCName: Wintz, Sascha
RNOCPhone: +1-314-300-2200
RNOCEmail: [email protected]
RNOCRef: https://whois.arin.net/rest/poc/SWI19-ARIN

RAbuseHandle: HUAD-ARIN
RAbuseName: HEG US Abuse Department
RAbusePhone: +1-314-266-3638
RAbuseEmail: [email protected]
RAbuseRef: https://whois.arin.net/rest/poc/HUAD-ARIN

RTechHandle: SWI19-ARIN
RTechName: Wintz, Sascha
RTechPhone: +1-314-300-2200
RTechEmail: [email protected]
RTechRef: https://whois.arin.net/rest/poc/SWI19-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] ProFTPD: banned 166.62.39.130 from vps297345.ovh.net

Hi,

The IP 166.62.39.130 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 166.62.39.130 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 166.62.39.130"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=166.62.39.130?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 166.62.0.0 - 166.62.127.255
CIDR: 166.62.0.0/17
NetName: GO-DADDY-COM-LLC
NetHandle: NET-166-62-0-0-1
Parent: NET166 (NET-166-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS26496
Organization: GoDaddy.com, LLC (GODAD)
RegDate: 2012-11-14
Updated: 2014-02-25
Comment: Please send abuse complaints to [email protected]
Ref: https://whois.arin.net/rest/net/NET-166-62-0-0-1



OrgName: GoDaddy.com, LLC
OrgId: GODAD
Address: 14455 N Hayden Road
Address: Suite 226
City: Scottsdale
StateProv: AZ
PostalCode: 85260
Country: US
RegDate: 2007-06-01
Updated: 2014-09-10
Comment: Please send abuse complaints to [email protected]
Ref: https://whois.arin.net/rest/org/GODAD


OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-480-624-2505
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE51-ARIN

OrgNOCHandle: NOC124-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-480-505-8809
OrgNOCEmail: [email protected]
OrgNOCRef: https://whois.arin.net/rest/poc/NOC124-ARIN

OrgTechHandle: NOC124-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-480-505-8809
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/NOC124-ARIN

RTechHandle: NOC124-ARIN
RTechName: Network Operations Center
RTechPhone: +1-480-505-8809
RTechEmail: [email protected]
RTechRef: https://whois.arin.net/rest/poc/NOC124-ARIN

RNOCHandle: NOC124-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-480-505-8809
RNOCEmail: [email protected]
RNOCRef: https://whois.arin.net/rest/poc/NOC124-ARIN

RAbuseHandle: ABUSE51-ARIN
RAbuseName: Abuse Department
RAbusePhone: +1-480-624-2505
RAbuseEmail: [email protected]
RAbuseRef: https://whois.arin.net/rest/poc/ABUSE51-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 120.136.169.28 from vps297345.ovh.net

Hi,

The IP 120.136.169.28 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 120.136.169.28 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '120.136.128.0 - 120.136.191.255'

inetnum: 120.136.128.0 - 120.136.191.255
netname: DSNET
descr: Shanghai Data Solution Co., Ltd.
descr: 2F,NO.4Buliding 498 Guoshoujing Rd.Shanghai ZJ.Hi-Tech Park
country: CN
admin-c: WH127-AP
tech-c: YA31-AP
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
changed: [email protected] 20110405
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20110428
source: APNIC

person: Wu Haochen
address: 2F,NO.4Buliding 498 Guoshoujing Rd.Shanghai ZJ.Hi-Tech Park
country: CN
phone: +86-21-50800818-223
fax-no: +86-21-50800926
e-mail: [email protected]
nic-hdl: WH127-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20010625
source: APNIC

person: Yao Alex
address: 2F,NO.4Buliding 498 Guoshoujing Rd.Shanghai ZJ.Hi-Tech Park
country: CN
phone: +86-21-50800818-112
fax-no: +86-21-50800926
e-mail: [email protected]
nic-hdl: YA31-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20010716
source: APNIC

% Information related to '120.136.128.0/18AS23853'

route: 120.136.128.0/18
descr: Shanghai Data Solution Co., Ltd.
country: CN
origin: AS23853
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20090531
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)

Regards,

Fail2Ban

[Fail2Ban] ProFTPD: banned 200.10.66.94 from vps297345.ovh.net

Hi,

The IP 200.10.66.94 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 200.10.66.94 :

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2017-07-06 12:13:27 (BRT -03:00)

inetnum: 200.10.66.64/26
status: reassigned
owner: Computextos
ownerid: PE-COMP-LACNIC
address: Av. Arequipa 1583
address: Lima, Lima 27
country: PE
owner-c: JR2179-ARIN
created: 19970509
changed: 19970509
inetnum-up: 200.10.64/19
source: ARIN-HISTORIC

nic-hdl: JR2179-ARIN
person: Johnny Ramos
e-mail: [email protected]
address: Washington 1340
address: LimaLima1
country: PE
phone: +51-1-4333273
source: ARIN-HISTORIC

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.


Regards,

Fail2Ban

[Fail2Ban] SSH: banned 117.2.123.42 from vps297345.ovh.net

Hi,

The IP 117.2.123.42 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 117.2.123.42 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '117.2.0.0 - 117.2.255.255'

% Abuse contact for '117.2.0.0 - 117.2.255.255' is '[email protected]'

inetnum: 117.2.0.0 - 117.2.255.255
netname: ADSLDGNNANservice-Net
country: vn
descr: Dai IP cho dich vu ADSL DGN+NAN
admin-c: VIG4-AP
tech-c: VIG4-AP
status: ASSIGNED NON-PORTABLE
changed: [email protected] 20080317
mnt-by: MAINT-VN-VIETEL
source: APNIC

role: VIETEL IPADMIN GROUP
address: 1 Tran Huu Duc, My Dinh, Tu Liem, Hanoi
country: VN
phone: +84-4-62989898
e-mail: [email protected]
remarks: send spam and abuse report to [email protected]
admin-c: TVT8-AP
tech-c: NDT9-AP
nic-hdl: VIG4-AP
mnt-by: MAINT-VN-VIETEL
changed: [email protected] 20160621
source: APNIC

% Information related to '117.0.0.0/13AS7552'

route: 117.0.0.0/13
descr: Viettel Corporation
descr: Internet service/exchange provider
descr: VIETEL-AS-AP
country: VN
origin: AS7552
member-of: rs-vietel
remarks: mailto: [email protected]
notify: [email protected]
mnt-by: MAINT-VN-VIETEL
changed: [email protected] 20070612
changed: [email protected] 20131211
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 82.253.111.241 from vps297345.ovh.net

Hi,

The IP 82.253.111.241 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 82.253.111.241 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.248.0.0 - 82.255.255.255'

% Abuse contact for '82.248.0.0 - 82.255.255.255' is '[email protected]'

inetnum: 82.248.0.0 - 82.255.255.255
netname: FR-PROXAD-ADSL
descr: Proxad / Free SAS
descr: Dynamic pool (IP/ADSL)
descr: NCC#2005090519
country: FR
admin-c: ACP23-RIPE
tech-c: TCP8-RIPE
status: ASSIGNED PA
remarks: Spam/Abuse requests: mailto:[email protected]
mnt-by: PROXAD-MNT
created: 2005-09-29T12:52:43Z
last-modified: 2005-09-29T12:52:43Z
source: RIPE

role: Administrative Contact for ProXad
address: Free SAS / ProXad
address: 8, rue de la Ville L'Eveque
address: 75008 Paris
phone: +33 1 73 50 20 00
fax-no: +33 1 73 92 25 69
remarks: trouble: Information: http://www.proxad.net/
remarks: trouble: Spam/Abuse requests: mailto:[email protected]
admin-c: APfP1-RIPE
tech-c: TPfP1-RIPE
nic-hdl: ACP23-RIPE
mnt-by: PROXAD-MNT
abuse-mailbox: [email protected]
created: 2002-06-26T12:46:56Z
last-modified: 2013-08-01T12:16:00Z
source: RIPE # Filtered

role: Technical Contact for ProXad
address: Free SAS / ProXad
address: 8, rue de la Ville L'Eveque
address: 75008 Paris
phone: +33 1 73 50 20 00
fax-no: +33 1 73 92 25 69
remarks: trouble: Information: http://www.proxad.net/
remarks: trouble: Spam/Abuse requests: mailto:[email protected]
admin-c: APfP1-RIPE
tech-c: TPfP1-RIPE
nic-hdl: TCP8-RIPE
mnt-by: PROXAD-MNT
created: 2002-06-26T12:29:10Z
last-modified: 2011-06-14T09:03:07Z
source: RIPE # Filtered
abuse-mailbox: [email protected]

% Information related to '82.224.0.0/11AS12322'

route: 82.224.0.0/11
descr: ProXad network / Free SAS
descr: Paris, France
origin: AS12322
mnt-by: PROXAD-MNT
created: 2003-11-04T13:26:17Z
last-modified: 2003-11-04T13:26:17Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.89.2 (ANGUS)

Regards,

Fail2Ban