[RIPE Atlas Ambassadors] Notification for unauthorized access from 176.219.104.1
- Previous message (by thread): [RIPE Atlas Ambassadors] Netconf in India/Bangalore on 27 March
- Next message (by thread): [RIPE Atlas Ambassadors] Notification for unauthorized access from 176.219.104.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alex Burke
alex at alexburke.ca
Thu Feb 6 09:17:45 CET 2020
Hello, You should reach out to the abuse contact for that netblock; according to WHOIS, that's abuse at vodafone.net.tr. I'm also copying RIPE Atlas Support in this reply in case they feel this deserves further investigation. Cheers, Alex > % This is the RIPE Database query service. > % The objects are in RPSL format. > % > % The RIPE Database is subject to Terms and Conditions. > % See http://www.ripe.net/db/support/db-terms-conditions.pdf > > % Note: this output has been filtered. > % To receive output for a database update, use the "-B" flag. > > % Information related to '176.219.32.0 - 176.219.255.255' > > % Abuse contact for '176.219.32.0 - 176.219.255.255' is 'abuse-tr at vodafone.com' > > inetnum: 176.219.32.0 - 176.219.255.255 > netname: VODAFONE-TURKEY-CUSTOMER-IP-POOLS > descr: Vodafone Turkey 3G IP Pool > country: TR > admin-c: VT1712-RIPE > admin-c: BTB10-RIPE > tech-c: VT1712-RIPE > tech-c: BTB10-RIPE > status: ASSIGNED PA > mnt-by: RTNET-MNT > mnt-by: MNT-BORUSAN > mnt-lower: RTNET-MNT > mnt-routes: RTNET-MNT > mnt-routes: MNT-BORUSAN > created: 2012-09-12T13:39:57Z > last-modified: 2018-11-21T07:41:17Z > source: RIPE > > role: Borusan Telekom Backbone Group > address: Buyukdere Caddesi No:112 > address: 34394 Esentepe > address: Istanbul - TURKEY > phone: +90 212 355 5151 > fax-no: +90 212 355 5165 > admin-c: YP419-RIPE > admin-c: SE4047-RIPE > tech-c: YP419-RIPE > tech-c: SE4047-RIPE > nic-hdl: BTB10-RIPE > abuse-mailbox: abuse at vodafone.net.tr > mnt-by: MNT-BORUSAN > created: 2006-03-08T11:54:46Z > last-modified: 2020-01-30T14:50:36Z > source: RIPE # Filtered > > person: VODAFONE TURKEY > address: Vodafone Telekomunikasyon A.S. > address: Vodafone Plaza Buyukdere Cad. No:251 > address: 34398 Maslak, Istanbul > address: TURKEY > phone: +90 212 3670000 > fax-no: +90 212 3670010 > nic-hdl: VT1712-RIPE > remarks: Vodafone Turkey IP Management Team > created: 2010-04-19T13:03:31Z > last-modified: 2017-10-31T10:42:09Z > source: RIPE # Filtered > mnt-by: RTNET-MNT > mnt-by: MNT-BORUSAN > > % Information related to '176.219.104.0/21AS8386' > > route: 176.219.104.0/21 > descr: Vodafone Net DSL Block - ISTANBUL TUZLA FTTH > origin: AS8386 > mnt-by: MNT-BORUSAN > created: 2018-04-10T06:03:32Z > last-modified: 2019-01-10T08:00:20Z > source: RIPE # Filtered > > % This query was served by the RIPE Database Query Service version 1.96 (BLAARKOP) > El 6 febr 2020, a les 7:41, "saito-miori-ck at ynu.jp" <saito-miori-ck at ynu.jp> va escriure: > > Hello, > > We are researchers from Japan working on cyber security > at Yokohama National University. > > Our current research project aims to inform parties > who may be relevant to unauthorized accesses that our > monitoring system (honeypot) have observed. > > > --- Observed Unauthorized Access --- > Date and time: 2020-01-01 22:12:43.657569 UTC > Observed IP address: 176.219.104.1 > Observed activity: Telnet login attempt > > > --- How we obtained your contact point --- > 1) We first obtained domain topology4.dyndns.atlas.ripe.net. resolved from the > observed IP address 176.219.104.1 by using passive DNS Database, > DNSDB (https://www.dnsdb.info/). > 2) We then searched the domain ripe.net in the Email address > database (https://hunter.io/search) and obtained this Email address. > > > For evaluating the validity of this contact point, > it would be great if you could help our study by > answering the questions on our web page or by sending Email to us. > > - On Web page > Please access to our web page > (https://ipsr.ynu.ac.jp/notification/BuzDNF/index.html) > and answer questions. > > - By Email > Please send your answers to the following questions to > ynugr-notify at ynu.ac.jp > with your Notification ID: BuzDNF > > > [Questions] > > Notification ID: BuzDNF > > Q1. Do you think you are relevant parties of the IP addresses > that we have observed unauthorized access from? > > a) Relevant > b) NOT relevant > c) Don't know > > Q2. Do you want to receive notification from us if we observe > more unauthorized access from this IP address in the future? > > a) Yes > b) No > > > --- More Detail Information --- > If you need further information or if you have any other questions, > please contact us ynugr-notify at ynu.ac.jp. > > Best regards, > > Security Notification Research Team, Yoshioka Lab > Research Center for Information and Physical Security > Yokohama National University, Japan > Email: ynugr-notify at ynu.ac.jp > URL: https://ipsr.ynu.ac.jp/notification/BuzDNF/index.html > _______________________________________________ > RIPE-Atlas-Ambassadors mailing list > RIPE-Atlas-Ambassadors at ripe.net > https://lists.ripe.net/mailman/listinfo/ripe-atlas-ambassadors -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/ripe-atlas-ambassadors/attachments/20200206/82b712db/attachment.html>
- Previous message (by thread): [RIPE Atlas Ambassadors] Netconf in India/Bangalore on 27 March
- Next message (by thread): [RIPE Atlas Ambassadors] Notification for unauthorized access from 176.219.104.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]