December 15th in WordPress by charlie .

Is APNIC.NET a Comment Spammer Haven?

Hi Apnic.net! I think you’re the home of millions of spammers, and I’m blacklisting your networks.

I write a lot about comment spam. Like email spam, comment spam is poorly written, weak attempts to gain clicks and visits to pathetic websites.

The sites I manage attract a lot of comment spam. I catalog the spam by keywords, email address, domain name, IP address and sometimes other characteristics so I can learn about it and combat it.

So what I’ve discovered by cataloging all this garbage is one key fact: Apnic.net sources IP addresses to a lot of spammer havens.

I’m inclined to think that Apnic.net is a bad organization who needs to be held accountable for the abuse perpetrated by people on their networks. But maybe I’m just reacting too strongly to the problems caused by these spammers. Maybe it’s the businesses who use the services of Apnic.net who are responsible and need to be held accountable.

Check it out.

All the comment spam I get comes from just a few IP address ranges, and they all originate from Apnic.net. Here’s a list of recent spammer IP addresses, the WHOIS results of those IPs, and the Class A ranges for each.

Spammer IP: 61.93.76.178
http://www.networksolutions.com/whois/results.jsp?ip=61.93.76.178
61.0.0.0 – 61.255.255.255

Spammer IP: 116.71.58.215
http://www.networksolutions.com/whois/results.jsp?ip=116.71.58.215
116.0.0.0 – 116.255.255.255

Spammer IP: 218.6.24.185
http://www.networksolutions.com/whois/results.jsp?ip=218.6.24.185
218.0.0.0 – 218.255.255.255

Spammer IP: 59.58.139.68
http://www.networksolutions.com/whois/results.jsp?ip=59.58.139.68
59.0.0.0 – 59.255.255.255

Spammer IP: 125.78.243.68
http://www.networksolutions.com/whois/results.jsp?ip=125.78.243.68
125.0.0.0 – 125.255.255.255

Spammer IP: 221.6.130.90
http://www.networksolutions.com/whois/results.jsp?ip=221.6.130.90
221.0.0.0 – 221.255.255.255

Spammer IP: 58.22.68.250
http://www.networksolutions.com/whois/results.jsp?ip=58.22.68.250
58.0.0.0 – 58.255.255.255

Spammer IP: 120.40.148.233
http://www.networksolutions.com/whois/results.jsp?ip=120.40.148.233
120.0.0.0 – 120.255.255.255

Spammer IP: 110.82.131.30
http://www.networksolutions.com/whois/results.jsp?ip=110.82.131.30
110.0.0.0 – 110.255.255.255

You can see from the WHOIS results that Apnic.net is at the heart of this problem.

But rather than just yell and scream about this problem I dug a little deeper on Apnic.net and found their WHOIS page, http://wq.apnic.net/apnic-bin/whois.pl. I ran the IP addresses of the spammers and got more specific results.

Now, I know that this is an unreasonably long list, but it’s provided me with the specific IP address ranges to blacklist, rather than all the Class A ranges provisioned by Apnic.net. Some of the legitimate traffic to the sites I manage come from Apnic.net’s IPs and I don’t want to exclude good traffic.

Am I going to contact these people directly? That’s an intriguing and almost humorous thought. I just might.

You can blacklist the IP ranges from each ‘inetnum’ below.

Spammer IP: 61.93.76.178

inetnum:      61.93.0.0 – 61.93.255.255
netname:      CTIHK
descr:        City Telecom (H.K.) Ltd
descr:        Internet Service Provider in Hong Kong
country:      HK
admin-c:      CH134-AP
tech-c:       SL113-AP
mnt-by:       APNIC-HM
mnt-lower:    MAINT-HK-CTI
changed:      hostmaster@apnic.net 20020517
status:       ALLOCATED PORTABLE
source:       APNIC

person:       CTINETS HOSTMASTER
address:      15/F, Trans Asia Centre,
address:      18 Kin Hong Street,
address:      Kwai Chung, N.T.,
address:      Hong Kong
country:      HK
phone:        +852-3145-5111
fax-no:       +852-3145-5267
e-mail:       hostmaster@ctihk.com
nic-hdl:      CH134-AP
mnt-by:       MAINT-HK-CTI
changed:      hostmaster@ctihk.com 20000831
source:       APNIC

person:       Sam Leung
nic-hdl:      SL113-AP
e-mail:       fionat@ctihk.com
address:      15/F, Trans Asia Centre, 18 Kin Hong Street, Kwai Chung, Hong Kong
address:
address:      +         Send spam and abuse reports to
address:      +
address:      +              <fionat@ctihk.com>
address:      +
phone:        +852-3145-5190
fax-no:       +852-2199-8010
country:      HK
changed:      hostmaster@ctihk.com 20040707
mnt-by:       MAINT-HK-CTI
source:       APNIC

Spammer IP: 116.71.58.215

inetnum:      116.71.0.0 – 116.71.255.255
netname:      PTCL
descr:        Pakistan Telecommunication Company Limited
descr:        IP, Broadband and IPTV Services,
descr:        Islamabad
country:      PK
admin-c:      IAB1-PK
tech-c:       IAB1-PK
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation’s account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:      hm-changed@apnic.net 20070511
mnt-by:       APNIC-HM
mnt-lower:    MAINT-PK-PTCLBB
mnt-routes:   MAINT-PK-PTCLBB
status:       ALLOCATED PORTABLE
changed:      hm-changed@apnic.net 20070712
changed:      hm-changed@apnic.net 20080814
changed:      hm-changed@apnic.net 20090106
source:       APNIC

route:        116.71.58.0/24
descr:        PTCL Triple Play Project
origin:          AS17557
mnt-by:       MAINT-PK-PTCLBB
changed:      hm-changed@apnic.net 20070815
source:       APNIC

person:       IMTIAZ AHMED BAIBERS
address:      General Manager, Multimedia & Broadband
address:      Pakistan Telecommunication Company Limited.
address:      G-8/4 PTCL H/Q, 4th Floor
address:      Islamabad, Pakistan
country:      PK
phone:        +92-51-2283571
phone:        +92-334-5167609
fax-no:       +92-51-2283570
e-mail:       ahmed.imtiaz@ptcl.net.pk
nic-hdl:      IAB1-PK
mnt-by:       MAINT-PK-PTCLBB
changed:      ahmed.imtiaz@ptcl.net.pk 20080924
changed:      hm-changed@apnic.net 20090106
source:       APNIC

Spammer IP: 218.6.24.185

inetnum:      218.6.0.0 – 218.6.127.255
netname:      CHINANET-FJ
descr:        CHINANET fujian province network
descr:        China Telecom
descr:        A12,Xin-Jie-Kou-Wai Street
descr:        Beijing 100088
country:      CN
admin-c:      CH93-AP
tech-c:       CA67-AP
mnt-by:       MAINT-CHINANET
mnt-lower:    MAINT-CHINANET-FJ
changed:      hostmaster@cn.net 20010413
status:       ALLOCATED NON-PORTABLE
source:       APNIC

role:         CHINANETFJ IP ADMIN
address:      7,East Street,Fuzhou,Fujian,PRC
country:      CN
phone:        +86-591-3333169-293
fax-no:       +86-591-3371954
e-mail:       fjnic@fjdcb.fz.fj.cn
trouble:      send spam reports and abuse reports
trouble:      to abuse@fjdcb.fz.fj.cn
trouble:      Please include detailed information and
trouble:      times in UTC
admin-c:      FH71-AP
tech-c:       FH71-AP
nic-hdl:      CA67-AP
mnt-by:       MAINT-CHINANET-FJ
changed:      fjnic@fjdcb.fz.fj.cn 20020719
source:       APNIC

person:       Chinanet Hostmaster
nic-hdl:      CH93-AP
e-mail:       anti-spam@ns.chinanet.cn.net
address:      No.31 ,jingrong street,beijing
address:      100032
phone:        +86-10-58501724
fax-no:       +86-10-58501724
country:      CN
changed:      dingsy@cndata.com 20070416
mnt-by:       MAINT-CHINANET
source:       APNIC

Spammer IP: 59.58.139.68

inetnum:      59.56.0.0 – 59.61.255.255
netname:      CHINANET-FJ
descr:        CHINANET fujian province network
descr:        China Telecom
descr:        No1,jin-rong Street
descr:        Beijing 100032
country:      CN
admin-c:      CH93-AP
tech-c:       CA67-AP
mnt-by:       APNIC-HM
mnt-lower:    MAINT-CHINANET-FJ
mnt-routes:   MAINT-CHINANET-FJ
status:       ALLOCATED PORTABLE
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation’s account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:      hm-changed@apnic.net 20041118
source:       APNIC

Spammer IP: 125.78.243.68

inetnum:      125.78.0.0 – 125.78.255.255
netname:      CHINANET-FJ
descr:        CHINANET Fujian province network
descr:        China Telecom
descr:        7,East Street ,Fuzhou ,Fujian ,PRC
country:      CN
admin-c:      FH71-AP
tech-c:       FH71-AP
remarks:      service provider
mnt-by:       APNIC-HM
mnt-lower:    MAINT-CHINANET-FJ
status:       ALLOCATED PORTABLE
changed:      hm-changed@apnic.net 20060123
source:       APNIC

person:       FUJIANNET HOSTMASTER
nic-hdl:      FH71-AP
e-mail:       fjnic@fjdcb.fz.fj.cn
address:      7,East Street ,Fuzhou ,Fujian ,PRC
phone:        +86-591-3333169-302
fax-no:       +86-591-3371954
country:      CN
changed:      fjnic@fjdcb.fz.fj.cn 20041116
mnt-by:       MAINT-CHINANET-FJ
remarks:      send spam reports and abuse reports
remarks:      to abuse@fjdcb.fz.fj.cn
remarks:      Please include detailed information and
remarks:      times in UTC
source:       APNIC

Spammer IP: 221.6.130.90

inetnum:      221.6.130.88 – 221.6.130.95
netname:      JIJIANLIN
country:      CN
descr:        JIJIANLIN,CHANGZHOU,JIANGSU province
admin-c:      LL58-AP
tech-c:       LL58-AP
status:       ASSIGNED NON-PORTABLE
changed:      maoyujie1983@163.com 20090405
mnt-by:       MAINT-CNCGROUP-JS
source:       APNIC

route:        221.6.0.0/16
descr:        CNC Group CHINA169 Jiangsu Province Network
country:      CN
origin:       AS9929
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20060316
source:       APNIC

route:        221.6.0.0/16
descr:        CNC Group CHINA169 Jiangsu Province Network
country:      CN
origin:       AS4837
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20060316
source:       APNIC

person:       Lan Li
nic-hdl:      LL58-AP
e-mail:       ll@jsnetcom.com
address:      No. 65 Beijing West Road,Nanjing,China
phone:        +86257900060
fax-no:       +86252900280
country:      CN
changed:      ll@jsnetcom.com 20031117
mnt-by:       MAINT-NEW
source:       APNIC

Spammer IP: 58.22.68.250

inetnum:      58.22.68.248 – 58.22.68.255
netname:      SiLiMaoYi
country:      CN
descr:        SiLiMaoYi
admin-c:      PT239-AP
tech-c:       PT239-AP
status:       ASSIGNED NON-PORTABLE
changed:      wengqingwu@cnc.cn 20090921
mnt-by:       MAINT-CN-PT28
source:       APNIC

route:        58.22.0.0/15
descr:        CNCGroup CHINA169 FuJian province network
country:      CN
origin:       AS4837
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20060330
source:       APNIC

route:        58.22.0.0/15
descr:        CNCGroup FuJian province network
country:      CN
origin:       AS9929
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20050504
changed:      hm-changed@apnic.net 20050504
changed:      hm-changed@apnic.net 20050504
source:       APNIC

person:       PU TIAN
nic-hdl:      PT239-AP
e-mail:       wengqingwu@chinaunicom.cn
address:      Putian city, Fujian province, China
phone:        +86-594-6284431
fax-no:       +86-594-6284433
country:      cn
changed:      chenmin_deletethispart_@chinaunicom.cn 20091106
mnt-by:       MAINT-CNCGROUP-FJ
source:       APNIC

Spammer IP: 120.40.148.233

inetnum:      120.40.0.0 – 120.43.255.255
netname:      CHINANET-FJ
descr:        CHINANET FUJIAN PROVINCE NETWORK
descr:        China Telecom
descr:        No.31,jingrong street
descr:        Beijing 100032
country:      CN
admin-c:      CH93-AP
tech-c:       CA67-AP
remarks:      service provider
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation’s account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:      hm-changed@apnic.net 20080319
status:       ALLOCATED PORTABLE
mnt-by:       APNIC-HM
mnt-lower:    MAINT-CHINANET-FJ
mnt-routes:   MAINT-CHINANET-FJ
source:       APNIC

Spammer IP: 110.82.131.30

inetnum:      110.80.0.0 – 110.87.255.255
netname:      CHINANET-FJ
descr:        CHINANET FUJIAN PROVINCE NETWORK
descr:        China Telecom
descr:        No.31,jingrong street
descr:        Beijing 100032
country:      CN
admin-c:      CH93-AP
tech-c:       CA67-AP
remarks:      service provider
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation’s account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:      hm-changed@apnic.net 20090402
mnt-by:       APNIC-HM
mnt-lower:    MAINT-CHINANET-FJ
status:       ALLOCATED PORTABLE
source:       APNIC

qq.com and 163.com

qq.com and 163.com are 2 huge comment spammer domains, and of course Apnic.net sources their IP addresses. I ran an NSLOOKUP on both domains to get their IPs, and then a WHOIS at http://wq.apnic.net/apnic-bin/whois.pl, and here’s what I found.

qq.com

NSLOOKUP results: 60.28.188.192, 60.28.199.9
inetnum:      60.24.0.0 – 60.30.255.255
netname:      UNICOM-TJ
country:      CN
descr:        China Unicom Tianjin province network
descr:        China Unicom
admin-c:      CH1302-AP
tech-c:       HZ19-AP
status:       ALLOCATED PORTABLE
mnt-by:       APNIC-HM
mnt-lower:    MAINT-CNCGROUP-TJ
mnt-routes:   MAINT-CNCGROUP-RR
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks:      This object can only be updated by APNIC hostmasters.
remarks:      To update this object, please contact APNIC
remarks:      hostmasters and include your organisation’s account
remarks:      name in the subject line.
remarks:      -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed:      hm-changed@apnic.net 20040416
changed:      hm-changed@apnic.net 20060124
changed:      hm-changed@apnic.net 20090508
source:       APNIC

route:        60.28.0.0/15
descr:        CNC Group CHINA169 Tianjin Province Network
country:      CN
origin:       AS4837
mnt-by:       MAINT-CNCGROUP-RR
changed:      abuse@cnc-noc.net 20060118
source:       APNIC

person:       ChinaUnicom Hostmaster
nic-hdl:      CH1302-AP
e-mail:       abuse@chinaunicom.cn
address:      No.21,Jin-Rong Street
address:      Beijing,100140
address:      P.R.China
phone:        +86-10-66259940
fax-no:       +86-10-66259764
country:      CN
changed:      abuse@chinaunicom.cn 20090408
mnt-by:       MAINT-CNCGROUP
source:       APNIC

person:       huang zheng
nic-hdl:      HZ19-AP
e-mail:       ipaddr@ywb.online.tj.cn
address:      76 NO, ShiZiLin Street ,HeBei district of Tianjin,China
phone:        +86-22-24459190
fax-no:       +86-22-24454499
country:      CN
changed:      ipaddr@ywb.online.tj.cn 20050721
mnt-by:       MAINT-CNCGROUP-TJ
source:       APNIC

163.com

NSLOOKUP results: 220.181.31.8

inetnum:      220.181.0.0 – 220.181.255.255
netname:      CHINANET-IDC-BJ
country:      CN
descr:        CHINANET Beijing province network
descr:        China Telecom
descr:        No.31,jingrong street
descr:        Beijing 100032
admin-c:      CH93-AP
tech-c:       HC55-AP
remarks:      hostmaster is not for spam complaint,
remarks:      please send spam complaint to anti-spam@ns.chinanet.cn.net
mnt-by:       MAINT-CHINANET
mnt-lower:    MAINT-CHINATELECOM-BJ
status:       ALLOCATED NON-PORTABLE
changed:      hostmaster@ns.chinanet.cn.net 20030620
changed:      hm-changed@apnic.net 20050715
source:       APNIC

person:       Hostmaster of Beijing Telecom corporation CHINA   TELECOM
nic-hdl:      HC55-AP
e-mail:       bjnic@bjtelecom.net
address:      Beijing Telecom
address:      No. 107 XiDan Beidajie, Xicheng District Beijing
phone:        +86-010-58503461
fax-no:       +86-010-58503054
country:      cn
changed:      bjnic@bjtelecom.net 20040115
mnt-by:       MAINT-CHINATELECOM-BJ
source:       APNIC

Back to Apnic.net

Apnic.net Homepage

Here’s a little blurb from Apnic.net’s ‘About’ page:

“APNIC is an open, membership-based, not-for-profit organization. It is one of five Regional Internet Registries (RIRs) charged with ensuring the fair distribution and responsible management of IP addresses and related resources. These resources are required for the stable and reliable operation of the global Internet.
As part of this service, the APNIC Secretariat is responsible for maintaining the public APNIC Whois Database and managing reverse DNS zone delegations.
APNIC is also actively involved in the development of Internet infrastructure throughout the region. This includes providing training and education services, supporting technical activities such as root server deployments, and collaborating with other regional and international organizations.”

I read this and to me it says ‘…so we’re not responsible for any abuse coming from our networks’ and to me that’s a cop-out.

If you have a relationship with Apnic.net, you need to know that their networks are used extensively by spammers.

If you’re a member of Apnic.net, I challenge you to do something about this – get the spammers off your network.

And if you own or manage websites, consider blacklisting the IPs I’ve provided above. Traffic coming from their networks is more trouble than it’s worth.

Am I unfairly targeting Apnic.net? Perhaps, but I don’t care. They’re clearly part of the problem, and I need a solution.

The easiest solution may well be blacklisting with blockacountry.com

charlie

Hey, thanks for stopping by! Please take a few moments to comment on this topic and let me know how I'm doing.

Is APNIC.NET a Comment Spammer Haven?

Spammer IP: 61.93.76.178

Spammer IP: 116.71.58.215

Spammer IP: 218.6.24.185

Spammer IP: 59.58.139.68

Spammer IP: 125.78.243.68

Spammer IP: 221.6.130.90

Spammer IP: 58.22.68.250

Spammer IP: 120.40.148.233

Spammer IP: 110.82.131.30

qq.com and 163.com

qq.com

163.com

Back to Apnic.net

Leave A Comment.

Setting up Recurring Donations on PayPal

Webhosting Shootout - CartikaHosting, MedialL

Connecting a D-Link DIR-655 Router to a Comca

Correct WP Super Cache Settings Fix CPU Spike

StoreCrowd's Ultimate Wordpress 2.8 Optimizat

Recent Posts

Hire SEO415 Today!

Keywords

Is Your Site as Fast as Mine?

SEO

WordPress

Portfolio