Abuse Message [AbuseID:C49C67:26]: AbuseInfo: [Fail2Ban ABUSE REPORT] SIP: banned 138.201.192.9 for consulintel.com

 Hi «abuse@hetzner.com«,
 
 This is an email abuse report about the IP address 138.201.192.9, which has been temporarily banned by Fail2Ban
 after 3 attempts against SIP at consulintel.com.
 
 
 You get this email because you are listed as the official abuse contact for this IP address.
 
 
 The following intrusion attempts were detected from IP: 138.201.192.9
 
 [2023-04-12 06:00:22] NOTICE[16572] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘<sip:000@213.0.69.132>’ failed for ‘138.201.192.9:63136’ (callid: e5f4a195797263314403e4f7a) — No matching endpoint found
 [2023-04-12 06:00:22] SECURITY[3175] res_security_log.c: SecurityEvent=»InvalidAccountID»,EventTV=»2023-04-12T06:00:22.254+0200″,Severity=»Error»,Service=»PJSIP»,EventVersion=»1″,AccountID=»000″,SessionID=»e5f4a195797263314403e4f7a»,LocalAddress=»IPV4/UDP/10.10.9.252/5060″,RemoteAddress=»IPV4/UDP/138.201.192.9/63136″
 [2023-04-12 06:00:22] SECURITY[3175] res_security_log.c: SecurityEvent=»ChallengeSent»,EventTV=»2023-04-12T06:00:22.255+0200″,Severity=»Informational»,Service=»PJSIP»,EventVersion=»1″,AccountID=»<unknown>»,SessionID=»e5f4a195797263314403e4f7a»,LocalAddress=»IPV4/UDP/10.10.9.252/5060″,RemoteAddress=»IPV4/UDP/138.201.192.9/63136″,Challenge=»»
 [2023-04-12 06:00:22] NOTICE[16572] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘<sip:000@213.0.69.132>’ failed for ‘138.201.192.9:63136’ (callid: e5f4a195797263314403e4f7a) — No matching endpoint found
 [2023-04-12 06:00:22] SECURITY[3175] res_security_log.c: SecurityEvent=»InvalidAccountID»,EventTV=»2023-04-12T06:00:22.367+0200″,Severity=»Error»,Service=»PJSIP»,EventVersion=»1″,AccountID=»000″,SessionID=»e5f4a195797263314403e4f7a»,LocalAddress=»IPV4/UDP/10.10.9.252/5060″,RemoteAddress=»IPV4/UDP/138.201.192.9/63136″
 [2023-04-12 06:00:22] SECURITY[3175] res_security_log.c: SecurityEvent=»ChallengeSent»,EventTV=»2023-04-12T06:00:22.367+0200″,Severity=»Informational»,Service=»PJSIP»,EventVersion=»1″,AccountID=»<unknown>»,SessionID=»e5f4a195797263314403e4f7a»,LocalAddress=»IPV4/UDP/10.10.9.252/5060″,RemoteAddress=»IPV4/UDP/138.201.192.9/63136″,Challenge=»»
 [2023-04-12 06:00:22] NOTICE[16572] res_pjsip/pjsip_distributor.c: Request ‘REGISTER’ from ‘<sip:000@213.0.69.132>’ failed for ‘138.201.192.9:63136’ (callid: e5f4a195797263314403e4f7a) — No matching endpoint found
 [2023-04-12 06:00:22] SECURITY[3175] res_security_log.c: SecurityEvent=»InvalidAccountID»,EventTV=»2023-04-12T06:00:22.478+0200″,Severity=»Error»,Service=»PJSIP»,EventVersion=»1″,AccountID=»000″,SessionID=»e5f4a195797263314403e4f7a»,LocalAddress=»IPV4/UDP/10.10.9.252/5060″,RemoteAddress=»IPV4/UDP/138.201.192.9/63136″
 [2023-04-12 06:00:22] SECURITY[3175] res_security_log.c: SecurityEvent=»ChallengeSent»,EventTV=»2023-04-12T06:00:22.478+0200″,Severity=»Informational»,Service=»PJSIP»,EventVersion=»1″,AccountID=»<unknown>»,SessionID=»e5f4a195797263314403e4f7a»,LocalAddress=»IPV4/UDP/10.10.9.252/5060″,RemoteAddress=»IPV4/UDP/138.201.192.9/63136″,Challenge=»»
 
 
 Here is more information about 138.201.192.9:
 
 [Querying whois.arin.net]
 [Redirected to whois.ripe.net]
 [Querying whois.ripe.net]
 [whois.ripe.net]
 % This is the RIPE Database query service.
 % The objects are in RPSL format.
 %
 % The RIPE Database is subject to Terms and Conditions.
 % See http://www.ripe.net/db/support/db-terms-conditions.pdf
 
 % Note: this output has been filtered.
 % To receive output for a database update, use the «-B» flag.
 
 % Information related to ‘138.201.192.0 — 138.201.192.63’
 
 % Abuse contact for ‘138.201.192.0 — 138.201.192.63’ is ‘abuse@hetzner.com
 
 inetnum: 138.201.192.0 — 138.201.192.63
 netname: HETZNER-fsn1-dc8
 descr: Hetzner Online GmbH
 descr: Datacenter fsn1-dc8
 country: DE
 admin-c: HOAC1-RIPE
 tech-c: HOAC1-RIPE
 status: LEGACY
 remarks: INFRA-AW
 mnt-by: HOS-GUN
 mnt-lower: HOS-GUN
 mnt-routes: HOS-GUN
 created: 2018-03-15T14:10:43Z
 last-modified: 2018-03-15T14:10:43Z
 source: RIPE
 
 role: Hetzner Online GmbH — Contact Role
 address: Hetzner Online GmbH
 address: Industriestrasse 25
 address: D-91710 Gunzenhausen
 address: Germany
 phone: +49 9831 505-0
 fax-no: +49 9831 505-3
 abuse-mailbox: abuse@hetzner.com
 remarks: *************************************************
 remarks: * For spam/abuse/security issues please contact *
 remarks: * abuse@hetzner.com, or fill out the form at *
 remarks: * abuse.hetzner.com, thank you. *
 remarks: *************************************************
 remarks:
 remarks: *************************************************
 remarks: * Any questions on Peering please send to *
 remarks: * peering@hetzner.com *
 remarks: *************************************************
 org: ORG-HOA1-RIPE
 admin-c: MH375-RIPE
 tech-c: GM834-RIPE
 tech-c: SK2374-RIPE
 tech-c: MF1400-RIPE
 tech-c: SK8441-RIPE
 tech-c: DD15478-RIPE
 nic-hdl: HOAC1-RIPE
 mnt-by: HOS-GUN
 created: 2004-08-12T09:40:20Z
 last-modified: 2022-11-22T18:33:55Z
 source: RIPE # Filtered
 
 % Information related to ‘138.201.0.0/16AS24940’
 
 route: 138.201.0.0/16
 descr: HETZNER-RZ-BLK-ERX4
 origin: AS24940
 org: ORG-HOA1-RIPE
 mnt-by: HOS-GUN
 created: 2012-12-24T09:10:23Z
 last-modified: 2012-12-24T09:10:23Z
 source: RIPE
 
 organisation: ORG-HOA1-RIPE
 org-name: Hetzner Online GmbH
 country: DE
 org-type: LIR
 address: Industriestrasse 25
 address: D-91710
 address: Gunzenhausen
 address: GERMANY
 phone: +49 9831 5050
 fax-no: +49 9831 5053
 admin-c: MF1400-RIPE
 admin-c: GM834-RIPE
 admin-c: HOAC1-RIPE
 admin-c: MH375-RIPE
 admin-c: SK2374-RIPE
 admin-c: SK8441-RIPE
 abuse-c: HOAC1-RIPE
 mnt-ref: RIPE-NCC-HM-MNT
 mnt-ref: HOS-GUN
 mnt-by: RIPE-NCC-HM-MNT
 mnt-by: HOS-GUN
 created: 2004-04-17T11:07:58Z
 last-modified: 2022-11-22T18:32:44Z
 source: RIPE # Filtered
 
 % This query was served by the RIPE Database Query Service version 1.106 (DEXTER)
 
 
 Regards,
 
 Fail2Ban
 
 **********************************************
 IPv4 is over
 Are you ready for the new Internet ?
 http://www.theipv6company.com
 The IPv6 Company
 
 This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *