Wednesday, 30 August 2017

[Fail2Ban] SSH: banned 79.137.39.220 from vps297345.ovh.net

Hi,

The IP 79.137.39.220 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 79.137.39.220 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '79.137.0.0 - 79.137.127.255'

% Abuse contact for '79.137.0.0 - 79.137.127.255' is '[email protected]'

inetnum: 79.137.0.0 - 79.137.127.255
netname: FR-OVH-20071018
country: FR
org: ORG-OS3-RIPE
admin-c: OK217-RIPE
tech-c: OTC2-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
mnt-routes: OVH-MNT
mnt-domains: OVH-MNT
created: 2017-01-16T14:29:13Z
last-modified: 2017-01-16T14:29:13Z
source: RIPE # Filtered

organisation: ORG-OS3-RIPE
org-name: OVH SAS
org-type: LIR
address: 2 rue Kellermann
address: 59100
address: Roubaix
address: FRANCE
phone: +33972101007
abuse-c: AR15333-RIPE
admin-c: OTC2-RIPE
admin-c: OK217-RIPE
admin-c: GM84-RIPE
mnt-ref: OVH-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
mnt-by: OVH-MNT
abuse-mailbox: [email protected]
created: 2004-04-17T11:23:17Z
last-modified: 2017-05-30T07:24:52Z
source: RIPE # Filtered

role: OVH Technical Contact
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
admin-c: OK217-RIPE
tech-c: GM84-RIPE
tech-c: SL10162-RIPE
nic-hdl: OTC2-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 2004-01-28T17:42:29Z
last-modified: 2014-09-05T10:47:15Z
source: RIPE # Filtered

person: Octave Klaba
address: OVH SAS
address: 2 rue Kellermann
address: 59100 Roubaix
address: France
phone: +33 9 74 53 13 23
nic-hdl: OK217-RIPE
abuse-mailbox: [email protected]
mnt-by: OVH-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2010-10-05T08:51:16Z
source: RIPE # Filtered

% Information related to '79.137.0.0/18AS16276'

route: 79.137.0.0/18
descr: OVH
origin: AS16276
mnt-by: OVH-MNT
created: 2016-12-19T12:31:34Z
last-modified: 2016-12-19T12:31:34Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 91.197.232.109 from vps297345.ovh.net

Hi,

The IP 91.197.232.109 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 91.197.232.109 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '91.197.232.0 - 91.197.235.255'

% Abuse contact for '91.197.232.0 - 91.197.235.255' is '[email protected]'

inetnum: 91.197.232.0 - 91.197.235.255
netname: PLANET-TELECOM-NET
country: CZ
org: ORG-PTL7-RIPE
admin-c: PTN21-RIPE
tech-c: PTN21-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
remarks: mnt-by: MNT-PLANET-TELECOM
remarks: mnt-routes: MNT-PLANET-TELECOM
remarks: mnt-domains: MNT-PLANET-TELECOM
remarks: mnt-routes: MNT-3W-INFRA
created: 2007-09-18T09:04:58Z
last-modified: 2017-08-08T09:15:47Z
source: RIPE

organisation: ORG-PTL7-RIPE
org-name: Planet Telecom Ltd.
org-type: OTHER
address: Sokolovska 395, 186 00 Praha 8, Prague, Czech Republic
abuse-c: PTN21-RIPE
mnt-ref: MNT-PLANET-TELECOM
mnt-by: MNT-PLANET-TELECOM
created: 2007-09-15T14:57:20Z
last-modified: 2016-03-23T09:42:12Z
source: RIPE # Filtered

role: Planet Telecom NOC
address: Sokolovska 395
address: 186 00 Praha 8
abuse-mailbox: [email protected]
address: Prague
address: Czech Republic
phone: +420234262111
nic-hdl: PTN21-RIPE
mnt-by: MNT-PLANET-TELECOM
created: 2016-03-15T20:48:44Z
last-modified: 2016-03-23T09:42:33Z
source: RIPE # Filtered

% Information related to '91.197.232.0/24AS43715'

route: 91.197.232.0/24
origin: AS43715
mnt-by: MNT-PLANET-TELECOM
created: 2016-03-23T09:37:31Z
last-modified: 2016-03-23T09:37:31Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)

Regards,

Fail2Ban

[Fail2Ban] ProFTPD: banned 37.58.150.203 from vps297345.ovh.net

Hi,

The IP 37.58.150.203 has just been banned by Fail2Ban after
6 attempts against ProFTPD.


Here is more information about 37.58.150.203 :

[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '37.58.150.192 - 37.58.150.223'

% Abuse contact for '37.58.150.192 - 37.58.150.223' is '[email protected]'

inetnum: 37.58.150.192 - 37.58.150.223
netname: ADISTA-BACKBONE
descr: Hebergement Nancy
country: FR
admin-c: PC492-RIPE
tech-c: BM3530-RIPE
status: ASSIGNED PA
remarks: INFRA-AW
mnt-by: RMI-MNT
created: 2012-12-26T10:38:12Z
last-modified: 2012-12-26T10:38:12Z
source: RIPE # Filtered

person: Bertrand Maujean
address: 9 rue Blaise Pascal 54320 Maxeville France
phone: +33 (0)3 83 95 53 00
abuse-mailbox: [email protected]
nic-hdl: BM3530-RIPE
mnt-by: RMI-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2015-02-17T10:25:10Z
source: RIPE # Filtered

person: Pascal Caumont
address: FITECH / Adista
address: 9, Rue Blaise Pascal
address: 54320 Maxeville
address: France
phone: +33 3 83 95 53 00
fax-no: +33 3 83 98 07 54
abuse-mailbox: [email protected]
nic-hdl: PC492-RIPE
mnt-by: BLUEGIX-MNT
mnt-by: RMI-MNT
created: 2002-09-18T14:23:24Z
last-modified: 2015-02-17T12:58:36Z
source: RIPE # Filtered

% Information related to '37.58.150.0/24AS16347'

route: 37.58.150.0/24
descr: Adista / RMI Informatique
descr: 9, Rue Blaise Pascal
descr: 54320 Maxeville
descr: FRANCE
origin: AS16347
mnt-lower: RMI-MNT
mnt-routes: RMI-MNT
mnt-by: RMI-MNT
created: 2016-03-21T13:26:34Z
last-modified: 2016-03-21T13:26:34Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 62.152.32.179 from vps297345.ovh.net

Hi,

The IP 62.152.32.179 has just been banned by Fail2Ban after
7 attempts against SSH.


Here is more information about 62.152.32.179 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '62.152.32.0 - 62.152.32.255'

% Abuse contact for '62.152.32.0 - 62.152.32.255' is '[email protected]'

inetnum: 62.152.32.0 - 62.152.32.255
netname: CITYTELECOM-NET
descr: Saint-Petersburg Lif area static pool
descr:
remarks: ============================
remarks: Citytelecom.ru
remarks: ... perfect telecom services
remarks: for your business ...
remarks: =============================
country: RU
admin-c: CNOC8-RIPE
tech-c: CNOC8-RIPE
status: ASSIGNED PA
mnt-by: HOSTER-RIPE-MNT
created: 2016-01-11T14:03:11Z
last-modified: 2016-05-19T08:05:22Z
source: RIPE # Filtered

role: CityTelecom Network Operations Center
address: 105120 Russia Moscow
address: 10/9 Nignyaya Syromatnicheskaya
abuse-mailbox: [email protected]
phone: +7 495 3630542
fax-no: +7 495 6637742
remarks: ==========================================================
remarks: CityTelecom NOC contacts:
remarks: ----------------------------------------------------------
remarks: NOC engineers available 24x7
remarks: ----------------------------------------------------------
remarks: Routing issues: [email protected]
remarks: Peering issues: [email protected]
remarks: Abuse and security issues: [email protected]
remarks: Customer support: [email protected]
remarks: VoIP issues: [email protected]
remarks: ==========================================================
admin-c: DVS50-RIPE
tech-c: SV6537-RIPE
tech-c: JAZ-RIPE
tech-c: GART-RIPE
nic-hdl: CNOC8-RIPE
mnt-by: HOSTER-RIPE-MNT
created: 2008-01-17T13:50:29Z
last-modified: 2016-03-29T08:25:20Z
source: RIPE # Filtered

% Information related to '62.152.32.0/24AS29076'

route: 62.152.32.0/24
descr: Filanco ltd route object
descr: S-Petersburg area
remarks: origin=SPB
origin: AS29076
mnt-by: HOSTER-RIPE-MNT
created: 2012-04-27T06:58:21Z
last-modified: 2016-05-19T08:06:14Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (HEREFORD)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 113.178.66.10 from vps297345.ovh.net

Hi,

The IP 113.178.66.10 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 113.178.66.10 :

[Querying whois.arin.net]
[Redirected to whois.apnic.net]
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to '113.178.64.0 - 113.178.79.255'

% Abuse contact for '113.178.64.0 - 113.178.79.255' is '[email protected]'

inetnum: 113.178.64.0 - 113.178.79.255
netname: VNPT-VN
country: VN
descr: ADSL VNPT HaNoi
admin-c: VIG1-AP
tech-c: VIG1-AP
status: ALLOCATED NON-PORTABLE
changed: [email protected] 20141125
mnt-by: MAINT-VN-VNPT
mnt-irt: IRT-VNNIC-AP
source: APNIC

irt: IRT-VNNIC-AP
address: Ha Noi, VietNam
phone: +84-4-35564944
fax-no: +84-4-37821462
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: PT174-AP
tech-c: NTTT1-AP
auth: # Filtered
mnt-by: MAINT-VN-VNNIC
changed: [email protected] 20101108
source: APNIC

role: VDC IPADMIN GROUP
address: Internet Building, Block II, Thang Long Inter Village
address: Nguyen Phong Sac str, Cau Giay Dist, Ha Noi
country: VN
phone: +84-912-800008
fax-no: +84-4-9430427
e-mail: [email protected]
remarks: send spam reports to [email protected]
remarks: and abuse reports to [email protected]
admin-c: THMH1-AP
tech-c: THMH1-AP
nic-hdl: VIG1-AP
notify: [email protected]
mnt-by: MAINT-VN-VNPT
changed: [email protected] 20090325
source: APNIC
changed: [email protected] 20111114

% This query was served by the APNIC Whois Service version 1.88.15-37 (WHOIS-UK4)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 151.28.40.149 from vps297345.ovh.net

Hi,

The IP 151.28.40.149 has just been banned by Fail2Ban after
6 attempts against SSH.


Here is more information about 151.28.40.149 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '151.28.0.0 - 151.28.127.255'

% Abuse contact for '151.28.0.0 - 151.28.127.255' is '[email protected]'

inetnum: 151.28.0.0 - 151.28.127.255
netname: ADSL-SOUTH-ROMA-28
country: IT
admin-c: FP453-RIPE
tech-c: FP453-RIPE
status: LEGACY
mnt-by: MNT-IUNET
mnt-by: AS1267-MNT
created: 2016-09-22T08:28:45Z
last-modified: 2016-09-22T08:28:45Z
source: RIPE

person: FLAVIO PALUMBO
org: ORG-IA36-RIPE
org: ORG-HA9-RIPE
remarks: IP ENGINEERING FOR WINDTRE
address: WINDTRE s.p.a
address: Largo Metropolitana 5
address: 20017 - RHO ( MILANO )
address: ITALY
mnt-by: MNT-IUNET
phone: +39023011.1
nic-hdl: FP453-RIPE
abuse-mailbox: [email protected]
abuse-mailbox: [email protected]
abuse-mailbox: [email protected]
remarks: For any abuse write to the mailboxes above
created: 1970-01-01T00:00:00Z
last-modified: 2017-07-14T09:07:33Z
source: RIPE

% Information related to '151.28.0.0/16AS1267'

route: 151.28.0.0/16
descr: INFOSTRADA
origin: AS1267
remarks: removed cross-mnt: AS1267-MNT
mnt-lower: AS1267-MNT
mnt-routes: AS1267-MNT
mnt-by: AS1267-MNT
created: 2001-10-09T11:49:07Z
last-modified: 2004-01-30T16:35:03Z
source: RIPE

% This query was served by the RIPE Database Query Service version 1.89.2 (WAGYU)

Regards,

Fail2Ban

[Fail2Ban] SSH: banned 86.57.164.109 from vps297345.ovh.net

Hi,

The IP 86.57.164.109 has just been banned by Fail2Ban after
7 attempts against SSH.


Here is more information about 86.57.164.109 :

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '86.57.164.0 - 86.57.164.255'

% Abuse contact for '86.57.164.0 - 86.57.164.255' is '[email protected]'

inetnum: 86.57.164.0 - 86.57.164.255
netname: BYFLY
descr: BELTELECOM
descr: GRODNO branch
descr: BYFLY(tm) static assignments
descr: Republic of Belarus
country: BY
admin-c: AB3939-RIPE
tech-c: SH12727-RIPE
status: LIR-PARTITIONED PA
mnt-by: AS6697-MNT
mnt-lower: GRODNOOBLTELECOM-MNT
created: 2012-01-31T08:55:35Z
last-modified: 2015-02-05T13:39:11Z
source: RIPE

person: Alexey Boyko
address: The Republic of Belarus
address: 230023, Grodno
address: 29, K.Marks str.,
address: GRODNOOBLTELECOM
phone: +375 17 2108101
fax-no: +375 15 2771169
mnt-by: AS6697-MNT
nic-hdl: AB3939-RIPE
created: 2003-10-03T16:00:26Z
last-modified: 2015-02-05T13:37:38Z
source: RIPE # Filtered

person: Sergey Hoh
address: The Republic of Belarus
address: 230023, Grodno
address: 29, K.Marks str.,
address: GRODNOOBLTELECOM
phone: +375 15 2730071
fax-no: +375 15 2771169
mnt-by: AS6697-MNT
nic-hdl: SH12727-RIPE
created: 2015-02-05T13:35:53Z
last-modified: 2015-02-05T13:35:53Z
source: RIPE # Filtered

% Information related to '86.57.128.0/17AS6697'

route: 86.57.128.0/17
descr: DELEGATED FROM BELPAK
origin: AS6697
mnt-by: AS6697-MNT
created: 2005-04-25T14:05:20Z
last-modified: 2015-09-21T07:54:39Z
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.89.2 (BLAARKOP)

Regards,

Fail2Ban