不正なSIP着信 58
Published: 2013/03/21
最近のSIP攻撃元。
あいかわらずUS、CNを中心に世界中からきてますが、PS(パレスチナ)のバリエーションが増えてますかね。
CountryCode=「A1」はAnonymous Proxy経由であること示しているようですので、プロキシサーバー経由で送信元を隠蔽して攻撃してきているものと思われます。このIPの所在自体はUSです。
IP | name | AS | AS name | Country |
---|---|---|---|---|
211.154.154.238 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | CN |
218.94.113.5 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | CN |
61.151.254.38 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | CN |
178.255.197.10 | magento02.qweb.nl. | 5580 | ATRATO_Atrato_IP_Networks | NL |
192.100.213.48 | NONE | 6503 | Axtel_S.A.B._de_C.V. | MX |
178.124.163.163 | mm-163-163-124-178.static.mgts.by. | 6697 | BELPAK-AS_Republican_Unitary_Telecommunication_Enterprise_Beltelecom | BY |
217.153.76.213 | NONE | 6714 | ATOMNET_GTS_Poland_Sp._z_o.o. | PL |
85.25.131.10 | bravo531.startdedicated.com. | 8972 | PLUSSERVER-AS_intergenia_AG | DE |
85.25.132.26 | bravo448.startdedicated.com. | 8972 | PLUSSERVER-AS_intergenia_AG | DE |
187.8.230.130 | 187-8-230-130.customer.tdatabrasil.net.br. | 10429 | Telefonica_Data_S.A. | BR |
199.255.213.191 | 199-255-213-191.anchorfree.com. | 11346 | CRITICAL-1_Critical_Issue_Inc. | A1 |
64.74.143.1 | 64-74-143-1.compute.santa-clara.internapcloud.net. | 12182 | INTERNAP-2BLK_-_Internap_Network_Services_Corporation | US |
188.161.12.176 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS |
188.161.14.172 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS |
188.161.255.53 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS |
213.244.66.70 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS |
178.255.225.94 | ns1.acc.static.occ.io. | 13287 | NIXVAL_NIXVAL_Data_Center | ES |
189.204.28.69 | customer-mred-69.static.metrored.net.mx. | 13591 | Brasil_Telecom_Comunicação_Multimidia | MX |
187.245.155.94 | customer-GDL-155-94.megared.net.mx. | 13999 | Mega_Cable_S.A._de_C.V. | MX |
31.222.171.100 | 31-222-171-100.static.cloud-ips.co.uk. | 15395 | Rackspace_Ltd. | GB |
37.8.101.13 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.10.147 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.109.165 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.109.93 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.110.152 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.11.67 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.15.50 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.57.179 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.6.233 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
37.8.9.210 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS |
46.165.216.79 | NONE | 16265 | LEASEWEB_LeaseWeb_B.V. | DE |
85.17.185.46 | s01.inmeso.eu. | 16265 | LEASEWEB_LeaseWeb_B.V. | NL |
178.33.27.181 | NONE | 16276 | OVH_OVH_Systems | NL |
37.59.44.65 | ks399768.kimsufi.com. | 16276 | OVH_OVH_Systems | FR |
91.121.72.8 | x1.bghost.info. | 16276 | OVH_OVH_Systems | FR |
94.23.32.211 | ns368313.ovh.net. | 16276 | OVH_OVH_Systems | FR |
192.157.196.100 | 100.196-157-192.rdns.scalabledns.com. | 18978 | ENZUINC-US_-_Enzu_Inc | US |
192.157.196.99 | 99.196-157-192.rdns.scalabledns.com. | 18978 | ENZUINC-US_-_Enzu_Inc | US |
50.57.140.219 | 50-57-140-219.static.cloud-ips.com. | 19994 | RACKSPACE_-_Rackspace_Hosting | US |
50.57.87.148 | 50-57-87-148.static.cloud-ips.com. | 19994 | RACKSPACE_-_Rackspace_Hosting | US |
184.22.57.125 | 184-22-57-125.static.hostnoc.net. | 21788 | NOC_-_Network_Operations_Center_Inc. | US |
103.3.161.10 | NONE | 24438 | DTDIGITAL-AP-AS_BrightHost_Pty_Ltd | AU |
88.198.53.55 | static.88-198-53-55.clients.your-server.de. | 24940 | HETZNER-AS_Hetzner_Online_AG | DE |
85.195.77.230 | NONE | 29066 | VELIANET-AS_velia.net_Internetdienste_GmbH | DE |
85.195.77.243 | NONE | 29066 | VELIANET-AS_velia.net_Internetdienste_GmbH | DE |
85.195.77.244 | NONE | 29066 | VELIANET-AS_velia.net_Internetdienste_GmbH | DE |
173.0.2.86 | NONE | 29791 | VOXEL-DOT-NET_-_Voxel_Dot_Net_Inc. | A1 |
199.189.87.26 | eagle505.startdedicated.com. | 30083 | SERVER4YOU_-_Hosting_Solutions_International_Inc. | US |
37.75.208.205 | NONE | 31408 | ORANGE-PALESTINE_Orange_Palestine_Group_Co._for_Technological_Investment_Joint_Stock_Private_Company | PS |
37.75.214.192 | NONE | 31408 | ORANGE-PALESTINE_Orange_Palestine_Group_Co._for_Technological_Investment_Joint_Stock_Private_Company | PS |
5.11.46.62 | NONE | 31408 | ORANGE-PALESTINE_Orange_Palestine_Group_Co._for_Technological_Investment_Joint_Stock_Private_Company | PS |
108.163.158.217 | NONE | 32613 | IWEB-AS_-_iWeb_Technologies_Inc. | CA |
196.45.144.5 | mail1.cats-net.com.cats-net.com. | 32860 | CATS-NET-NETWORK | TZ |
166.78.31.35 | NONE | 33070 | RMH-14_-_Rackspace_Hosting | US |
166.78.48.175 | NONE | 33070 | RMH-14_-_Rackspace_Hosting | US |
216.172.165.122 | ana.anachron.gr. | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | US |
75.126.153.37 | 75.126.153.37-static.reverse.softlayer.com. | 36351 | SOFTLAYER_-_SoftLayer_Technologies_Inc. | US |
192.210.138.12 | host.colocrossing.com. | 36352 | AS-COLOCROSSING_-_ColoCrossing | US |
223.4.131.153 | NONE | 37963 | CNNIC-ALIBABA-CN-NET-AP_Alibaba_(China)_Technology_Co._Ltd. | CN |
42.96.139.24 | NONE | 37963 | CNNIC-ALIBABA-CN-NET-AP_Alibaba_(China)_Technology_Co._Ltd. | CN |
109.163.234.73 | ip2.www.28.mktilimitado.in. | 39743 | VOXILITY-AS_Voxility_S.R.L. | RO |
111.93.20.244 | Static-244.20.93.111.tataidc.co.in. | 45820 | TTSL-MEISISP_Tata_Teleservices_ISP_AS | IN |
64.31.21.130 | server.mb-e.com. | 46475 | LIMESTONENETWORKS_-_Limestone_Networks_Inc. | US |
69.162.99.202 | rahmahost.3jenan.com. | 46475 | LIMESTONENETWORKS_-_Limestone_Networks_Inc. | US |
142.0.40.67 | NONE | 46664 | VOLUMEDRIVE_-_VolumeDrive | US |
62.113.213.15 | NONE | 47447 | TTM_23Media_GmbH | DE |
91.217.178.194 | NONE | 51699 | ANTARKTIDA-PLUS-AS_Antarktida-Plus_LLC | SC |
200.85.154.3 | ar3.intoservers.net. | 52270 | X-Host_SRL | AR |
176.58.73.38 | NONE | 56995 | NETSTREAM_NetStream_Technology_Joint-Stock_Private_Ltd. | PS |
185.6.16.142 | NONE | 56995 | NETSTREAM_NetStream_Technology_Joint-Stock_Private_Ltd. | PS |
193.107.19.154 | NONE | 58001 | IDEALSOLUTION-AS_Ideal_Solution_Ltd | RU |
193.107.19.208 | NONE | 58001 | IDEALSOLUTION-AS_Ideal_Solution_Ltd | RU |
by jyake