[plug] 150.70.84.43
Niffum
bulkniffum at iinet.net.au
Sun Jan 11 19:01:30 WST 2009
I tried nslookup to resolve the ip address, I didn't know about dig -x..
I thought it may be a dodgy host because i would expect that a non
dodgy host would have created a reverse lookup that i could just nslookup.
Trend is installed on this pc so that would be why. I was about to
add that ip address to my already huge hosts.deny
At 05:52 PM 11/01/2009, you wrote:
>it seems that the IP address is hosted in Japan.
>
>whois tells me
>whois 150.70.84.43
>inetnum: 150.26.0.0 - 150.100.255.255
>netname: JAPAN150
>country: JP
>descr: Japan Network Information Center
> <snip>
>role: Japan Network Information Center
>address: Kokusai-Kougyou-Kanda Bldg 6F, 2-3-4 Uchi-Kanda
>address: Chiyoda-ku, Tokyo 101-0047, Japan
>country: JP
> <snip>
>
>and a reverse DNS tells me that trendmicro are using the specific IP.
>
>dig -x 150.70.84.43
>; <<>> DiG 9.3.4-P1 <<>> -x 150.70.84.43
>;; global options: printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26411
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;43.84.70.150.in-addr.arpa. IN PTR
>
>;; AUTHORITY SECTION:
>70.150.in-addr.arpa. 3600 IN SOA
>tmns1.trendmicro.com. dnsadmin.trendmicro.com. 55 60 600 86400 3600
>
>;; Query time: 1058 msec
>;; SERVER: 10.1.1.100#53(10.1.1.100)
>;; WHEN: Sun Jan 11 17:40:17 2009
>;; MSG SIZE rcvd: 108
>
>
>Not knowing your set up: is it possible you have the trendmicro
>antivirus software installed and that this is using a remote service
>to check websites for malicious code or what ever on the website?
>
>My dealings with Trendmicro is that their products are pretty good
>so I don't think that it is a dodgy remote host.
>
>good luck
>
More information about the plug
mailing list