MoinQ:

1. aichi-recall.site

/tweet /高須

/spamhaus_lookup

更新: DNS的には復活したが、証明書がだめ。-- ToshinoriMaeno 2020-09-03 21:28:48

ドメイン権利者の話ではサイバー攻撃を受けて、サイトがアクセスできなくなったとのことだが、事実は不明である。

serverHoldというレジストリによるテイクダウンが発動されたのは、spam送信とかphishingが多いと思われたということ。

なんらかの攻撃が行われたとすると、サーバーを提供しているさくらは情報を持っているはずだ。

将来、明らかにされることを期待する。

spam送信をしたので、serverHoldにされたということも考えられる。

1.1. SPF

aichi-recall.site. 3559 IN TXT "v=spf1 a:www3754.sakura.ne.jp mx ~all"

レジストリの判断ミスという可能性も考える。(安易にtakedown説)

aichi-recall.site is not listed in the DBL

https://twitter.com/atanaga/status/1301530059430223882?s=20

https://twitter.com/atanaga/status/1301533395789295616?s=20

aichi-recall.jp に移った。

aichi-recall.site.      3600    IN      A       163.43.80.64
aichi-recall.jp.        3600    IN      A       163.43.80.64

64.80.43.163.in-addr.arpa. 3600 IN      PTR     www3754.sakura.ne.jp.

レジストリ側でドメイン利用を停止するのがserverHoldだとあります。

レジストラとレジストリを営むGMOがレジストラでの停止を行わずにレジストリでのserverHoldを行なったのはなぜか。 -- ToshinoriMaeno 2020-09-03 06:16:55

ドメイン権利者は大規模攻撃があったと言っている。

-- ToshinoriMaeno 2020-09-03 12:20:28


Domain Status: serverHold https://icann.org/epp#serverHold /serverHold

/whois.nic.site レジストリの返答

https://twitter.com/beyondDNS/status/1301516609480163329?s=20

----

whois.nic.site

Query:

Code:

Query results for 'aichi-recall.site'

[whois.nic.site]
Domain Name: AICHI-RECALL.SITE
Registry Domain ID: D188020374-CNIC
Registrar WHOIS Server: whois.discount-domain.com
Registrar URL: http://www.onamae.com
Updated Date: 2020-09-02T23:04:00.0Z
Creation Date: 2020-05-31T00:17:31.0Z
Registry Expiry Date: 2021-05-31T23:59:59.0Z
Registrar: GMO
Registrar IANA ID: 49
Domain Status: serverHold https://icann.org/epp#serverHold
Registrant Organization: Whois Privacy Protection Service by onamae.com
Registrant State/Province: Tokyo
Registrant Country: JP
Registrant Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
Admin Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
Tech Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
Name Server: NS1.DNS.NE.JP
Name Server: NS2.DNS.NE.JP
DNSSEC: unsigned
Billing Email: Please query the RDDS service of the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Tech contact of the queried domain name.
Registrar Abuse Contact Email: abuse@gmo.jp
Registrar Abuse Contact Phone: +81.337709199
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2020-09-03T02:23:00.0Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

>>> IMPORTANT INFORMATION ABOUT THE DEPLOYMENT OF RDAP: please visit
https://www.centralnic.com/support/rdap <<<

The Whois and RDAP services are provided by CentralNic, and contain
information pertaining to Internet domain names registered by our
our customers. By using this service you are agreeing (1) not to use any
information presented here for any purpose other than determining
ownership of domain names, (2) not to store or reproduce this data in
any way, (3) not to use any high-volume, automated, electronic processes
to obtain data from this service. Abuse of this service is monitored and
actions in contravention of these terms will result in being permanently
blacklisted. All data is (c) CentralNic Ltd (https://www.centralnic.com)

Access to the Whois and RDAP services is rate limited. For more
information, visit https://registrar-console.centralnic.com/pub/whois_guidance.

Powered by CentralNic.


MoinQ: aichi-recall.site (last edited 2020-09-13 13:03:56 by ToshinoriMaeno)