- The following page is an archived Abuse Response case. Please do not modify it. Subsequent reports for the same IP address should be filed under a new report. No further edits should be made to this page. . See WP:ABUSE for more information.
142.22.186.13 (talk · contribs · deleted contribs · filter log · WHOIS · RDNS · RBLs · http · block user · block log)
Abuse Response | |
---|---|
Report Status | |
IP Address | 142.22.186.13 |
Contributions | Contributions |
Page Moves | Page moves |
Block Log | Block log |
Contribution History | Contribution history |
Status | Closed |
Requestor | Jesse Viviano (talk) |
Date | 21:08, 2 December 2009 (UTC) |
Investigator | Darkwind (talk) |
Contactor | Darkwind (talk) |
Requester comments
There are so many blocks on this IP that it is getting ridiculous, including three nearly-consecutive one year blocks. Jesse Viviano (talk) 21:08, 2 December 2009 (UTC)[reply]
Discussion
Discussion
|
---|
#FBFBFB |
No discussion posted. |
Registry information
- WHOIS report
- Summarized WHOIS report:
OrgName: Province of British Columbia OrgID: PBC-51 Address: 4000 Seymour Place City: Victoria StateProv: BC PostalCode: V8X-4S8 Country: CA NetRange: 142.22.0.0 - 142.22.255.255 CIDR: 142.22.0.0/16 NetName: BCSYSTEMS1 NetHandle: NET-142-22-0-0-1 Parent: NET-142-0-0-0-0 NetType: Direct Assignment NameServer: DNS.GOV.BC.CA NameServer: DNS1.GOV.BC.CA NameServer: DNS2.GOV.BC.CA NameServer: DNS3.GOV.BC.CA Comment: RegDate: 1991-05-13 Updated: 2008-09-26 RTechHandle: CKO19-ARIN RTechName: Kopp, Colin RTechPhone: +1-250-387-8051 RTechEmail: Colin.Kopp@gov.bc.ca OrgAbuseHandle: CSC28-ARIN OrgAbuseName: Customer Service Centre OrgAbusePhone: +1-250-952-6000 OrgAbuseEmail: cschelp@gems3.gov.bc.ca OrgNOCHandle: CKO19-ARIN OrgNOCName: Kopp, Colin OrgNOCPhone: +1-250-387-8051 OrgNOCEmail: Colin.Kopp@gov.bc.ca OrgTechHandle: CKO19-ARIN OrgTechName: Kopp, Colin OrgTechPhone: +1-250-387-8051 OrgTechEmail: Colin.Kopp@gov.bc.ca
Comprehensive edits analysis
- For a complete history & analysis of all of this IP's edits, please click here.
Summary of edits No. of articles edited 267 No. of user pages edited 1 Average edits per day 8.6 per active day Top time segment 2100-2200 UTC on Mondays and Tuesdays
Abuse analysis
Abuse analysis
| ||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Abuse summary
This IP address is the source of a continuous stream of unproductive (even damaging) edits to Wikipedia articles of various categories. Most of the vandalism appears to be typical schoolchild humour, which may seem harmless at first but truly detracts from Wikipedia's value as a scholarly resource. One of Wikipedia's only "defense methods" is to block the IP address from editing. However, this may prevent edits from others on your network who may have positive contributions to make. Unfortunately, it appears that as soon as a block expires, the abuse resumes almost immediately (c.f. the last two one-year blocks) and our only recourse is to block the address again.
Contact summary
Communication sent:
2009-03-28 |
to cschelp@gems3.gov.bc.ca
Dear Sir or Madam: On behalf of Wikipedia's Abuse Response Team, I am contacting you to inform you of an incident or incidents of abuse originating from your network. Wikipedia is a multilingual project to create a complete and accurate open content encyclopedia that can be used by anyone with Internet access free of charge. The English version may be viewed on the Web at http://en.wikipedia.org. A fundamental component of Wikipedia is that it may be edited by virtually anyone, as long as their edits benefit the goal of creating an encyclopedia. This approach has the downside that it exposes us to large scale vandalism, something that we are always trying to combat. We are able to achieve this by utilizing automated bots and tools to detect and revert unconstructive edits. If a user is identified as repeatedly abusing their privilege to edit Wikipedia, they are blocked, either temporarily or permanently. I have completed an investigation and discovered that an IP address which appears to be registered to your organization, 142.22.186.13, has been habitually abusing Wikipedia by vandalizing articles at http://en.wikipedia.org. His or her actions are likely preventing other users on your network from contributing, as this IP address has been blocked from editing Wikipedia on multiple occasions. Multiple warnings have been issued over a long duration of time, asking the user to refrain from abusive use of Wikipedia. However, the user has chosen to ignore the warnings, and as a result has incurred several blocks to this IP address under your jurisdiction. I am contacting you because this user continues to abuse Wikipedia after his or her block expires and because this user has been blocked five times or more, justifying a need for a report to your organization. The Wikipedia Community takes abuse of Wikipedia very seriously. The Wikipedia Abuse Response Team has completed a thorough investigation on this matter which includes a detailed log of activities conducted by the IP address in question. The server logs which includes timestamps of the activity should assist you in identifying the user responsible for abusing Wikipedia. The entire case is available for you to view at: http://en.wikipedia.org/wiki/Wikipedia:Abuse_response/142.22.186.13 Additional information regarding this users most recent contributions to Wikipedia may be found at: http://en.wikipedia.org/wiki/Special:Contributions/142.22.186.13 The block log for this IP may be found at: http://en.wikipedia.org/w/index.php?title=Special:Log/block&page=User:142.22.186.13 In the future you may wish to monitor contributions made from this IP number at: (RSS & ATOM feeds) http://en.wikipedia.org/wiki/User_talk:142.22.186.13
(Abuse Report Team members use their Wikipedia screen names when sending abuse reports in order to protect their privacy. However, please understand that this does not abate the quality of this report, and I am happy to provide my legal name and contact information if necessary to process this report.) |
---|---|
Reply received:
2010-03-31 |
Good morning Robert,
Thank-you for your report. The identified IP address is one of our 16 web cache engines. I would like to be able to identify the source of this malicious activity but will need to know characteristic Web URLs used during the editing as well as specific dates and times including the time zone in order to find the originating IP address. I anticipate your reply. Roy Watson Senior Security Specialist Investigations Unit IT Security Operations Branch Enterprise Hosting Solutions, Operations, Shared Services BC Ministry of Citizens' Services |
Communication sent:
2010-03-31 |
Dear Mr. Watson,
Thank you for your prompt reply; the Wikipedia community appreciates your interest in resolving this matter. I'll provide information on the latest occurrence, which was on December 2, 2009 and triggered the most recent block. Here is a list of the article names, and the times they were edited (all timestamps are in UTC):
For each of the articles, taking "Number of the Beast" as an example, the URL to view the page would be http://en.wikipedia.org/wiki/Number_of_the_Beast ; the URL to load the editing form is ; and the actual edit with the malicious data would have been submitted via HTTP POST to the URL http://en.wikipedia.org/w/index.php?title=Number_of_the_Beast&action=submit . If you have a need or an interest in going back to the prior incidents, a complete list of edits submitted from this IP is at http://en.wikipedia.org/wiki/Special:Contributions/142.22.186.13 (all timestamps in UTC on that page as well, if you are not logged into a Wikipedia account). This list is as close to an actual activity log as the public side of the MediaWiki software will allow. Please let me know if I can provide any additional information to assist in your investigation. Regards, --Wikipedia user "Darkwind" for the Wikipedia Abuse Response Team |
---|---|
Reply received: | (none yet) |
Case history | |
---|---|
Investigated by: | Darkwind (talk) |
Contacted by: | Investigator |
Closed on: | 18:32, 3 April 2010 (UTC) |
Disposition: | --Darkwind (talk) 18:32, 3 April 2010 (UTC)[reply]
|
Case log: | Opened --Darkwind (talk) 17:41, 28 March 2010 (UTC)[reply]
Investigation Complete --Darkwind (talk) 22:31, 28 March 2010 (UTC)[reply] - Responsible organization requested further information for an investigation, which was provided. --Darkwind (talk) 18:32, 3 April 2010 (UTC)[reply] |
- The above page is an archived Abuse Response case and has been preserved for recording purposes. Please do not modify it. Subsequent reports for the same IP address should be filed under a new report. No further edits should be made to this page.