Following organized attacks on our network, we detected Softbank (60.70.231.77) coming into contact with our system during intrusion and penetration exceeding 500 source attempts. [root@gate0 fw_snaps]# netstat -aont Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State Timer tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:10022 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:11111 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:30031 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:53 0.0.0.0:* LISTEN keepalive (0.08/0/0) tcp 0 0 10.150.0.2:53 91.217.189.5:6667 SYN_RECV on (14.85/5/0) tcp 0 0 10.150.0.2:53 57.59.200.92:31060 SYN_RECV on (0.00/2/0) tcp 0 0 10.150.0.2:53 57.57.152.208:41447 SYN_RECV on (13.08/5/0) tcp 0 0 10.150.0.2:53 60.47.97.111:29264 SYN_RECV on (30.88/5/0) tcp 0 0 10.150.0.2:53 60.80.231.77:17525 SYN_RECV on (14.88/5/0) tcp 0 0 10.150.0.2:53 144.65.185.55:59129 SYN_RECV on (2.68/5/0) tcp 0 0 10.150.0.2:53 57.210.153.88:20770 SYN_RECV on (7.08/4/0) tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:40876 169.254.169.254:80 CLOSE_WAIT off (0.00/0/0) tcp 0 0 10.150.0.2:40880 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40882 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 64 10.150.0.2:22 160.3.25.238:44551 ESTABLISHED on (0.28/0/0) tcp 0 0 10.150.0.2:40884 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:22 160.3.25.238:1473 ESTABLISHED keepalive (5131.94/0/0) tcp6 0 0 ::1:953 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::443 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::10022 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::80 :::* LISTEN off (0.00/0/0) tcp6 0 0 ::1:53 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0) [root@gate0 fw_snaps]# whois 60.80.231.77 % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '60.64.0.0 - 60.159.255.255' % Abuse contact for '60.64.0.0 - 60.159.255.255' is 'abuse@bbtec.net' inetnum: 60.64.0.0 - 60.159.255.255 netname: BBTEC descr: Japan Nation-wide Network of Softbank Corp. country: JP org: ORG-SC4-AP admin-c: SA421-AP tech-c: SA421-AP status: ALLOCATED PORTABLE mnt-by: APNIC-HM mnt-lower: MAINT-JP-BBTECH remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- last-modified: 2017-08-30T07:18:16Z source: APNIC mnt-irt: IRT-SOFTBANK-JP irt: IRT-SOFTBANK-JP address: Tokyo Shiodome bldg., address: 1-9-1, Higashi-Shimbashi address: Minatoku,Tokyo, Japan e-mail: abuse@bbtec.net abuse-mailbox: abuse@bbtec.net admin-c: HS2334-AP tech-c: HS2334-AP auth: # Filtered remarks: abuse@bbtec.net was validated on 2019-12-18 mnt-by: MAINT-JP-BBTECH last-modified: 2019-12-18T03:34:44Z source: APNIC organisation: ORG-SC4-AP org-name: SOFTBANK Corp. country: JP address: Shiodome Sumitomo Bldg. 24F address: 1-9-2, Higashi-Shimbashi phone: +81-3-6889-6365 e-mail: SBBGRP-ispnw@g.softbank.co.jp mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2019-05-13T12:55:44Z source: APNIC role: SoftbankBB ABUSE address: Tokyo Shiodome bldg., 1-9-1, Higashi-Shimbashi, Minatoku,Tokyo country: JP phone: +81-3-6688-5120 e-mail: abuse@bbtec.net remarks: Please send spam report,virus alart remarks: or any other abuse report remarks: to abuse@bbtec.net remarks: Any other Information, Notice, remarks: Please send to hostmaster@bbtec.net admin-c: HS2334-AP tech-c: HS2334-AP nic-hdl: SA421-AP mnt-by: MAINT-JP-BBTECH last-modified: 2018-08-08T06:22:48Z source: APNIC % This query was served by the APNIC Whois Service version 1.88.15-47 (WHOIS-US3) [root@gate0 fw_snaps]# netstat -aont Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State Timer tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:10022 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:11111 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:30031 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:53 0.0.0.0:* LISTEN keepalive (0.09/0/0) tcp 0 0 10.150.0.2:53 60.95.246.24:47322 SYN_RECV on (5.49/4/0) tcp 0 0 10.150.0.2:53 144.1.86.54:28274 SYN_RECV on (12.09/4/0) tcp 0 0 10.150.0.2:53 60.193.113.200:52364 SYN_RECV on (3.09/3/0) tcp 0 0 10.150.0.2:53 195.84.196.252:63259 SYN_RECV on (3.09/3/0) tcp 0 0 10.150.0.2:53 60.10.243.11:6901 SYN_RECV on (5.29/3/0) tcp 0 0 10.150.0.2:53 119.22.33.106:32879 SYN_RECV on (28.29/5/0) tcp 0 0 10.150.0.2:53 57.141.217.89:30622 SYN_RECV on (11.89/4/0) tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:40912 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40908 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40910 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40906 169.254.169.254:80 CLOSE_WAIT off (0.00/0/0) tcp 0 64 10.150.0.2:22 160.3.25.238:44551 ESTABLISHED on (0.28/0/0) tcp 0 0 10.150.0.2:22 160.3.25.238:1473 ESTABLISHED keepalive (4917.50/0/0) tcp6 0 0 ::1:953 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::443 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::10022 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::80 :::* LISTEN off (0.00/0/0) tcp6 0 0 ::1:53 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0) [root@gate0 fw_snaps]# whois 60.95.246.24 % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '60.64.0.0 - 60.159.255.255' % Abuse contact for '60.64.0.0 - 60.159.255.255' is 'abuse@bbtec.net' inetnum: 60.64.0.0 - 60.159.255.255 netname: BBTEC descr: Japan Nation-wide Network of Softbank Corp. country: JP org: ORG-SC4-AP admin-c: SA421-AP tech-c: SA421-AP status: ALLOCATED PORTABLE mnt-by: APNIC-HM mnt-lower: MAINT-JP-BBTECH remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- last-modified: 2017-08-30T07:18:16Z source: APNIC mnt-irt: IRT-SOFTBANK-JP irt: IRT-SOFTBANK-JP address: Tokyo Shiodome bldg., address: 1-9-1, Higashi-Shimbashi address: Minatoku,Tokyo, Japan e-mail: abuse@bbtec.net abuse-mailbox: abuse@bbtec.net admin-c: HS2334-AP tech-c: HS2334-AP auth: # Filtered remarks: abuse@bbtec.net was validated on 2019-12-18 mnt-by: MAINT-JP-BBTECH last-modified: 2019-12-18T03:34:44Z source: APNIC organisation: ORG-SC4-AP org-name: SOFTBANK Corp. country: JP address: Shiodome Sumitomo Bldg. 24F address: 1-9-2, Higashi-Shimbashi phone: +81-3-6889-6365 e-mail: SBBGRP-ispnw@g.softbank.co.jp mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2019-05-13T12:55:44Z source: APNIC role: SoftbankBB ABUSE address: Tokyo Shiodome bldg., 1-9-1, Higashi-Shimbashi, Minatoku,Tokyo country: JP phone: +81-3-6688-5120 e-mail: abuse@bbtec.net remarks: Please send spam report,virus alart remarks: or any other abuse report remarks: to abuse@bbtec.net remarks: Any other Information, Notice, remarks: Please send to hostmaster@bbtec.net admin-c: HS2334-AP tech-c: HS2334-AP nic-hdl: SA421-AP mnt-by: MAINT-JP-BBTECH last-modified: 2018-08-08T06:22:48Z source: APNIC % This query was served by the APNIC Whois Service version 1.88.15-47 (WHOIS-US4) [root@gate0 fw_snaps]# netstat -aont Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State Timer tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:10022 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:11111 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:30031 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:53 0.0.0.0:* LISTEN keepalive (0.09/0/0) tcp 0 0 10.150.0.2:53 60.95.246.24:47322 SYN_RECV on (5.49/4/0) tcp 0 0 10.150.0.2:53 144.1.86.54:28274 SYN_RECV on (12.09/4/0) tcp 0 0 10.150.0.2:53 60.193.113.200:52364 SYN_RECV on (3.09/3/0) tcp 0 0 10.150.0.2:53 195.84.196.252:63259 SYN_RECV on (3.09/3/0) tcp 0 0 10.150.0.2:53 60.10.243.11:6901 SYN_RECV on (5.29/3/0) tcp 0 0 10.150.0.2:53 119.22.33.106:32879 SYN_RECV on (28.29/5/0) tcp 0 0 10.150.0.2:53 57.141.217.89:30622 SYN_RECV on (11.89/4/0) tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:40912 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40908 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40910 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40906 169.254.169.254:80 CLOSE_WAIT off (0.00/0/0) tcp 0 64 10.150.0.2:22 160.3.25.238:44551 ESTABLISHED on (0.28/0/0) tcp 0 0 10.150.0.2:22 160.3.25.238:1473 ESTABLISHED keepalive (4917.50/0/0) tcp6 0 0 ::1:953 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::443 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::10022 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::80 :::* LISTEN off (0.00/0/0) tcp6 0 0 ::1:53 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0) [root@gate0 fw_snaps]# whois 119.22.33.106 % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '119.22.0.0 - 119.22.255.255' % Abuse contact for '119.22.0.0 - 119.22.255.255' is 'ipas@cnnic.cn' inetnum: 119.22.0.0 - 119.22.255.255 netname: Etelnet descr: Beijing Etelphone Technology CO.,LTD descr: Three Floor Building West District Eternalink Building 28 descr: Beisanhuandong Road,Chaoyang District,Beijing country: CN admin-c: HY1201-AP tech-c: HY1201-AP mnt-by: MAINT-CNNIC-AP mnt-lower: MAINT-CNNIC-AP mnt-irt: IRT-CNNIC-CN status: ALLOCATED PORTABLE last-modified: 2014-12-30T03:40:02Z source: APNIC irt: IRT-CNNIC-CN address: Beijing, China e-mail: ipas@cnnic.cn abuse-mailbox: ipas@cnnic.cn admin-c: IP50-AP tech-c: IP50-AP auth: # Filtered remarks: Please note that CNNIC is not an ISP and is not remarks: empowered to investigate complaints of network abuse. remarks: Please contact the tech-c or admin-c of the network. mnt-by: MAINT-CNNIC-AP last-modified: 2017-11-01T08:57:39Z source: APNIC person: Hui Yu nic-hdl: HY1201-AP e-mail: uapnic@163.com address: 3th Floor West District Eternalink Building Chaoyang,Beijing phone: +86-010-64405737 fax-no: +86-010-64405763 country: CN mnt-by: MAINT-CNNIC-AP last-modified: 2008-09-04T07:50:10Z source: APNIC % This query was served by the APNIC Whois Service version 1.88.15-47 (WHOIS-US3) [root@gate0 fw_snaps]# netstat -aont Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State Timer tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:10022 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:11111 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 0.0.0.0:30031 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:53 0.0.0.0:* LISTEN keepalive (0.17/0/0) tcp 0 0 10.150.0.2:53 153.171.98.189:26513 SYN_RECV on (1.17/5/0) tcp 0 0 10.150.0.2:53 119.51.185.100:7667 SYN_RECV on (0.17/5/0) tcp 0 0 10.150.0.2:53 57.187.147.19:18086 SYN_RECV on (13.57/5/0) tcp 0 0 10.150.0.2:53 144.111.45.129:17113 SYN_RECV on (7.37/4/0) tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN off (0.00/0/0) tcp 0 0 10.150.0.2:40934 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:40946 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 64 10.150.0.2:22 160.3.25.238:44551 ESTABLISHED on (0.28/0/0) tcp 0 0 10.150.0.2:40936 169.254.169.254:80 CLOSE_WAIT off (0.00/0/0) tcp 0 0 10.150.0.2:40942 169.254.169.254:80 ESTABLISHED off (0.00/0/0) tcp 0 0 10.150.0.2:22 160.3.25.238:1473 ESTABLISHED keepalive (4700.17/0/0) tcp6 0 0 ::1:953 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::443 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::10022 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::80 :::* LISTEN off (0.00/0/0) tcp6 0 0 ::1:53 :::* LISTEN off (0.00/0/0) tcp6 0 0 :::22 :::* LISTEN off (0.00/0/0) [root@gate0 fw_snaps]# whois 144.111.45.129 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2020, American Registry for Internet Numbers, Ltd. # NetRange: 144.111.0.0 - 144.111.255.255 CIDR: 144.111.0.0/16 NetName: ADESK-EUROPE NetHandle: NET-144-111-0-0-1 Parent: NET144 (NET-144-0-0-0-0) NetType: Direct Assignment OriginAS: Organization: Autodesk , Inc. (AUTODE-1) RegDate: 1990-12-03 Updated: 2010-10-06 Comment: 10. Additional Information: Ref: https://rdap.arin.net/registry/ip/144.111.0.0 OrgName: Autodesk , Inc. OrgId: AUTODE-1 Address: 111 McInnis Parkway City: San Rafael StateProv: CA PostalCode: 94903 Country: US RegDate: 1990-12-03 Updated: 2011-09-24 Ref: https://rdap.arin.net/registry/entity/AUTODE-1 OrgTechHandle: HO30-ORG-ARIN OrgTechName: Autodesk Hostmaster OrgTechPhone: +1-415-507-5000 OrgTechEmail: hostmaster@autodesk.com OrgTechRef: https://rdap.arin.net/registry/entity/HO30-ORG-ARIN OrgAbuseHandle: HO30-ORG-ARIN OrgAbuseName: Autodesk Hostmaster OrgAbusePhone: +1-415-507-5000 OrgAbuseEmail: hostmaster@autodesk.com OrgAbuseRef: https://rdap.arin.net/registry/entity/HO30-ORG-ARIN RTechHandle: HO30-ORG-ARIN RTechName: Autodesk Hostmaster RTechPhone: +1-415-507-5000 RTechEmail: hostmaster@autodesk.com RTechRef: https://rdap.arin.net/registry/entity/HO30-ORG-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2020, American Registry for Internet Numbers, Ltd. # [root@gate0 fw_snaps]# whois 57.187.147.19 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2020, American Registry for Internet Numbers, Ltd. # NetRange: 57.0.0.0 - 57.255.255.255 CIDR: 57.0.0.0/8 NetName: RIPE-ERX-57 NetHandle: NET-57-0-0-0-1 Parent: () NetType: Early Registrations, Maintained by RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 1993-06-20 Updated: 2014-10-14 Comment: These addresses have been further assigned to users in the RIPE NCC region. Contact information can be found in the RIPE database at http://www.ripe.net/whois Ref: https://rdap.arin.net/registry/ip/57.0.0.0 ResourceLink: https://apps.db.ripe.net/search/query.html ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois://whois.ripe.net ResourceLink: https://apps.db.ripe.net/search/query.html OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: hostmaster@ripe.net OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: abuse@ripe.net OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2020, American Registry for Internet Numbers, Ltd. # Found a referral to whois.ripe.net. % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '57.101.0.0 - 57.193.255.255' % Abuse contact for '57.101.0.0 - 57.193.255.255' is 'abuse@sita.aero' inetnum: 57.101.0.0 - 57.193.255.255 netname: SITA-NET country: BE org: ORG-SIDT4-RIPE admin-c: SITA tech-c: SITA status: LEGACY mnt-by: SITA-MNT mnt-by: RIPE-NCC-LEGACY-MNT created: 2020-02-04T16:42:36Z last-modified: 2020-02-04T16:42:36Z source: RIPE organisation: ORG-SIDT4-RIPE org-name: Societe Internationale de Telecommunications Aeronautiques org-type: LIR address: Chemin de Joinville 26 address: 1216 address: Geneva address: SWITZERLAND phone: +41227476000 abuse-c: SITA mnt-ref: RIPE-NCC-HM-MNT mnt-ref: SITA-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: SITA-MNT created: 2015-06-10T15:19:37Z last-modified: 2016-08-24T10:21:24Z source: RIPE # Filtered role: SITA NOC address: SITA nic-hdl: SITA mnt-by: SITA-MNT created: 2015-06-23T14:44:44Z last-modified: 2015-06-24T07:59:01Z source: RIPE # Filtered abuse-mailbox: abuse@sita.aero org: ORG-SIDT4-RIPE % This query was served by the RIPE Database Query Service version 1.96 (HEREFORD) [root@gate0 fw_snaps]# whois 153.171.98.189 [ JPNIC database provides information regarding IP address and ASN. Its use ] [ is restricted to network administration purposes. For further information, ] [ use 'whois -h whois.nic.ad.jp help'. To only display English output, ] [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'. ] Network Information: a. [Network Number] 153.171.0.0/17 b. [Network Name] OCN g. [Organization] Open Computer Network m. [Administrative Contact] JP00009614 n. [Technical Contact] JP00009427 p. [Nameserver] ns-kg003.ocn.ad.jp p. [Nameserver] ns-kn003.ocn.ad.jp [Assigned Date] 2013/04/02 [Return Date] [Last Update] 2013/04/02 13:29:03(JST) Less Specific Info. ---------- NTT COMMUNICATIONS CORPORATION [Allocation] 153.128.0.0-153.253.255.255 More Specific Info. ----------