Hi

I have a bit of a mystery , to me anyway :)
Firstly ;) I’ve checked for viruses, spyware, Trojans. Firewall is a fairly good one so I have been told. Everything is uptodate, I’m running vista ultimate. No hide IP software.

I use both normal and a proxy IP. Just lately I have noticed sites recording another IP for me, one I have not seen before or set. This IP has caused errors when downloading from rapid share; also my own site has logged it too. My main IP hasn’t changed in nearly a year. I have changed it myself but it always comes back to the original IP when I boot the next day. And the proxy never changes. I think its one of the last ntl proxies out there.

I’m not sure if I’m allowed the IP but here is the whois in part
pc-xx-xx-xxx-xxx-ha.blueyonder.co.uk
Netname: UK-CABLEINET-20000211
descr: Cable Internet Ltd
descr: PROVIDER Local Registry
Descr: Telewest Broadband
descr: UK Broadband ISP

This would suggest this IP is connected with VM I believe.
What I don’t understand is why I’m being recorded as using it, which none of my settings are set too.
Is this normal?
It happens whether I’m on the normal IP or the proxy.
But not all the time, its at random times as far as I can see.
I can use this IP as a proxy too, although its not listed anyware. google only shows 2 listings for it.
I can connect to the IP through firefox, it gives me a blank white page but its not no page can be found.

Any thoughts would be great

I hope this makes sence.
Thanks in advance.

Hi

I have a bit of a mystery , to me anyway :)
Firstly ;) I’ve checked for viruses, spyware, Trojans. Firewall is a fairly good one so I have been told. Everything is uptodate, I’m running vista ultimate. No hide IP software.

I use both normal and a proxy IP. Just lately I have noticed sites recording another IP for me, one I have not seen before or set. This IP has caused errors when downloading from rapid share; also my own site has logged it too. My main IP hasn’t changed in nearly a year. I have changed it myself but it always comes back to the original IP when I boot the next day. And the proxy never changes. I think its one of the last ntl proxies out there.

I’m not sure if I’m allowed the IP but here is the whois in part
pc-xx-xx-xxx-xxx-ha.blueyonder.co.uk
Netname: UK-CABLEINET-20000211
descr: Cable Internet Ltd
descr: PROVIDER Local Registry
Descr: Telewest Broadband
descr: UK Broadband ISP

This would suggest this IP is connected with VM I believe.
What I don’t understand is why I’m being recorded as using it, which none of my settings are set too.
Is this normal?
It happens whether I’m on the normal IP or the proxy.
But not all the time, its at random times as far as I can see.
I can use this IP as a proxy too, although its not listed anyware. google only shows 2 listings for it.
I can connect to the IP through firefox, it gives me a blank white page but its not no page can be found.

Any thoughts would be great

I hope this makes sence.
Thanks in advance.

firstly :welcome:

yeah, it's nothing to worry about. it's probably due to the changeover with VM and so forth. blueyonder use that pc-*.* format still ;) (afaik)

Unless you are behind a router, in which case you would have a private address(normally in the range of 192.168.x.x), your IP address is given to you by virgin using DHCP, you don't set your own IP anywhere. If you have done in the past, it's a miracle it's worked.

Go to a command prompt(start menu->run and type cmd) and type ipconfig /all, i'm not 100% sure, but i reckon your going to find that the IP address being logged by your site and others is actually your IP.

@ eth01 thank you for your fast reply.

@ Jon T thank you for your reply
well i've changed IP using the ipconfig / **** commandes before, but not lately.

you can set proxy in IE and firefox easierly. This is recorded on sites. well at least it does on mine so I'm guessing it does on other's
You can check the ipconfig on your router to get the IP you are using . plus if I take myself off of proxy my site records the same IP as the router config.

Neither of these IP's are the ones being reported.
thank you

What is the first number of this mystery IP address?

His internal IP is not the issue, he's getting a weird rdns report from certain sites although he's using a proxy that ends in *.server.ntli.net and his original IP ends with the usual *.cable.ntl.com. His issue and it's one I've never heard of myself is where the rDNS *.blueyonder.co.uk address is coming from??? Unless of course the DNS server the other sites are using are extremely out of date with certain IP's

Thank you Kymmy, that’s exactly it.
But you've never heard of this before?
I would say it’s happened to me about 6 or 7 times in the last 2 weeks.
As I can use this IP as a proxy myself, would that mean anything? I looked at the proxy list here and couldn’t see it listed, which is one of the reasons I posted.
The 2 pages in Google on this IP are mainly just reports on other sites from abroad.
I'm a little worried that this happens for my normal IP as well as the proxy. Should I be?
The normal IP was on rapidshare, I guess that could have been a cookie issue as I switched IP's after recieving the error, as it only only happened that once as far as I can tell.

@whydoIneedatech [edit].. sorry miss read :( ... first number is 62

To clarify your xNTL? and you are getting a whois saying your xBlueyonder?

If so i have heard of the rDNS mucking up to point in the wrong place but i really can not understand how it be mixing up both xNTL with Xblueyonder. It not really a bi problem just very strange as you put in your title ;)

@whydoIneedatech [edit].. sorry miss read :( ... first number is 62
That is a normal Virgin IP address along with 77,80,81,82,86,92

That's a bit of a broad statement, since VM don't own 62/8 (or 77/8,80/8,81/8,82/8 etc.)

I have 15 IPs on my hosted machine from 77.92.64.0/19, and they're not VM numbers.

I don't think even IBM own a /8 allocation any more. (used to have 100/8).

Could the DNS servers that the remote website use be out of date or corrupt???

Could the DNS servers that the remote website use be out of date or corrupt???

That is a possibility, does anymore know if the old xntl ip and xtelewest ip are used throughout virgin and not exclusive to those network as that how it could have been mixed up

The IP ranges are network exclusive and will remain so until the AS merge is completed. Chances are they'll stay that way for the foreseeable future. Things would go very wrong right now if they started mixing the prefixes up and it'd complicate routing in the future if they started mixing them as the network would have to carry more prefixes rather than the /12 and down supernets that some IP ranges can be broken into right now. To start taking the /12s and allocating them between networks at the moment would be very silly and bad network design.

buffalo, could you try tapping your IP address into www.ripe.net and see what it says?

That's a bit of a broad statement, since VM don't own 62/8 (or 77/8,80/8,81/8,82/8 etc.)

I have 15 IPs on my hosted machine from 77.92.64.0/19, and they're not VM numbers.

I don't think even IBM own a /8 allocation any more. (used to have 100/8).

They are the beginnings of the range they have paid for, I did not print any more as I was just pointing out the range they use, start adding more numbers it looks like you are printing IP addresses.

So not a broad statement.

Hi thank you for all your replies .
Im not sure if I was explaining this very well, so I've taked an image ( attached) to try and explain it better. I've been using this script / logging system for over 6 years now, and do understand how it reports.
The last time I saw something like this was when they used a transparent / ghost proxy, but I thought that was all stopped.
the 62.252 ip should be in the proxy list not the IP list. 62.252 is a proxy. But has been pushed back to allow the strainge IP to be listed in the proxy listing.

the way it would normally read.
With proxy --- 82.000.000.000 ..... 62.252.000.000
without proxy-- 82.000.000.000 ...... No Proxy

As you can see in the image it doesnt.

I hope this explains what I mean better.

Any thoughts would be great.
Thank you in advance.