Sunday, 27 August 2017

[Fail2Ban] SSH: banned 82.228.240.199 from vps297345.ovh.net

Hi,

The IP 82.228.240.199 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 82.228.240.199 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '82.228.240.0 - 82.228.241.255'

% Abuse contact for '82.228.240.0 - 82.228.241.255' is '[email protected]'

inetnum: 82.228.240.0 - 82.228.241.255
netname: FR-PROXAD-ADSL
descr: Proxad / Free SAS
descr: Static pool (Freebox)
descr: cimiez-1 (nice)
descr: NCC#2003105812
country: FR
admin-c: ACP23-RIPE
tech-c: TCP8-RIPE
status: ASSIGNED PA
remarks: Spam/Abuse requests: mailto:[email protected]
mnt-by: PROXAD-MNT
created: 2004-05-13T14:18:01Z
last-modified: 2004-05-13T14:18:01Z
source: RIPE

role: Administrative Contact for ProXad
address: Free SAS / ProXad
address: 8, rue de la Ville L'Eveque
address: 75008 Paris
phone: +33 1 73 50 20 00
fax-no: +33 1 73 92 25 69
remarks: trouble: Information: http://www.proxad.net/
remarks: trouble: Spam/Abuse requests: mailto:[email protected]
admin-c: APfP1-RIPE
tech-c: TPfP1-RIPE
nic-hdl: ACP23-RIPE
mnt-by: PROXAD-MNT
abuse-mailbox: [email protected]
created: 2002-06-26T12:46:56Z
last-modified: 2013-08-01T12:16:00Z
source: RIPE # Filtered

role: Technical Contact for ProXad
address: Free SAS / ProXad
address: 8, rue de la Ville L'Eveque
address: 75008 Paris
phone: +33 1 73 50 20 00
fax-no: +33 1 73 92 25 69
remarks: trouble: Information: http://www.proxad.net/
remarks: trouble: Spam/Abuse requests: mailto:[email protected]
admin-c: APfP1-RIPE
tech-c: TPfP1-RIPE
nic-hdl: TCP8-RIPE
mnt-by: PROXAD-MNT
created: 2002-06-26T12:29:10Z
last-modified: 2011-06-14T09:03:07Z
source: RIPE # Filtered
abuse-mailbox: [email protected]

% Information related to '82.224.0.0/11AS12322'

route: 82.224.0.0/11
descr: ProXad network / Free SAS
descr: Paris, France
origin: AS12322
mnt-by: PROXAD-MNT
created: 2003-11-04T13:26:17Z
last-modified: 2003-11-04T13:26:17Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.89.2 (ANGUS)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 195.54.14.97 from vps297345.ovh.net

Hi,

The IP 195.54.14.97 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 195.54.14.97 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '195.54.14.0 - 195.54.15.255'

% Abuse contact for '195.54.14.0 - 195.54.15.255' is '[email protected]'

inetnum: 195.54.14.0 - 195.54.15.255
netname: CHELSU
descr: Chelyabinsk State University
descr: educational and administration departments
country: RU
admin-c: LDV8-RIPE
tech-c: LDV8-RIPE
status: ASSIGNED PA
mnt-by: SURNET-MNT
mnt-by: MFIST-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2007-09-04T12:01:18Z
source: RIPE # Filtered

person: Lyudmila D Voronina
address: Chelyabinsk State University
address: 129, br. Kashirinykh str.
address: Chelyabinsk, 454021
address: Russia
phone: +7 3512 157129
fax-no: +7 3512 420925
nic-hdl: LDV8-RIPE
created: 1970-01-01T00:00:00Z
last-modified: 2016-04-05T16:00:24Z
mnt-by: RIPE-NCC-LOCKED-MNT
source: RIPE

% Information related to '195.54.0.0/20AS3239'

route: 195.54.0.0/20
descr: JSC "Uralsvyazinform" Chelyabinsk
origin: AS3239
mnt-by: SURNET-MNT
mnt-by: MFIST-MNT
remarks: ------------------ A T T E N T I O N! ------------------------
remarks: Please report SPAM and suspicious activity from this network
remarks: to [email protected] only. Any messages to any other address,
remarks: relative SPAM or security issues, will not be concerned.
remarks: ----------------------------------------------------------------
created: 2002-10-11T10:22:12Z
last-modified: 2007-09-04T12:25:34Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (WAGYU)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 109.101.153.162 from vps297345.ovh.net

Hi,

The IP 109.101.153.162 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 109.101.153.162 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '109.100.0.0 - 109.101.255.255'

% Abuse contact for '109.100.0.0 - 109.101.255.255' is '[email protected]'

inetnum: 109.100.0.0 - 109.101.255.255
netname: ROMTELECOM
descr: Romtelecom Data Network
country: RO
admin-c: AL3618-RIPE
tech-c: ANOC7-RIPE
status: ASSIGNED PA
mnt-by: MNT-ARTELECOM-LIR
mnt-lower: MNT-ARTELECOM-LIR
mnt-routes: MNT-ARTELECOM-LIR
mnt-domains: MNT-ARTELECOM-LIR
created: 2011-07-18T10:52:17Z
last-modified: 2011-07-18T10:52:17Z
source: RIPE

role: ARtelecom LIR
address: Garlei 1B sector 1 013721 Bucuresti Romania
abuse-mailbox: [email protected]
admin-c: DC478-RIPE
tech-c: CD297-RIPE
mnt-by: MNT-ARTELECOM-LIR
nic-hdl: AL3618-RIPE
created: 2005-05-17T07:29:26Z
last-modified: 2007-05-11T07:02:43Z
source: RIPE # Filtered

role: ARtelecom Network Operation Center
address: 100 Calea Vitan Str.
address: Bucuresti,sect 3, Romania
phone: +40-21-3029767
fax-no: +40-21-3130730
remarks: trouble: +---------------------------------------------------
remarks: trouble: | Abuse and Spam issues: [email protected] |
remarks: trouble: | * IN CASE OF HACK ATTACKS ILLEGAL ACTIVITY, |
remarks: trouble: | * VIOLATION, SCANS, PROBES, SPAM, ETC. * |
remarks: trouble: | DNS issues: [email protected] |
remarks: trouble: +---------------------------------------------------
remarks: 24x7 @ +40-21-3029768
admin-c: CD297-RIPE
tech-c: CD297-RIPE
tech-c: CI84-RIPE
nic-hdl: ANOC7-RIPE
mnt-by: ARTELECOM-MNT
created: 2002-08-21T08:19:48Z
last-modified: 2017-04-24T10:45:35Z
source: RIPE # Filtered

% Information related to '109.101.0.0/16AS9050'

route: 109.101.0.0/16
descr: Romtelecom
origin: AS9050
mnt-by: MNT-ARTELECOM-LIR
created: 2010-06-18T08:08:30Z
last-modified: 2010-06-18T08:08:30Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 91.197.232.109 from vps297345.ovh.net

Hi,

The IP 91.197.232.109 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 91.197.232.109 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.197.232.0 - 91.197.235.255'

% Abuse contact for '91.197.232.0 - 91.197.235.255' is '[email protected]'

inetnum: 91.197.232.0 - 91.197.235.255
netname: PLANET-TELECOM-NET
country: CZ
org: ORG-PTL7-RIPE
admin-c: PTN21-RIPE
tech-c: PTN21-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
remarks: mnt-by: MNT-PLANET-TELECOM
remarks: mnt-routes: MNT-PLANET-TELECOM
remarks: mnt-domains: MNT-PLANET-TELECOM
remarks: mnt-routes: MNT-3W-INFRA
created: 2007-09-18T09:04:58Z
last-modified: 2017-08-08T09:15:47Z
source: RIPE

organisation: ORG-PTL7-RIPE
org-name: Planet Telecom Ltd.
org-type: OTHER
address: Sokolovska 395, 186 00 Praha 8, Prague, Czech Republic
abuse-c: PTN21-RIPE
mnt-ref: MNT-PLANET-TELECOM
mnt-by: MNT-PLANET-TELECOM
created: 2007-09-15T14:57:20Z
last-modified: 2016-03-23T09:42:12Z
source: RIPE # Filtered

role: Planet Telecom NOC
address: Sokolovska 395
address: 186 00 Praha 8
abuse-mailbox: [email protected]
address: Prague
address: Czech Republic
phone: +420234262111
nic-hdl: PTN21-RIPE
mnt-by: MNT-PLANET-TELECOM
created: 2016-03-15T20:48:44Z
last-modified: 2016-03-23T09:42:33Z
source: RIPE # Filtered

% Information related to '91.197.232.0/24AS43715'

route: 91.197.232.0/24
origin: AS43715
mnt-by: MNT-PLANET-TELECOM
created: 2016-03-23T09:37:31Z
last-modified: 2016-03-23T09:37:31Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 79.137.39.220 from vps297345.ovh.net

Hi,

The IP 79.137.39.220 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 79.137.39.220 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '79.137.0.0 - 79.137.127.255'

% Abuse contact for '79.137.0.0 - 79.137.127.255' is '[email protected]'

inetnum: 79.137.0.0 - 79.137.127.255
netname: FR-OVH-20071018
country: FR
org: ORG-OS3-RIPE
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
mnt-routes: OVH-MNT
mnt-domains: OVH-MNT
created: 2017-01-16T14:29:13Z
last-modified: 2017-01-16T14:29:13Z
source: RIPE # Filtered

organisation: ORG-OS3-RIPE
org-name: OVH SAS
org-type: LIR
address: 2 rue Kellermann
address: 59100
address: Roubaix
address: FRANCE
phone: +33972101007
abuse-c: AR15333-RIPE
admin-c: OTC2-RIPE
admin-c: OK217-RIPE
admin-c: GM84-RIPE
mnt-ref: OVH-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
abuse-mailbox: [email protected]
created: 2004-04-17T11:23:17Z
last-modified: 2017-05-30T07:24:52Z
source: RIPE # Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE # Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2010-10-05T08:51:16Z
source: RIPE # Filtered

% Information related to '79.137.0.0/18AS16276'

route: 79.137.0.0/18
descr: OVH
origin: AS16276
mnt-by: OVH-MNT
created: 2016-12-19T12:31:34Z
last-modified: 2016-12-19T12:31:34Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (WAGYU)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 77.21.137.155 from vps297345.ovh.net

Hi,

The IP 77.21.137.155 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 77.21.137.155 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '77.20.0.0 - 77.21.255.255'

% Abuse contact for '77.20.0.0 - 77.21.255.255' is '[email protected]'

inetnum: 77.20.0.0 - 77.21.255.255
netname: KABEL-DEUTSCHLAND-CUSTOMER-SERVICES-16
descr: Kabel Deutschland Breitband Customer 16
country: DE
admin-c: KDG40-RIPE
tech-c: KDG40-RIPE
status: ASSIGNED PA
mnt-by: MNT-KABELDEUTSCHLAND
mnt-lower: MNT-KABELDEUTSCHLAND
mnt-routes: MNT-KABELDEUTSCHLAND
created: 2008-05-05T12:19:32Z
last-modified: 2015-06-09T14:48:07Z
source: RIPE

role: Kabel Deutschland RIPE
address: Kabel Deutschland Vertrieb und Service GmbH
address: Germaniastr. 14-17
address: 12099 Berlin
address: Germany
admin-c: FM464-RIPE
admin-c: MM45323-RIPE
tech-c: MM45323-RIPE
abuse-mailbox: [email protected]
nic-hdl: KDG40-RIPE
mnt-by: MNT-KABELDEUTSCHLAND
created: 2015-06-06T09:42:03Z
last-modified: 2016-11-23T08:30:49Z
source: RIPE # Filtered

% Information related to '77.21.128.0/17AS31334'

route: 77.21.128.0/17
descr: Kabeldeutschland Route
origin: AS31334
mnt-by: MNT-KABELDEUTSCHLAND
created: 2009-04-20T13:14:15Z
last-modified: 2009-04-20T13:14:15Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.63.166.80 from vps297345.ovh.net

Hi,

The IP 59.63.166.80 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 59.63.166.80 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.62.0.0 - 59.63.255.255'

% Abuse contact for '59.62.0.0 - 59.63.255.255' is '[email protected]'

inetnum: 59.62.0.0 - 59.63.255.255
netname: CHINANET-JX
descr: CHINANET Jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: JN113-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-IP-WWF
source: APNIC
mnt-irt: IRT-CHINANET-CN
changed: [email protected] 20050208

irt: IRT-CHINANET-CN
address: No.31 ,jingrong street,beijing
address: 100032
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: CH93-AP
tech-c: CH93-AP
auth: # Filtered
mnt-by: MAINT-CHINANET
changed: [email protected] 20101115
source: APNIC

role: JXDCB NET
address: Jiangxi telecom network operation support department
address: No.2009, Beijing East Road , nanchang,jiangxi province
country: CN
phone: +86 79186600000
e-mail: [email protected]
remarks: send spam reports to [email protected]
remarks: and abuse reports to [email protected]
remarks: http://www.online.jx.cn
admin-c: XY1-AP
tech-c: WZ1-CN
tech-c: WW49-AP
nic-hdl: JN113-AP
notify: [email protected]
mnt-by: MAINT-IP-WWF
changed: [email protected] 20020812
changed: [email protected] 20130221
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: [email protected]
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: [email protected] 20070416
changed: [email protected] 20140227
mnt-by: MAINT-CHINANET
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 70.29.73.136 from vps297345.ovh.net

Hi,

The IP 70.29.73.136 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 70.29.73.136 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 70.29.73.136"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=70.29.73.136?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

Sympatico HSE SYME20080908-CA (NET-70-29-72-0-1) 70.29.72.0 - 70.29.75.255
Bell Canada BELLCANADA-18 (NET-70-24-0-0-1) 70.24.0.0 - 70.31.255.255



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 185.124.84.40 from vps297345.ovh.net

Hi,

The IP 185.124.84.40 has just been banned by Fail2Ban after
7 attempts against SSH.


Here is more information about 185.124.84.40 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '185.124.84.0 - 185.124.84.255'

% Abuse contact for '185.124.84.0 - 185.124.84.255' is '[email protected]'

inetnum: 185.124.84.0 - 185.124.84.255
org: ORG-MA1059-RIPE
geoloc: 41.06692773019345 28.86383056640625
netname: Bilgehosting
descr: Bilgehosting
country: TR
admin-c: MA18186-RIPE
tech-c: MA18186-RIPE
status: ASSIGNED PA
mnt-by: tr-murat-1-mnt
created: 2015-11-03T19:37:24Z
last-modified: 2015-11-05T23:33:58Z
source: RIPE

organisation: ORG-MA1059-RIPE
org-name: Murat Aktas
org-type: LIR
address: YILDIZTEPE MH. 30/9 SOK. B BLOK NO:6 D:6 BAGCILAR
address: 34203
address: ISTANBUL
address: TURKEY
admin-c: MA18186-RIPE
tech-c: MA18186-RIPE
abuse-c: AR34048-RIPE
mnt-ref: tr-murat-1-mnt
mnt-by: RIPE-NCC-HM-MNT
mnt-ref: RIPE-NCC-HM-MNT
created: 2015-10-30T08:43:24Z
last-modified: 2016-06-14T07:47:55Z
source: RIPE # Filtered
phone: +902124747934

person: Murat AKTAS
address: YILDIZTEPE MH. 30/9 SOK. B BLOK NO:6 D:6 BAGCILAR
address: 34203
address: ISTANBUL
address: TURKEY
phone: +902124747934
nic-hdl: MA18186-RIPE
mnt-by: tr-murat-1-mnt
created: 2015-10-30T08:43:23Z
last-modified: 2015-10-30T08:43:24Z
source: RIPE

% Information related to '185.124.84.0/24AS43260'

route: 185.124.84.0/24
descr: Route
origin: AS43260
mnt-by: DGN-MNT
mnt-by: tr-murat-1-mnt
created: 2015-11-02T14:57:38Z
last-modified: 2015-11-02T14:57:38Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 134.106.48.66 from vps297345.ovh.net

Hi,

The IP 134.106.48.66 has just been banned by Fail2Ban after
7 attempts against SSH.


Here is more information about 134.106.48.66 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '134.106.0.0 - 134.106.255.255'

% Abuse contact for '134.106.0.0 - 134.106.255.255' is '[email protected]'

inetnum: 134.106.0.0 - 134.106.255.255
netname: UNI-OLDENBURG
descr: Hochschulrechenzentrum
country: DE
admin-c: BM3409-RIPE
tech-c: DR3957-RIPE
status: LEGACY
remarks: **********************************
remarks: * Please send abuse messages to: *
remarks: * [email protected] *
remarks: **********************************
mnt-by: RIPE-NCC-LEGACY-MNT
mnt-by: DFN-LIR-MNT
mnt-lower: DFN-LIR-MNT
mnt-routes: DFN-MNT
mnt-irt: IRT-DFN-CERT
created: 2002-09-18T13:16:07Z
last-modified: 2016-04-14T08:23:03Z
source: RIPE
org: ORG-CVOU1-RIPE
sponsoring-org: ORG-DV1-RIPE

organisation: ORG-CVOU1-RIPE
org-name: Carl von Ossietzky Universitaet Oldenburg
org-type: OTHER
address: Ammerlaender Heerstr. 114-118
address: 26129 Oldenburg
address: Germany
admin-c: BM3409-RIPE
tech-c: DR3957-RIPE
abuse-c: DH5989-RIPE
mnt-ref: DFN-LIR-MNT
mnt-by: DFN-LIR-MNT
created: 2015-12-04T10:14:01Z
last-modified: 2015-12-04T10:14:01Z
source: RIPE # Filtered

person: Burkard Meyendriesch
address: Carl von Ossietzky Universitaet Oldenburg
address: Uhlhornsweg 84
address: 26129 Oldenburg
address: Germany
phone: +49 441 798 4800
nic-hdl: BM3409-RIPE
mnt-by: DFN-NTFY
created: 2007-03-02T08:41:19Z
last-modified: 2016-07-19T11:08:30Z
source: RIPE # Filtered

person: Dirk Rode
address: Carl von Ossietzky Universitaet Oldenburg
address: IBIT-Infromations-, Bibliotheks-, und IT-Dienste
address: Uhlhornsweg 84
address: 26129 Oldenburg
address: Germany
phone: +49 441 798 5215
nic-hdl: DR3957-RIPE
mnt-by: DFN-NTFY
created: 2009-03-16T15:34:02Z
last-modified: 2016-07-19T11:08:30Z
source: RIPE # Filtered

% Information related to '134.106.0.0/15AS680'

route: 134.106.0.0/15
descr: DFN-AGG-46
origin: AS680
mnt-by: DFN-MNT
mnt-routes: AS5520-MNT { 134.107.225.0/24 }
mnt-routes: AS5520-MNT { 134.107.226.0/23 }
mnt-routes: DFN-MNT { 134.107.202.0/24 }
created: 1970-01-01T00:00:00Z
last-modified: 2015-08-05T10:35:56Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 59.109.37.216 from vps297345.ovh.net

Hi,

The IP 59.109.37.216 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 59.109.37.216 :

[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '59.109.32.0 - 59.109.47.255'

% Abuse contact for '59.109.32.0 - 59.109.47.255' is '[email protected]'

inetnum: 59.109.32.0 - 59.109.47.255
netname: CJJY
descr: Chuang Jun Jia Ye(Beijing)Technology Co.,Ltd
admin-c: DT719-AP
tech-c: SC2596-AP
country: CN
status: ALLOCATED PORTABLE
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
mnt-routes: MAINT-CNCGROUP-RR
changed: [email protected] 20151019
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20110428
source: APNIC

person: Di Tingting
address: Room 4310,3/F,Building 2,No.208,Second Area, Lize Zhongyuan
address: ,Wangjing New Industry Zone,ChaoYang District,Beijing.
country: CN
phone: +86-13301199910
e-mail: [email protected]
nic-hdl: DT719-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20150717
source: APNIC

person: Sean Chen
address: Room 4310,3/F,Building 2,No.208,Second Area, Lize Zhongyuan
address: ,Wangjing New Industry Zone,ChaoYang District,Beijing.
country: CN
phone: +86-18611234038
e-mail: [email protected]
nic-hdl: SC2596-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20150717
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 39.108.62.203 from vps297345.ovh.net

Hi,

The IP 39.108.62.203 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 39.108.62.203 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '39.96.0.0 - 39.108.255.255'

% Abuse contact for '39.96.0.0 - 39.108.255.255' is '[email protected]'

inetnum: 39.96.0.0 - 39.108.255.255
netname: ALISOFT
descr: Aliyun Computing Co., LTD
descr: 5F, Builing D, the West Lake International Plaza of S&T
descr: No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099
country: CN
admin-c: ZM1015-AP
tech-c: ZM877-AP
tech-c: ZM876-AP
tech-c: ZM875-AP
mnt-by: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
changed: [email protected]
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20110428
source: APNIC

person: Li Jia
address: NO.969 West Wen Yi Road, Yu Hang District, Hangzhou
country: CN
phone: +86-0571-85022088
e-mail: [email protected]
nic-hdl: ZM1015-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20130730
source: APNIC

person: Guoxin Gao
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022600
fax-no: +86-0571-85022600
e-mail: [email protected]
nic-hdl: ZM875-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20130705
source: APNIC

person: security trouble
e-mail: [email protected]
address: 5th,floor,Building D,the West Lake International Plaza of S&T,391#Wen’er Road
address: Hangzhou, Zhejiang, China
phone: +86-0571-85022600
country: CN
mnt-by: MAINT-CNNIC-AP
nic-hdl: ZM876-AP
changed: [email protected] 20130708
source: APNIC

person: Guowei Pan
address: 5F, Builing D, the West Lake International Plaza of S&T
address: No.391 Wen'er Road, Hangzhou City
address: Zhejiang, China, 310099
country: CN
phone: +86-0571-85022088-30763
fax-no: +86-0571-85022600
e-mail: [email protected]
nic-hdl: ZM877-AP
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20130709
source: APNIC

% Information related to '39.108.0.0/16AS37963'

route: 39.108.0.0/16
descr: Addresses from CNNIC
country: CN
origin: AS37963
mnt-by: MAINT-CNNIC-AP
changed: [email protected] 20160720
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 158.69.127.9 from vps297345.ovh.net

Hi,

The IP 158.69.127.9 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 158.69.127.9 :

[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# Query terms are ambiguous. The query is assumed to be:
# "n 158.69.127.9"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=158.69.127.9?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange: 158.69.0.0 - 158.69.255.255
CIDR: 158.69.0.0/16
NetName: HO-2
NetHandle: NET-158-69-0-0-1
Parent: NET158 (NET-158-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: OVH Hosting, Inc. (HO-2)
RegDate: 2015-06-15
Updated: 2015-06-15
Ref: https://whois.arin.net/rest/net/NET-158-69-0-0-1


OrgName: OVH Hosting, Inc.
OrgId: HO-2
Address: 800-1801 McGill College
City: Montreal
StateProv: QC
PostalCode: H3A 2N4
Country: CA
RegDate: 2011-06-22
Updated: 2017-01-28
Ref: https://whois.arin.net/rest/org/HO-2


OrgAbuseHandle: ABUSE3956-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-855-684-5463
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE3956-ARIN

OrgTechHandle: NOC11876-ARIN
OrgTechName: NOC
OrgTechPhone: +1-855-684-5463
OrgTechEmail: [email protected]
OrgTechRef: https://whois.arin.net/rest/poc/NOC11876-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

Regards,

Fail2Ban