Who the hell is this ??

Discussion in 'Computer Support' started by billhook, Jan 25, 2010.

  1. billhook

    billhook Guest

    Malwarebytes periodically pops up with the message that it has blocked
    access to malicious site 222.186.12.40, whois traces it to Chinanet
    Beijing, anyway of finding out who is actually using this IP
    address ?, thanks in advance.
     
    billhook, Jan 25, 2010
    #1
    1. Advertisements

  2. billhook

    Respondant Guest

    Without even checking I'll bet 222.186.12.40 traces back to Chinanet.

    Just turn off the "alerts" (or whatever the hell Malwarebytes calls it these
    days) and go on with your life.

    Don't get me wrong. I think Malwarebytes is good stuff. But It'll serve
    you a LOT better if you don't pay attention to what it's doing if you let it
    run constantly in the background.
     
    Respondant, Jan 25, 2010
    #2
    1. Advertisements

  3. billhook

    softnfurry Guest

    http://www.markosweb.com/network/222.186.12/
     
    softnfurry, Jan 25, 2010
    #3
  4. billhook

    Caffista Guest

    Brilliant deduction . . .
     
    Caffista, Jan 25, 2010
    #4
  5. billhook

    Mike Easter Guest

    The entire /16 netblock, over 16,000 IP addresses, including
    222.186.12.40 is a very large spamhaus ROKSO block, which ROKSO is in
    the spamhaus register of known spam operations, a 'serious' spamgang as
    it were, which ROKSO is listed as/ called by/ 'Canadian Pharmacy' in the
    database.

    Currently there are 128 such rokso operations listed in the spamhaus db,
    which such operations are estimated to be responsible for about 80% of
    spam.

    Most such rokso operations are assigned a 'country' based on spamhaus
    research, and this Canadian Pharmacy named spamhaus rokso block
    'oversight' is assigned to the Ukraine.

    As far as the RIRs regional registrars and apnic are concerned, the ip
    falls under chinanet-js which js stands for Jiangsu - which chinanet-js
    apnic block is even larger, a /13 or over half a million individual IPs
    of which your item is one.
     
    Mike Easter, Jan 25, 2010
    #5
  6. FWIW, I don't need to know. It's from what I consider to be the armpit
    of the net...so it doesn't need to connect to me. :)

    n0i
     
    thund3rstruck, Jan 25, 2010
    #6
  7. billhook

    OldGringo38 Guest

    , In The Beginning God Created The Heavens And Earth, Then I Added My
    Two Cents To The Post:
    China Telcom. Find out at whois.net
     
    OldGringo38, Jan 25, 2010
    #7
  8. billhook

    Whiskers Guest

    You could try getting a job with Chinanet, or the Chinese government. Or
    slightly less reliable, a senior job in any national government or police
    authority. Or perhaps a 'secret service' of some sort.

    The ISP's customer may not be aware that their computer is 'owned' by a
    spammer or other undesirable type.
     
    Whiskers, Jan 25, 2010
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.