極楽せきゅあブログ

ときどきセキュリティ

流行のLINE怪しいアクセス

セキュリティ

数日前に怪しいPCアクセスが来てたんだけど、足あとが増えましたとさ。

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2014-08-21 12:59:53 (BRT -03:00)

inetnum: 186.88/13
status: allocated
aut-num: AS8048
abuse-c: LUM
owner: CANTV Servicios, Venezuela
ownerid: VE-CSVE-LACNIC
responsible: Saba Garcia
address: Segunda Avenida de los Palos Grandes, 000, Entre Av. Fr
address: 1060 - Caracas - MI
country: VE   → (ベネズエラ
phone: +58 212 2095680 []
owner-c: LUM
tech-c: LUM
abuse-c: LUM
created: 20091118
changed: 20091118

nic-hdl: LUM
person: Saba Garc禘
e-mail: ipadmin@CANTV.NET
address: Segunda Avenida de los Palos Grandes, Entre Av. Fr, 000,
address: 1060 - Caracas - MI
country: VE   → (ベネズエラ
phone: +58 212 2095680 [0]
created: 20020911
changed: 20140212

whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.

                                                                              • -

詳しくは、下記管理組織のWhoisにてご確認ください。
http://lacnic.net/en/index.html

                                                                              • -

ちなみにあっしはLINEで一人も友達がいませんぼっちですすいませんヽ(´ー`)ノ
ってか、ケーブルテレビとかそんなとこから出てるみたいなんで、踏み台かなぁ。

追記:別ネタもらいました。

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.

% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the ”-B” flag.
% Information related to ’109.207.48.0 - 109.207.63.255’
% No abuse contact registered for 109.207.48.0 - 109.207.63.255
inetnum: 109.207.48.0 - 109.207.63.255
netname: RONUS-PL
descr: Ronus Beata Polrolniczak
country: PL   → (ポーランド
org: ORG-RBP1-RIPE
admin-c: KW689-RIPE
tech-c: KW689-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-END-MNT
mnt-by: TKTELEKOM-MNT
mnt-by: MNT-RONUS
mnt-lower: RIPE-NCC-END-MNT
mnt-routes: TKTELEKOM-MNT
mnt-routes: MNT-RONUS
mnt-domains: TKTELEKOM-MNT
mnt-domains: MNT-RONUS
source: RIPE # Filtered
sponsoring-org: ORG-TKSz1-RIPE
organisation: ORG-RBP1-RIPE
org-name: PE RONUS Beata Polrolniczak
org-type: OTHER
address: Pl.M.Kolbe 3, 55-200 Olawa, PL
mnt-ref: TKTELEKOM-MNT
mnt-ref: MNT-RONUS
mnt-by: TKTELEKOM-MNT
mnt-by: MNT-RONUS
source: RIPE # Filtered
person: Krzysztof Weber
address: Ronus Beata Polrolniczak
address: Plac M.M.Kolbe 3
address: 55-200 Olawa, Poland
phone: +48 607 649 016
phone: +48 505412 111
fax-no: +48 71 303 45 84
mnt-by: TKTELEKOM-MNT
nic-hdl: KW689-RIPE
source: RIPE # Filtered
% Information related to ’109.207.49.0/24 (マスク範囲)AS196903’
route: 109.207.49.0/24 (マスク範囲)
descr: Ronus Beata Polrolniczak
origin: AS196903
mnt-by: TKTELEKOM-MNT
mnt-by: MNT-RONUS
mnt-routes: MNT-RONUS
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.75 (DB-1)

もうひとつ。

[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.

% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the ”-B” flag.
% Information related to ’5.24.0.0 - 5.25.255.255’
% Abuse contact for ’5.24.0.0 - 5.25.255.255’ is ’abuse@turkcell.com.tr’
inetnum: 5.24.0.0 - 5.25.255.255
netname: TR-TURKCELL-INTERNET
descr: TURKCELL INTERNET
country: TR   → (トルコ)
admin-c: TIM96-RIPE
tech-c: TIM96-RIPE
status: ASSIGNED PA
mnt-by: TR-TURKCELL
source: RIPE # Filtered
person: Turkcell IP Manager
address: Turkcell Kartal Plaza
address: Topselvi Mahallesi Dipcik Sokak No:31
address: Kartal ISTANBUL
phone: +90 216 458 10 00
fax-no: +90 216 427 50 60
nic-hdl: TIM96-RIPE
mnt-by: tr-turkcell
source: RIPE # Filtered
% Information related to ’5.25.240.0/20 (マスク範囲)AS16135’
route: 5.25.240.0/20 (マスク範囲)
descr: Izmit
origin: AS16135
mnt-by: tr-turkcell
source: RIPE # Filtered
% This query was served by the RIPE Database Query Service version 1.75 (DB-1)

ベネズエラ多いね。

[Querying whois.lacnic.net]
[whois.lacnic.net]

% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2014-08-22 02:42:13 (BRT -03:00)

inetnum: 190.200/13
status: allocated
aut-num: N/A
owner: CANTV Servicios, Venezuela
ownerid: VE-CSVE-LACNIC
responsible: Saba Garcia
address: Segunda Avenida de los Palos Grandes, 000, Entre Av. Fr
address: 1060 - Caracas - MI
country: VE   → (ベネズエラ
phone: +58 212 2095680 []
owner-c: LUM
tech-c: LUM
abuse-c: LUM
inetrev: 190.204/14
nserver: DNS1.CANTV.NET
nsstat: 20140821 AA
nslastaa: 20140821
nserver: DNS2.CANTV.NET
nsstat: 20140821 AA
nslastaa: 20140821
nserver: DNS5.CANTV.NET
nsstat: 20140821 AA
nslastaa: 20140821
created: 20070613
changed: 20070613

nic-hdl: LUM
person: Saba Garc禘
e-mail: ipadmin@CANTV.NET
address: Segunda Avenida de los Palos Grandes, Entre Av. Fr, 000,
address: 1060 - Caracas - MI
country: VE   → (ベネズエラ
phone: +58 212 2095680 [0]
created: 20020911
changed: 20140212

whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.