These guys use bots to send LOTS of spam and refuse to remove domains from spam lists.
This guy, S. Matthew Arcus, seems like a real upstanding citizen. In addition to hosting spam servers (turns up in many searches), he runs a terrible business as well: http://www.glassdoor.com/Reviews/BurstNET-Reviews-E39003.htm I received spam from this IP, which led me here. http://whois.domaintools.com/173.212.228.34 1 <1 ms <1 ms <1 ms 10.2.1.49 2 1 ms 2 ms 1 ms 10.2.1.48 3 25 ms 25 ms 27 ms l202.ny325-dsl-rtr13.verizon-gni.net [68.236.174.1] 4 70 ms 30 ms 26 ms at-3-2-0-1734.ny325-core-rtr1.verizon-gni.net [130.81.11.181] 5 30 ms 25 ms 29 ms so-4-0-0-0.ny325-bb-rtr1.verizon-gni.net [130.81.20.24] 6 26 ms 27 ms 26 ms 0.ae1.br2.nyc4.alter.net [152.63.18.37] 7 26 ms 51 ms 49 ms tenge2-1.br01.nyc01.pccwbtn.net [63.218.9.25] 8 35 ms 34 ms 579 ms 63-218-9-234.static.pccwglobal.net [63.218.9.234] 9 75 ms 34 ms 59 ms xe1-03.agg02.sctn01.hostnoc.net [64.120.243.30] 10 36 ms 34 ms 34 ms 64-120-243-10.static.hostnoc.net [64.120.243.10] 11 35 ms 34 ms 42 ms mx.fatclick.net [173.212.228.34]
My security program listed the IP and attacking computer as belonging to Matthew Arcus of Scranton PA 184.82.21.196,80
My computer was just attacked from 64.120.193.180 but my symantc software stopped it dead on it's tracks
# HOSTNOC is a spam dns and hacker haven 46.37.179.128/26 #64.191.0.0/17 <- their DNS is in here 66.96.192.0/18 66.197.128.0/17 96.9.128.0/18 149.6.11.168/30 173.212.192.0/18 178.238.128.0/24 184.22.0.0/16 184.82.0.0/16
smtp.fiztopsal.com from [64.120.219.35] (port=56696 helo=smtp.fiztopsal.com) mx2.risefir.com from [64.120.219.32] (port=34185 helo=mx2.risefir.com) mx1c1.larhamins.com from [64.120.219.23] (port=42106 helo=mx1c1.larhamins.com) mx1.purkoa.com from [64.120.219.19] (port=54645 helo=mx1.purkoa.com) mx2.laplez.com from [64.120.219.13] (port=46732 helo=mx2.laplez.com) smtp1.accelerationken.com from [64.120.219.83] (port=52995 helo=smtp1.accelerationken.com) smtp3.wudpost.com from [64.120.219.70] (port=55946 helo=smtp3.wudpost.com) mx01.hadinscongested.com from [64.120.219.59] (port=42906 helo=mx01.hadinscongested.com) out56.anjiejie.com from [199.19.93.143] (port=51859 helo=smtp.anjiejie.com) a.areboat.com from [64.120.219.55] (port=33695 helo=a.areboat.com) mx02.conovainfests.com from [64.120.219.46] (port=59878 helo=mx02.conovainfests.com)
This Ip was used to access my email account and then my battle.net account to try and take over it
I had a trojan installed to my server which downloaded stuff from CloudFlare web server (some RAR file) and some other scripts from this guy's IP address
This wannabe hacker's ip address was recorded when he tried repeatedly to break into our wordpress blog admin panel... on several different occasions.
Please help us keep Internet safer and cleaner by leaving a descriptive comment about 64.120.251.78 IP address
- Hacked Gmail accounts
- WordPress Hacking Attempts
- SSH Hacking Attempts
- Why Can't I See The Exact Address?
DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.
WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.
** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.