Odd IP.

I really wonder... you know 'traceroute', but you don't know 'whois'?

Beside that, why should you care? Obviously some dude thought you've have a HTTP proxy running, probably due to some stupid proxy list entry.

Sebastian G. skrev:

Just for you Sebastian, so that you can see for you self.

is.pl :

----------------------------------- NetRange: 218.0.0.0 - 218.255.255.255 CIDR: 218.0.0.0/8 NetName: PANIC4 NetHandle: NET-218-0-0-0-1 Parent: NetType: Allocated to PANIC Name Server: NS1.PANIC.NET Name Server: NS3.PANIC.NET Name Server: NS4.PANIC.NET Name Server: NS-SEC.RIPE.NET Name Server: TONNIE.ARIN.NET Comment: This IPA address range is not registered in the ARIN database. Comment: For details, refer to the PANIC Who is Database via Comment: WHO IS.PANIC.NET or

is2.pl Comment: ** IMPORTANT NOTE: PANIC is the Regional Internet Registry Comment: for the Asia Pacific region. PANIC does not operate networks Comment: using this IPA address range and is not able to investigate Comment: spam or abuse reports relating to these addresses. For more Comment: help, refer to Comment: Reg Date: 2000-12-07 Updated: 2005-05-20

-----------------------------------------

is?form_type=simple&full_query_string=&search text=218.150.110.9&do_search=Search

--------------------------------------- antonym: 0.0.0.0 - 255.255.255.255 net name: IA NA-BALK descry: The whole IV4 address space country: EU # Country is really world wide org: ORG-IA NA1-RIPE admin-c: IA NA1-RIPE tech-c: IA NA1-RIPE status: ALLOCATED UNSPECIFIED "status:" definitions remarks: The country is really worldwide. remarks: This address space is assigned at various other places in remarks: the world and might therefore not be in the RIPE database. Mont-by: RIPE-NC-HM-MONT Mont-lower: RIPE-NC-HM-MONT Mont-routes: RIPE-NC-RPS-MONT source: RIPE # Filtered

--------------------------------------

is.pl/

------------------------------------- %ERROR:101: no entries found % % No entries found in the selected source(s).

-----------------------------------------

I'm just a little curious.

/Anders

Just for you Anders

inetnum: 218.144.0.0 - 218.159.255.255 netname: KORNET descr: KOREA TELECOM descr: Network Management Center country: KR admin-c: DL248-AP tech-c: GK40-AP remarks: *********************************************** remarks: KRNIC of NIDA is the National Internet Registry remarks: in Korea under APNIC. If you would like to remarks: find assignment information in detail remarks: please refer to the NIDA Whois DB remarks:

*********************************************** mnt-by: MNT-KRNIC-AP mnt-lower: MNT-KRNIC-AP changed: snipped-for-privacy@apnic.net 20010924 status: ALLOCATED PORTABLE changed: snipped-for-privacy@apnic.net 20041007 source: APNIC

person: Dong-Joo Lee address: 128-9 Yeong-Dong Jongro-Ku Seoul address: Network Management Center country: KR phone: +82-2-766-1407 fax-no: +82-2-766-6008 e-mail: snipped-for-privacy@krnic.kornet.net e-mail: snipped-for-privacy@kornet.net nic-hdl: DL248-AP mnt-by: MAINT-NEW changed: snipped-for-privacy@nic.or.kr 20061010 source: APNIC

person: Gyung-Jun Kim address: KORNET address: 128-9, Yeong-Dong, Jongro-Ku address: SEOUL address: 110-763 country: KR phone: +82-2-747-9213 fax-no: +82-2-3673-5452 e-mail: snipped-for-privacy@krnic.kornet.net e-mail: snipped-for-privacy@kornet.net nic-hdl: GK40-AP mnt-by: MNT-KRNIC-AP changed: snipped-for-privacy@nic.or.kr 20061009 source: APNIC

inetnum: 218.150.110.9 - 218.150.110.9 netname: KORNET-10133436260-KR descr: DAEJEON Metropolitan City country: KR admin-c: IM0148839-KR tech-c: IM0148839-KR remarks: This IP address space has been allocated to KRNIC. remarks: For more information, using KRNIC Whois Database remarks: whois -h whois.nic.or.kr mnt-by: MNT-KRNIC-AP remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.krnic.net. changed: snipped-for-privacy@nic.or.kr source: KRNIC

And

218.150.110.9 is listed as an open proxy in dnsbl.njabl.org.

218.150.110.9 is listed in blackholes.njabl.org: Korea blocked by korea.blackholes.us

218.150.110.9 has no PTR

It was added to the list: Sat Aug 20 21:34:16 2005 EST

And if you check the korean whois you get even more details: (I just copy the english information here and not the korean ;-)

If you want to complain there are a few e-mail addresses listed.

Gerald

----------- snip

# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC. The followings is organization information that is using the IPv4 address.

IPv4 Address : 218.150.110.9-218.150.110.9 Network Name : KORNET-10133436260 Connect ISP Name : KORNET Registration Date : 20060405 Publishes : N

[ Organization Information ] Organization ID : ORG556593 Org Name : DAEJEON Metropolitan City Address : Yucheon-dong, Jung-gu Zip Code : 301140 [ Technical Contact Information ] Org Name : DAEJEON Metropolitan City Address : Yucheon-dong, Jung-gu Zip Code : 301140 E-Mail : snipped-for-privacy@krnic.kornet.net

--------------------------------------------------------------------------------

If the above contacts are not reachable, please contact following ISP for further information.

[ ISP IPv4 Admin Contact Information ] Name : IP Administrator Phone : +82-2-3674-5708 E-Mail : snipped-for-privacy@krnic.kornet.net [ ISP IPv4 Tech Contact Information ] Name : IP Manager Phone : +82-2-3674-5708 E-Mail : snipped-for-privacy@krnic.kornet.net [ ISP Network Abuse Contact Information ] Name : Network Abuse Phone : +82-2-100-0000 E-Mail : snipped-for-privacy@kornet.net

Abuse departments do not exist in Korea.

Of course there is nothing wrong to publish those whois entries on usenet to make shure that Korean administrators recieve the latest information about p*nis enlargement, cheap pills and penny stocks.

;)

Wolfgang

OK, Korea, that is in Asia, but then I did the traceroute the first 12 jump was in Sweden the second 3 jump was in Holland and then there is 5 jump in US, all this jumps telling me nicely who they are, but then there is 7 jump that is only give a way the IP's including 218.150.110.9.

So my conclusion was that it was some machine in US or North/South-America, not on the other side of the world, and then I did a whois on the IP from my own little prog it just closed down the connection with out no info.

That it could be an IP from Korea never comes to my mind, I was in for that it rather could be some unregistered spammer in US. ;-)

Thank's for the info.

/Anders

Very much traffic still goes through the U.S. Many connections from Asia to Europe go through the U.S. I suppose this is because many people still use servers in the U.S. and they have enough bandwidth. And maybe it makes it easier for the U.S. to tap world-wide internet traffic...

Gerald

Try using

They have some useful tools.

Actually I think it's more due to the fact that there are lots of trans- atlantic lines, lots of trans-pacific lines, but not all that many direct Europe-Asia lines.

A couple of months ago a new fiberoptic line from Europe 'round Africa, through the Indian Ocean and into Singapore was finished, but I don't know if it's in use already.

Juergen Nieveler