 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
olliver
Expert Developer
Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes
|
 Posted: Wed May 06, 2009 1:43 am Post subject: SOCKS and relay probing from 205.209.161.* |
 |
|
It seems someone whose server is hosted with Managed Solutions Group, Inc. has an urgent desire for assuring his/her/its anonymity. That in itself isn't bad, however trying to abuse other people's resources for one's own end is. He/she/it has been probing for SOCKS proxy quite a while, as my firewall logs indicate. One would think at some time there is no point in testing an address that does not respond to such requests:
| Quote: |
May 3 05:40:22 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 07:08:10 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 09:45:06 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 13:04:56 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 14:15:57 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 16:05:59 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 16:26:19 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 19:03:12 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 20:38:04 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 22:11:48 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 3 22:52:41 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 01:09:24 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 02:54:29 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 04:05:13 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 04:48:59 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 10:10:39 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 10:35:53 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 12:43:08 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 13:18:17 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 14:50:30 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 20:57:20 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 4 22:07:20 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 00:56:19 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 00:56:39 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 02:58:39 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 03:53:32 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 07:02:15 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 09:56:38 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 10:02:56 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 12:49:45 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 13:47:54 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 17:56:33 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 18:47:11 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 19:55:48 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 5 21:33:03 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 6 00:42:26 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 6 03:48:29 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 6 04:32:13 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.222 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0
May 6 06:37:09 web kernel: Hosted: IN=eth0 OUT= MAC=00:30:05:e3:86:bb:00:0f:35:b2:00:fc:08:00 SRC=205.209.161.14 DST=10.10.10.10 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=1080 WINDOW=8192 RES=0x00 SYN URGP=0 |
10.10.10.10 is used as placeholder for an ip-address under my control. Note that I never see any servers within Managed Solutions Group, Inc's network trying to talk to addresses that aren't supposed to accept any requests from servers (but from enduser ranges). Much less I see someone probing for SOCKS at all, so this indicates it is one and the same customer behind it.
Today, I spotted the same customer trying to probe my mailswerver for relaying capacities:
| Quote: |
May 5 17:42:35 mail sm-mta[5358]: n45FgWvn005358: ruleset=check_rcpt, arg1=<sanjinn001@yahoo.com.tw>, relay=[205.209.161.212], reject=550 5.7.1 <sanjinn001@yahoo.com.tw>... Relaying denied. IP name lookup failed [205.209.161.212]
May 5 17:42:37 mail sm-mta[5358]: n45FgWvn005358: lost input channel from [205.209.161.212] to MTA-v4 after rcpt
May 5 17:42:37 mail sm-mta[5358]: n45FgWvn005358: from=<0505i@163.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA-v4, relay=[205.209.161.212]
May 6 05:54:48 mail sm-mta[6330]: n463sj3v006330: ruleset=check_rcpt, arg1=<sanjinn001@yahoo.com.tw>, relay=[205.209.161.212], reject=550 5.7.1 <sanjinn001@yahoo.com.tw>... Relaying denied. IP name lookup failed [205.209.161.212]
May 6 05:54:48 mail sm-mta[6330]: n463sj3v006330: lost input channel from [205.209.161.212] to MTA-v4 after rcpt
May 6 05:54:48 mail sm-mta[6330]: n463sj3v006330: from=<0505i@163.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA-v4, relay=[205.209.161.212] |
Managed Solutions Group, Inc's rwhois server fortunately lists the customer's name in most cases:
205.209.161.212
| Quote: |
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.212/32
network:IP-Network-Block:205.209.161.212
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse curly thing managedsg-inc.com |
Now compare the Chinese symbols with the entries for addresses that were used for proxy testing:
205.209.161.222
| Quote: |
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.222/32
network:IP-Network-Block:205.209.161.222
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse curly sign managedsg-inc.com |
205.209.161.14
| Quote: |
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.14/32
network:IP-Network-Block:205.209.161.14
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse curly shape managedsg-inc.com |
As you can see (unless your OS does not support the display of Chinese symbols), the Chinese symbols for these addresses are identical. Translated they result in the name Chen Jiaxing (note that Chinese names, like Hungarian and Japanese names, start with the surname first [1]). Since it appears that Chen Jiaxing's ip addresses are scattered within 205.209.161.0/24 and I've got no idea whether there are more waiting to be activated/replaced, I decided to firewall 205.209.161.0/24 for now.
O.
edit: I find it quite irritating that there doesn't seem to be a working website for Managed Solutions Group, Inc.
| Quote: |
olliver@bunkiten:~$ host managedsg-inc.com
managedsg-inc.com has address 205.209.190.12
managedsg-inc.com mail is handled by 10 mail.managedsg-inc.com.
olliver@bunkiten:~$ host www.managedsg-inc.com
Host www.managedsg-inc.com not found: 3(NXDOMAIN)
olliver@bunkiten:~$ telnet managedsg-inc.com 80
Trying 205.209.190.12...
telnet: Unable to connect to remote host: Connection timed out |
I wonder how they get customers when nobody seems to be able to place an order?
edit 2: It seems this company is nowadays known as
| Quote: |
AKANOC Solutions, Inc.
Corporate Office
45535 Northport Loop East
Fremont, CA 94538
Telephone: 888.589.5589
Facsimile: 510.580.5589 |
source: http://www.coloalacarte.com/contact.htm
I think they really should update their network info to reflect this change.
---
[1] to be precise, they are written this way whenever some text is written for a native audience. If, however, a text is written in English, the names are often written in the order most western civilisations are familiar with. Similarly, the order may be swapped once a former citizen of one of these nations moves to a country where the name order is different.
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe.
Last edited by olliver on Wed May 06, 2009 3:38 am; edited 1 time in total |
|
| Back to top |
|
 |
olliver
Expert Developer
Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes
|
| Posted: Wed May 06, 2009 3:34 am Post subject: |
|
|
Research reveals a lot of Chinese customers in this /24 and almost all ip addresses involved with some kind of service probing.
http://search.live.com/results.aspx?q=205.209.161&go=&form=QBLH&filt=all
(Google is less than useful for this particular query, kudos to Microsoft for getting it right here)
I also found more addresses rented by Mr/Mrs Chen:
205.209.161.30
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.30/32
network:IP-Network-Block:205.209.161.30
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse add managedsg-inc.com
205.209.161.84
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.84/32
network:IP-Network-Block:205.209.161.84
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse subtract managedsg-inc.com
205.209.161.108
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.108/32
network:IP-Network-Block:205.209.161.108
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse multiply managedsg-inc.com
205.209.161.162
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.162/32
network:IP-Network-Block:205.209.161.162
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse divide managedsg-inc.com
205.209.161.181
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.181/32
network:IP-Network-Block:205.209.161.181
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse split managedsg-inc.com
205.209.161.196
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.196/32
network:IP-Network-Block:205.209.161.196
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse severed managedsg-inc.com
205.209.161.236
network:Auth-Area:205.209.128.0/18
network:Class-Name:network
network:Network-Name:NET-MSG
network:IP-Network:205.209.161.236/32
network:IP-Network-Block:205.209.161.236
network:Organization-Name:陳 嘉興
network:Description-Usage:customer
network:Created:20090506
network:Updated:20090506
network:Updated-By:abuse separated managedsg-inc.com
I suppose this /24 will remain firewalled for a while on my mailswerver, as it doesn't seem anything legitimate is hidden here.
O.
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
