whoisコマンドの使い方
Masato Mori (@morimorihoge) | Twitter さんが纏めておられる上記ページで
whois -h で問い合わせるデータベースを変えられることを初めて知った。
改めてwhoisコマンドでIPアドレス情報やドメイン名情報について調べる方法について備忘録として纏める。
取り敢えずまずは「qiita.com」を調べてみる。
nslookup qiita.com Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: qiita.com Address: 54.65.136.44 Name: qiita.com Address: 52.68.142.26 Name: qiita.com Address: 52.68.248.89 Name: qiita.com Address: 2406:da14:add:901:44bd:ed95:aff7:809a Name: qiita.com Address: 2406:da14:add:902:be3b:fa96:9d64:faac Name: qiita.com Address: 2406:da14:add:900:1ad6:91c5:203a:f462
dig でも良いです。 取り敢えず1個目のIPv4アドレスを調査する。 まずはIANAに確認する。
whois -h whois.iana.org 54.65.136.44 % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object refer: whois.arin.net inetnum: 54.0.0.0 - 54.255.255.255 organisation: Administered by ARIN status: LEGACY whois: whois.arin.net changed: 1992-03 source: IANA
54.0.0.0.0/8 は取り敢えず ARIN の管轄だったようです。 次はARINに確認します。
whois -h whois.arin.net 54.65.136.44 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2019, American Registry for Internet Numbers, Ltd. # NetRange: 54.64.0.0 - 54.71.255.255 CIDR: 54.64.0.0/13 NetName: AMAZON-2011L NetHandle: NET-54-64-0-0-1 Parent: NET54 (NET-54-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Amazon Technologies Inc. (AT-88-Z) RegDate: 2014-06-20 Updated: 2014-06-20 Ref: https://rdap.arin.net/registry/ip/54.64.0.0 OrgName: Amazon Technologies Inc. OrgId: AT-88-Z Address: 410 Terry Ave N. City: Seattle StateProv: WA PostalCode: 98109 Country: US RegDate: 2011-12-08 Updated: 2019-07-25 Comment: All abuse reports MUST include: Comment: * src IP Comment: * dest IP (your IP) Comment: * dest port Comment: * Accurate date/timestamp and timezone of activity Comment: * Intensity/frequency (short log extracts) Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time. Ref: https://rdap.arin.net/registry/entity/AT-88-Z OrgRoutingHandle: IPROU3-ARIN OrgRoutingName: IP Routing OrgRoutingPhone: +1-206-266-4064 OrgRoutingEmail: aws-routing-poc@amazon.com OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN OrgAbuseHandle: AEA8-ARIN OrgAbuseName: Amazon EC2 Abuse OrgAbusePhone: +1-206-266-4064 OrgAbuseEmail: abuse@amazonaws.com OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN OrgNOCHandle: AANO1-ARIN OrgNOCName: Amazon AWS Network Operations OrgNOCPhone: +1-206-266-4064 OrgNOCEmail: amzn-noc-contact@amazon.com OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN OrgTechHandle: ANO24-ARIN OrgTechName: Amazon EC2 Network Operations OrgTechPhone: +1-206-266-4064 OrgTechEmail: amzn-noc-contact@amazon.com OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2019, American Registry for Internet Numbers, Ltd. #
ARINから移管されてないようです。 ARINはRDAPでも値を持ってこれるようです。
https://rdap.arin.net/registry/ip/54.64.0.0
他のIPもすべてAmazonのようです。
次に、
https://ja.softether.org/を確認します。
nslookup ja.softether.org Server: 127.0.0.53 Address: 127.0.0.53#53 Non-authoritative answer: Name: ja.softether.org Address: 130.158.75.57
whois -h whois.iana.org 130.158.75.57 % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object refer: whois.arin.net inetnum: 130.0.0.0 - 130.255.255.255 organisation: Administered by ARIN status: LEGACY whois: whois.arin.net changed: 1993-05 source: IANA
whois -h whois.arin.net 130.158.75.57 ✘ 130 # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2019, American Registry for Internet Numbers, Ltd. # NetRange: 130.158.0.0 - 130.158.255.255 CIDR: 130.158.0.0/16 NetName: APNIC-ERX-130-158-0-0 NetHandle: NET-130-158-0-0-1 Parent: NET130 (NET-130-0-0-0-0) NetType: Early Registrations, Transferred to APNIC OriginAS: Organization: Asia Pacific Network Information Centre (APNIC) RegDate: 2003-11-12 Updated: 2018-02-02 Comment: This IP address range is not registered in the ARIN database. This range was transferred to the APNIC Whois Database as part of the ERX (Early Registration Transfer) project. For details, refer to the APNIC Whois Database via WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl ** IMPORTANT NOTE: APNIC is the Regional Internet Registry for the Asia Pacific region. APNIC does not operate networks using this IP address range and is not able to investigate spam or abuse reports relating to these addresses. For more help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming Ref: https://rdap.arin.net/registry/ip/130.158.0.0 ResourceLink: http://wq.apnic.net/whois-search/static/search.html ResourceLink: whois.apnic.net OrgName: Asia Pacific Network Information Centre OrgId: APNIC Address: PO Box 3646 City: South Brisbane StateProv: QLD PostalCode: 4101 Country: AU RegDate: Updated: 2012-01-24 Ref: https://rdap.arin.net/registry/entity/APNIC ReferralServer: whois://whois.apnic.net ResourceLink: http://wq.apnic.net/whois-search/static/search.html OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3188 OrgTechEmail: search-apnic-not-arin@apnic.net OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN OrgAbuseHandle: AWC12-ARIN OrgAbuseName: APNIC Whois Contact OrgAbusePhone: +61 7 3858 3188 OrgAbuseEmail: search-apnic-not-arin@apnic.net OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2019, American Registry for Internet Numbers, Ltd. # whois.apnic.net への照会をみつけました % [whois.apnic.net] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html % Information related to '130.158.0.0 - 130.158.255.255' % Abuse contact for '130.158.0.0 - 130.158.255.255' is 'hostmaster@nic.ad.jp' inetnum: 130.158.0.0 - 130.158.255.255 netname: UTINS country: JP descr: University of Tsukuba admin-c: KK17-AP tech-c: KK17-AP status: ALLOCATED PORTABLE notify: katagisi@cc.tsukuba.ac.jp notify: akira@cc.tsukuba.ac.jp mnt-by: MAINT-JPNIC mnt-irt: IRT-JPNIC-JP mnt-lower: MAINT-JPNIC last-modified: 2015-12-01T22:24:25Z source: APNIC irt: IRT-JPNIC-JP address: Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda address: Chiyoda-ku, Tokyo 101-0047, Japan e-mail: hostmaster@nic.ad.jp abuse-mailbox: hostmaster@nic.ad.jp admin-c: JNIC1-AP tech-c: JNIC1-AP auth: # Filtered mnt-by: MAINT-JPNIC last-modified: 2017-10-18T10:21:54Z source: APNIC person: Kazuki Katagishi address: University of Tsukuba 1-1-1 Tennoudai, Tsukuba305-8577 country: JP phone: +81-298-53-6221 fax-no: +81-298-53-2983 e-mail: katagisi@cc.tsukuba.ac.jp nic-hdl: KK17-AP remarks: ---------- remarks: imported from ARIN object: remarks: remarks: poc-handle: KK631-ARIN remarks: is-role: N remarks: last-name: Katagishi remarks: first-name: Kazuki remarks: street: University of Tsukuba 1-1-1 Tennoudai, Tsukuba305-8577 remarks: country: JP remarks: mailbox: katagisi@cc.tsukuba.ac.jp remarks: fax-phone: +81-298-53-2983 remarks: bus-phone: +81-298-53-6221 remarks: reg-date: 2001-05-29 remarks: changed: hostmaster@arin.poc 20010529 remarks: source: ARIN remarks: remarks: ---------- notify: katagisi@cc.tsukuba.ac.jp mnt-by: MNT-ERX-TSUKUBAUNI-NON-JP last-modified: 2008-09-04T07:29:34Z source: APNIC % This query was served by the APNIC Whois Service version 1.88.15-46 (WHOIS-JP4)
IANAから自動的にAPNICへ転送されたようです。
APNICにwhois databaseの一覧が有ります
