Wednesday, 9 August 2017

[Fail2Ban] ProFTPD: banned 121.9.233.242 from vps297345.ovh.net

Hi,

The IP 121.9.233.242 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 121.9.233.242 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '121.9.233.240 - 121.9.233.247'

% Abuse contact for '121.9.233.240 - 121.9.233.247' is '[email protected]'

inetnum: 121.9.233.240 - 121.9.233.247
netname: Foshan-SSLP-Gov
descr: Foshan-SanShuiLePing-Government
country: CN
admin-c: FS-AP
tech-c: IC83-AP
mnt-by: MAINT-CHINANET-GD
changed: [email protected] 20080702
status: Allocated non-portable
source: APNIC

person: FOSHAN WANJIAN
address: No.202, Fen Jiang Nan Road, Foshan, China
country: CN
phone: +86-757-83103777
e-mail: [email protected]
remarks: IPMASTER is not for spam complaint,please send spam complaint to [email protected]
nic-hdl: FS-AP
mnt-by: MAINT-CHINANET-GD
changed: [email protected] 20080328
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: [email protected]
address: NO.18,RO. ZHONGSHANER,YUEXIU DISTRIC,GUANGZHOU
phone: +86-20-87189274
fax-no: +86-20-87189274
country: CN
changed: [email protected] 20110418
changed: [email protected] 20140922
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to [email protected]
abuse-mailbox: [email protected]
source: APNIC

% Information related to '121.8.0.0/13AS4134'

route: 121.8.0.0/13
descr: From Guangdong Network of ChinaTelecom
origin: AS4134
mnt-by: MAINT-CHINANET
changed: [email protected] 20060707
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 84.238.31.112 from vps297345.ovh.net

Hi,

The IP 84.238.31.112 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 84.238.31.112 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '84.238.31.0 - 84.238.31.255'

% Abuse contact for '84.238.31.0 - 84.238.31.255' is '[email protected]'

inetnum: 84.238.31.0 - 84.238.31.255
netname: BNAA-DHCP
country: DK
admin-c: BNCR1-RIPE
tech-c: BNCR1-RIPE
status: ASSIGNED PA
mnt-by: MNT-BNAA
created: 2017-04-25T10:08:39Z
last-modified: 2017-04-25T10:08:39Z
source: RIPE

role: BNAA Network Contact Role
address: Elkjaervej 30-32
admin-c: MD3522-RIPE
tech-c: SBE26-RIPE
admin-c: SBE26-RIPE
nic-hdl: BNCR1-RIPE
mnt-by: MNT-BNAA
created: 2004-08-02T18:38:54Z
last-modified: 2016-10-28T14:03:58Z
source: RIPE # Filtered
abuse-mailbox: [email protected]

% Information related to '84.238.0.0/17AS33796'

route: 84.238.0.0/17
descr: Internal adresses for infrastructure components
+
abuse: [email protected]
other: [email protected]
origin: AS33796
mnt-by: MNT-BNAA
created: 2004-08-02T20:50:31Z
last-modified: 2004-08-02T20:50:31Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.63.166.81 from vps297345.ovh.net

Hi,

The IP 59.63.166.81 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 59.63.166.81 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.62.0.0 - 59.63.255.255'

% Abuse contact for '59.62.0.0 - 59.63.255.255' is '[email protected]'

inetnum: 59.62.0.0 - 59.63.255.255
netname: CHINANET-JX
descr: CHINANET Jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: JN113-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
source: APNIC
mnt-irt: IRT-CHINANET-CN
changed: [email protected] 20050208

irt: IRT-CHINANET-CN
address: No.31 ,jingrong street,beijing
address: 100032
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: CH93-AP
tech-c: CH93-AP
auth: # Filtered
mnt-by: MAINT-CHINANET
changed: [email protected] 20101115
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: [email protected]
remarks: send spam reports to [email protected]
remarks: and abuse reports to [email protected]
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: [email protected]
mnt-by: MAINT-IP-WWF
changed: [email protected] 20020812
changed: [email protected] 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: [email protected]
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: [email protected] 20070416
changed: [email protected] 20140227
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 203.206.111.79 from vps297345.ovh.net

Hi,

The IP 203.206.111.79 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 203.206.111.79 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '203.206.0.0 - 203.206.255.255'

% Abuse contact for '203.206.0.0 - 203.206.255.255' is '[email protected]'

inetnum: 203.206.0.0 - 203.206.255.255
netname: IINET-AU
descr: iiNet Limited
descr: Locked Bag 16
descr: Cloisters Square, WA, 6850
country: AU
admin-c: NO20-AP
tech-c: NO20-AP
remarks: For abuse/UCE issues, please mail [email protected].
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-AU-IINET
mnt-irt: IRT-IINET-AU
changed: [email protected] 20010816
changed: [email protected] 20031017
changed: [email protected] 20031208
changed: [email protected] 20040726
source: APNIC

irt: IRT-IINET-AU
address: iiNet Limited
address: Level 9, 250 St Georges Tce
address: Perth
address: WA 6000
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: IH207-AP
tech-c: IH207-AP
auth: # Filtered
mnt-by: MAINT-AU-IH207-AP
changed: [email protected] 20101215
source: APNIC

person: Network Operations
nic-hdl: NO20-AP
e-mail: [email protected]
address: iiNet Limited
address: Level 1
address: 502 Hay Street
address: Subiaco WA 6008
phone: +61 8 9214 2222
fax-no: +61 8 9214 2211
country: AU
changed: [email protected] 20110328
mnt-by: MAINT-AU-IINET
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] ProFTPD: banned 123.191.225.164 from vps297345.ovh.net

Hi,

The IP 123.191.225.164 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 123.191.225.164 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '123.188.0.0 - 123.191.255.255'

% Abuse contact for '123.188.0.0 - 123.191.255.255' is '[email protected]'

inetnum: 123.188.0.0 - 123.191.255.255
netname: UNICOM-LN
descr: China Unicom Liaoning province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: GZ84-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP
mnt-lower: MAINT-CNCGROUP-LN
mnt-routes: MAINT-CNCGROUP-RR
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-irt: IRT-CU-CN
changed: [email protected] 20070305
changed: [email protected] 20090508
source: APNIC

irt: IRT-CU-CN
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
changed: [email protected] 20101110
changed: [email protected] 20101116
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: [email protected]
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
changed: [email protected] 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Guangyu Zhan
nic-hdl: GZ84-AP
e-mail: [email protected]
address: DATA Communication Bureau of Liaoning Province,China
address: 38 Lianhe Road,Dadong District Shenyang 110044,China
phone: +86-24-22800809
fax-no: +86-24-22800077
country: CN
changed: [email protected] 20090803
mnt-by: MAINT-CNCGROUP-LN
source: APNIC

% Information related to '123.188.0.0/14AS4837'

route: 123.188.0.0/14
descr: CNC Group CHINA169 Liaoning Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: [email protected] 20070321
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK3)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 109.246.221.3 from vps297345.ovh.net

Hi,

The IP 109.246.221.3 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 109.246.221.3 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '109.246.0.0 - 109.246.255.255'

% Abuse contact for '109.246.0.0 - 109.246.255.255' is '[email protected]'

inetnum: 109.246.0.0 - 109.246.255.255
netname: UK-RELISH-20091119
country: GB
org: ORG-KP2-RIPE
admin-c: JB14206-RIPE
tech-c: KN56-RIPE
tech-c: JB14206-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: keycom-maint
mnt-lower: MNT-mediaforceuk
mnt-lower: keycom-maint
mnt-routes: MNT-mediaforceuk
mnt-routes: ENTANET-MNT
created: 2009-11-19T10:39:40Z
last-modified: 2016-09-15T16:04:45Z
source: RIPE # Filtered

organisation: ORG-KP2-RIPE
org-name: Relish Networks PLC
org-type: LIR
address: University Court, Staffordshire Technology Park
address: ST18 0ES
address: Stafford
address: UNITED KINGDOM
phone: +44 1785 717777
fax-no: +44 1785 717888
admin-c: SB23207-RIPE
admin-c: AD1239-RIPE
abuse-c: KAC16-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: keycom-maint
mnt-by: RIPE-NCC-HM-MNT
mnt-by: keycom-maint
created: 2004-04-17T12:17:21Z
last-modified: 2016-10-19T08:56:56Z
source: RIPE # Filtered

role: Keycom NOC
address: Keycom Plc
address: University Court
address: Staffordshire Technology Park
address: Stafford, ST18 0ES
admin-c: AD1239-RIPE
admin-c: SB23207-RIPE
tech-c: AD1239-RIPE
tech-c: SB23207-RIPE
nic-hdl: KN56-RIPE
mnt-by: KEYCOM-MAINT
created: 2009-07-07T12:42:35Z
last-modified: 2016-10-19T08:56:06Z
source: RIPE # Filtered

person: John Bent
address: Keycom Plc
address: University Court
address: Staffordshire Technology Park
address: Stafford
address: ST18 0ES
address: GB
phone: +44 1785 7617535
nic-hdl: JB14206-RIPE
created: 1970-01-01T00:00:00Z
last-modified: 2016-04-05T20:18:42Z
mnt-by: RIPE-NCC-LOCKED-MNT
source: RIPE

% Information related to '109.246.208.0/20AS25178'

route: 109.246.208.0/20
descr: Keycom PLC
descr: University Court
descr: Stafford, Staffordshire
descr: ST18 0ES, UK
origin: AS25178
mnt-by: KEYCOM-MAINT
created: 2013-09-03T15:19:51Z
last-modified: 2013-09-03T15:19:51Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (ANGUS)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 151.80.40.214 from vps297345.ovh.net

Hi,

The IP 151.80.40.214 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 151.80.40.214 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '151.80.32.0 - 151.80.47.255'

% No abuse contact registered for 151.80.32.0 - 151.80.47.255

inetnum: 151.80.32.0 - 151.80.47.255
netname: OVH
descr: OVH SAS
descr: Dedicated Servers Static IP
descr: http://www.ovh.com
country: FR
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: LEGACY
mnt-by: OVH-MNT
created: 2015-04-01T12:24:28Z
last-modified: 2015-04-01T12:24:28Z
source: RIPE

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE # Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2010-10-05T08:51:16Z
source: RIPE # Filtered

% Information related to '151.80.0.0/16AS16276'

route: 151.80.0.0/16
descr: OVH
origin: AS16276
mnt-by: OVH-MNT
created: 2015-01-22T17:55:49Z
last-modified: 2015-01-22T17:55:49Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (ANGUS)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 194.28.115.112 from vps297345.ovh.net

Hi,

The IP 194.28.115.112 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 194.28.115.112 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '194.28.112.0 - 194.28.115.255'

% Abuse contact for '194.28.112.0 - 194.28.115.255' is '[email protected]'

inetnum: 194.28.112.0 - 194.28.115.255
netname: Specialist-ISP-PI2
country: NL
org: ORG-NSL22-RIPE
admin-c: AP22400-RIPE
tech-c: AP22400-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: MNT-NETSYS
mnt-routes: MNT-HOSTMASTER
mnt-domains: MNT-NETSYS
created: 2010-04-29T12:09:39Z
last-modified: 2016-04-14T10:37:02Z
source: RIPE
sponsoring-org: ORG-RM4-RIPE

organisation: ORG-NSL22-RIPE
org-name: Network Systems Ltd.
org-type: OTHER
address: Furmanova, 1
abuse-c: AR18558-RIPE
mnt-ref: MNT-NETSYS
mnt-by: MNT-NETSYS
created: 2013-06-25T12:45:44Z
last-modified: 2014-02-25T07:45:52Z
source: RIPE # Filtered

person: Alexander Pichkurenko
address: Butlerova, 7
address: Moscow
address: Russia
phone: +7-495-22-55-729
nic-hdl: AP22400-RIPE
mnt-by: MNT-HOSTMASTER
created: 2014-05-28T06:51:03Z
last-modified: 2014-05-28T06:51:03Z
source: RIPE

% Information related to '194.28.115.0/24AS50968'

route: 194.28.115.0/24
descr: Network Systems Ltd.
origin: AS50968
mnt-by: MNT-HOSTMASTER
created: 2015-04-05T07:54:12Z
last-modified: 2015-04-05T07:54:12Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 74.58.161.58 from vps297345.ovh.net

Hi,

The IP 74.58.161.58 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 74.58.161.58 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 74.58.161.58"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=74.58.161.58?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Videotron Ltee VL-D-MR-4A3AA100 (NET-74-58-161-0-1) 74.58.161.0 - 74.58.161.255
Le Groupe Videotron Ltee VL-19BL (NET-74-56-0-0-1) 74.56.0.0 - 74.59.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 51.255.204.197 from vps297345.ovh.net

Hi,

The IP 51.255.204.197 has just been banned by Fail2Ban after
7 attempts against SSH.


Here is more information about 51.255.204.197 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '51.254.0.0 - 51.255.255.255'

% Abuse contact for '51.254.0.0 - 51.255.255.255' is '[email protected]'

inetnum: 51.254.0.0 - 51.255.255.255
netname: FR-OVH-20150522
descr: OVH SAS
country: FR
admin-c: OTC2-RIPE
tech-c: OTC2-RIPE
status: LEGACY
mnt-by: OVH-MNT
created: 2015-05-26T08:55:56Z
last-modified: 2015-05-27T15:52:47Z
source: RIPE
org: ORG-OS3-RIPE

organisation: ORG-OS3-RIPE
org-name: OVH SAS
org-type: LIR
address: 2 rue Kellermann
address: 59100
address: Roubaix
address: FRANCE
phone: +33972101007
abuse-c: AR15333-RIPE
admin-c: OTC2-RIPE
admin-c: OK217-RIPE
admin-c: GM84-RIPE
mnt-ref: OVH-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
abuse-mailbox: [email protected]
created: 2004-04-17T11:23:17Z
last-modified: 2017-05-30T07:24:52Z
source: RIPE # Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE # Filtered

% Information related to '51.254.0.0/15AS16276'

route: 51.254.0.0/15
descr: OVH
origin: AS16276
mnt-by: OVH-MNT
created: 2015-05-28T17:50:05Z
last-modified: 2015-05-28T17:50:05Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (WAGYU)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 52.175.25.240 from vps297345.ovh.net

Hi,

The IP 52.175.25.240 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 52.175.25.240 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 52.175.25.240"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=52.175.25.240?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 52.145.0.0 - 52.191.255.255
CIDR: 52.148.0.0/14, 52.152.0.0/13, 52.146.0.0/15, 52.160.0.0/11, 52.145.0.0/16
NetName: MSFT
NetHandle: NET-52-145-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Assignment
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-11-24
Updated: 2015-11-24
Ref: https://whois.arin.net/rest/net/NET-52-145-0-0-1



OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-09
Updated: 2017-01-28
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * [email protected].
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * [email protected].
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * [email protected]
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * [email protected]
Ref: https://whois.arin.net/rest/org/MSFT


OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/MAC74-ARIN

OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/MRPD-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 121.155.46.238 from vps297345.ovh.net

Hi,

The IP 121.155.46.238 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 121.155.46.238 :

[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 121.155.46.238


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 121.128.0.0 - 121.159.255.255 (/11)
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
서비스명 : KORNET
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90
우편번호 : 13606
í• ë&lsqauo;¹ì¼ìž : 20060417

이름 : IP주소 ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : [email protected]

--------------------------------------------------------------------------------

조회하ì&lsqauo;  IPv4주소에 대한 위 관리대행자의 사용자 í• ë&lsqauo;¹ì •ë³´ê°€ 존재하지 않습ë&lsqauo;ˆë&lsqauo;¤.


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 121.128.0.0 - 121.159.255.255 (/11)
Organization Name : Korea Telecom
Service Name : KORNET
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
Zip Code : 13606
Registration Date : 20060417

Name : IP Manager
Phone : +82-2-500-6630
E-Mail : [email protected]


- KISA/KRNIC WHOIS Service -

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 45.22.26.95 from vps297345.ovh.net

Hi,

The IP 45.22.26.95 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 45.22.26.95 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 45.22.26.95"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=45.22.26.95?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 45.16.0.0 - 45.31.255.255
CIDR: 45.16.0.0/12
NetName: SIS-80-11-25-2014
NetHandle: NET-45-16-0-0-1
Parent: NET45 (NET-45-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS7132
Organization: AT&T Internet Services (SIS-80)
RegDate: 2014-12-11
Updated: 2014-12-11
Comment: For policy abuse issues contact [email protected]
Comment: AT&T Internet Services - Legal Compliance Group
Comment: 1010 N. St. Mary's St., Rm. 315-A2
Comment: San Antonio, TX 78215
Comment: Legal Compliance Group (Fax) 707-435-6409
Ref: https://whois.arin.net/rest/net/NET-45-16-0-0-1



OrgName: AT&T Internet Services
OrgId: SIS-80
Address: 3300 E Renner Rd
Address: Mailroom B2139
Address: Attn:IP Management
City: Richardson
StateProv: TX
PostalCode: 75082
Country: US
RegDate: 2000-06-20
Updated: 2017-05-30
Comment: For policy abuse issues contact [email protected]
Comment: For all subpoena, Internet, court order related matters and emergency requests contact
Comment: 11760 US Highway 1
Comment: North Palm Beach, FL 33408
Comment: Main Number: 800-635-6840
Comment: Fax: 888-938-4715
Ref: https://whois.arin.net/rest/org/SIS-80


OrgTechHandle: IPADM2-ARIN
OrgTechName: IPAdmin ATT Internet Services
OrgTechPhone: +1-888-510-5545
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/IPADM2-ARIN

OrgAbuseHandle: ABUSE6-ARIN
OrgAbuseName: Abuse ATT Internet Services
OrgAbusePhone: +1-919-319-8167
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE6-ARIN

OrgNOCHandle: SUPPO-ARIN
OrgNOCName: Support ATT Internet Services
OrgNOCPhone: +1-888-510-5545
OrgNOCEmail: [email protected]
OrgNOCRef: https://whois.arin.net/rest/poc/SUPPO-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 112.35.32.81 from vps297345.ovh.net

Hi,

The IP 112.35.32.81 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 112.35.32.81 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '112.0.0.0 - 112.63.255.255'

% Abuse contact for '112.0.0.0 - 112.63.255.255' is '[email protected]'

inetnum: 112.0.0.0 - 112.63.255.255
netname: CMNET
descr: China Mobile Communications Corporation
descr: Mobile Communications Network Operator in China
descr: Internet Service Provider in China
country: CN
admin-c: lcj-AP
tech-c: HL1318-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CN-CMCC
mnt-routes: MAINT-CN-CMCC
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
source: APNIC
mnt-irt: IRT-CHINAMOBILE2-CN
changed: [email protected] 20081215

irt: IRT-CHINAMOBILE2-CN
address: China Mobile Communications Corporation
address: 29, Jinrong Ave., Xicheng District, Beijing, 100032
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: JS686-AP
tech-c: CT74-AP
auth: # Filtered
mnt-by: MAINT-CN-CMCC
changed: [email protected] 20101123
source: APNIC

person: haijun li
nic-hdl: HL1318-AP
e-mail: [email protected]
address: 29,Jinrong Ave, Xicheng district,beijing,100032
phone: +86 1052686688
fax-no: +86 10 52616187
country: CN
changed: [email protected] 20161129
mnt-by: MAINT-CN-CMCC
abuse-mailbox: [email protected]
source: APNIC

person: li changjun
address: 29 jinrong ave. xicheng district, beijing China
country: CN
phone: +86 52686688
e-mail: [email protected]
nic-hdl: lcj-ap
mnt-by: MAINT-CN-CMCC
changed: [email protected] 20071010
source: APNIC

% Information related to '112.32.0.0/13AS9808'

route: 112.32.0.0/13
descr: China Mobile communications corporation
origin: AS9808
mnt-by: MAINT-CN-CMCC
changed: [email protected] 20091020
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 218.87.109.150 from vps297345.ovh.net

Hi,

The IP 218.87.109.150 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 218.87.109.150 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '218.87.0.0 - 218.87.255.255'

% Abuse contact for '218.87.0.0 - 218.87.255.255' is '[email protected]'

inetnum: 218.87.0.0 - 218.87.255.255
netname: CHINANET-JX
country: CN
descr: CHINANET jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
admin-c: CH93-AP
tech-c: JN113-AP
status: ALLOCATED NON-PORTABLE
changed: [email protected] 20020829
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-IP-WWF
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: [email protected]
remarks: send spam reports to [email protected]
remarks: and abuse reports to [email protected]
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: [email protected]
mnt-by: MAINT-IP-WWF
changed: [email protected] 20020812
changed: [email protected] 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: [email protected]
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: [email protected] 20070416
changed: [email protected] 20140227
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-35 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 14.34.27.163 from vps297345.ovh.net

Hi,

The IP 14.34.27.163 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 14.34.27.163 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[Redirected to whois.krnic.net]
[Querying whois.krnic.net]
[whois.krnic.net]
query : 14.34.27.163


# KOREAN(UTF8)

조회하ì&lsqauo;  IPv4주소ëŠ" 한국인터넷진흥원으로부터 아래의 관리대행자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.

[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 14.32.0.0 - 14.95.255.255 (/10)
기관명 : 주ì&lsqauo;íšŒì‚¬ 케이í&lsqauo;°
서비스명 : KORNET
주소 : 경기도 성남ì&lsqauo;œ 분ë&lsqauo;¹êµ¬ 불정로 90
우편번호 : 13606
í• ë&lsqauo;¹ì¼ìž : 20100805

이름 : IP주소 ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : [email protected]

조회하ì&lsqauo;  IPv4주소ëŠ" 위의 관리대행자로부터 아래의 사용자에게 í• ë&lsqauo;¹ë˜ì—ˆìœ¼ë©°, í• ë&lsqauo;¹ ì •ë³´ëŠ" ë&lsqauo;¤ìŒê³¼ 같습ë&lsqauo;ˆë&lsqauo;¤.
--------------------------------------------------------------------------------


[ 네트워크 í• ë&lsqauo;¹ ì •ë³´ ]
IPv4주소 : 14.34.27.0 - 14.34.27.255 (/24)
기관명 : (주) 케이í&lsqauo;°
네트워크 구분 : CUSTOMER
주소 : 인천ê´'ì—­ì&lsqauo;œ 연수구 연수2동
우편번호 : 406-112
í• ë&lsqauo;¹ë‚´ì—­ ë"±ë¡ì¼ : 20150317

이름 : IP주소 ë&lsqauo;´ë&lsqauo;¹ìž
ì „í™"번호 : +82-2-500-6630
전자우편 : [email protected]


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address : 14.32.0.0 - 14.95.255.255 (/10)
Organization Name : Korea Telecom
Service Name : KORNET
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
Zip Code : 13606
Registration Date : 20100805

Name : IP Manager
Phone : +82-2-500-6630
E-Mail : [email protected]

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address : 14.34.27.0 - 14.34.27.255 (/24)
Organization Name : KT
Network Type : CUSTOMER
Address : Yeonsu2-Dong Yeonsu-Gu Incheongwangyeok-Si
Zip Code : 406-112
Registration Date : 20150317

Name : IP Manager
Phone : +82-2-500-6630
E-Mail : [email protected]


- KISA/KRNIC WHOIS Service -

Regards,

Fail2Ban