vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   need help tracing IP (https://vborg.vbsupport.ru/showthread.php?t=173312)

lasto 03-17-2008 04:34 PM
need help tracing IP
 
1 Attachment(s)
got home today and recieved this email to my email account

Received: by 10.141.4.5 with SMTP id g5cs53826rvi;
Mon, 17 Mar 2008 05:22:21 -0700 (PDT)
Received: by 10.141.43.5 with SMTP id v5mr41936rvj.216.1205756540360;
Mon, 17 Mar 2008 05:22:20 -0700 (PDT)
Return-Path: <piecesofeighty@aol.com>
Received: from imo-d21.mx.aol.com (imo-d21.mx.aol.com [205.188.144.207])
by mx.google.com with ESMTP id 39si31717902wrl.29.2008.03.17.05.22.19;
Mon, 17 Mar 2008 05:22:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of piecesofeighty@aol.com designates 205.188.144.207 as permitted sender) client-ip=205.188.144.207;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of piecesofeighty@aol.com designates 205.188.144.207 as permitted sender) smtp.mail=piecesofeighty@aol.com
Received: from piecesofeighty@aol.com
by imo-d21.mx.aol.com (mail_out_v38_r9.3.) id o.d45.248dce81 (37116)
for <**************>; Mon, 17 Mar 2008 08:21:55 -0400 (EDT)
Received: from webmail-me06 (webmail-me06.webmail.aol.com [64.12.88.198]) by cia-ma01.mx.aol.com (v121.4) with ESMTP id MAILCIAMA012-90fc47de6263f1; Mon, 17 Mar 2008 08:21:55 -0400
To:*********************
Subject: your sucky ass vbulletin board
Date: Mon, 17 Mar 2008 08:21:55 -0400
X-MB-Message-Source: WebUI
X-AOL-IP: 96.234.73.32
X-MB-Message-Type: User
MIME-Version: 1.0
From: piecesofeighty@aol.com
Content-Type: multipart/alternative;
boundary="--------MB_8CA56409FA32425_468_537A_webmail-me06.sysops.aol.com"
X-Mailer: AOL Webmail 35304-STANDARD
Received: from 96.234.73.32 by webmail-me06.sysops.aol.com (64.12.88.198) with HTTP (WebMailUI); Mon, 17 Mar 2008 08:21:55 -0400
Message-Id: <8CA56409FA0C1C7-468-2893@webmail-me06.sysops.aol.com>
X-Spam-Flag: NO


----------MB_8CA56409FA32425_468_537A_webmail-me06.sysops.aol.com
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"


did you know that we are going to flood your ++++ed up, shitty ass, broken-ass-links,?board every night?? Get ready boy!

----------MB_8CA56409FA32425_468_537A_webmail-me06.sysops.aol.com
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset="us-ascii"


<div>did you know that we are going to flood your ++++ed up, shitty ass, broken-ass-links,&nbsp;board every night?&nbsp; Get ready boy!</div>
<div id='u8CA56409FA0C1C7-468-2893' class='aol_ad_footer'><FONT style="color: black; font: normal 10pt ARIAL, SAN-SERIF;"><HR style="MARGIN-TOP: 10px">Supercharge your AIM. Get the <A title="http://download.aim.com/client/aimtoolbar?NCID=aolcmp00300000002586" href="http://download.aim.com/client/aimtoolbar?NCID=aolcmp00300000002586" target="_blank">AIM toolbar</A> for your browser.</FONT> </div>

----------MB_8CA56409FA32425_468_537A_webmail-me06.sysops.aol.com--


I dont know much about this but i heard IPs are traceable and they can be traced back is this possible as who ever sent the email has also made 3 accounts on my board and spammed the board really bad today with posts which i can not repeat here.


Can anyone find out if the info from above matches the ip in the pic below.

nexialys 03-17-2008 06:33 PM
real hackers never announce their misfits... this guy is like all the others.. making big words to make you fear .. they usually ask you to pay them in their paypal account so they will not do it if you pay...

luckily it is not one of your threats...

Paul M 03-17-2008 06:42 PM
That IP belongs to Verizon Internet Services Inc - abuse email is security[at]verizon.net

optrex 03-17-2008 06:45 PM
verizon are useless they wont act on it, just check out all the results on google. I had one the other week and reported it to them , you just get an automated bounce as a response.

lasto 03-17-2008 07:20 PM
ive recieved the bounce email already

SEOvB 03-17-2008 07:26 PM
I suppose you could do the sensible thing and ban their IP at the server level, and then you won't have to worry about it much :D

Zachariah 03-17-2008 11:15 PM
Newark, NJ, USA

Name: pool-96-234-73-32.nwrknj.fios.verizon.net
IP Address: 96.234.73.32
Location: Newark (40.733N, 74.172W)
Network: VIS-BLOCK

fios = fiber optic

OrgAbuseHandle: VISAB-ARIN
OrgAbuseName: VIS Abuse
OrgAbusePhone: +1-214-513-6711
OrgAbuseEmail: security@verizon.net


Attach your e-mail and send them one. I had a few people that DOSS my site for weeks.
I sent logs of activity to ISPs of the attackers and in 2 days the attackers were gone.
Just keep logs of activity and all communications.

AmbitiousOne 03-18-2008 03:25 PM
What do you do when someone is using a proxy server? I have had many idiots conspire to DDOS my site. And quite frankly, I can't stand hearing it. They are all on proxy server!

optrex 03-18-2008 03:44 PM
I use the proxy server hack and it tells me the real IP address. It seems to work quite well.

alphadeity 03-19-2008 03:13 PM
If an attacker is good at what they do they can hide their real IP address no matter what. They best way to avoid proxy attacks is to block all proxy connections at the server level. But even this is not fool proof.

lasto 03-23-2008 12:35 PM
where is the proxy server hack - for vbull 3.6.8

EDIT

never mind ive found one by paul on here

lasto 03-23-2008 01:24 PM
Post removed

--------------- Added [DATE]1206313694[/DATE] at [TIME]1206313694[/TIME] ---------------

Mister popularity is responsible for the ip in the 1st post.He admitted it in an email to me today when he threatened that if i did`nt stop writing bad things about him,30 so or more would come and spam my board.Im not bad mouthing him but only stating who is it.I have the email as proof.
I know you cant disclose members information so im not even gonna go there but he admitted it himeslf in an email to me today which ive also posted on another board.

lasto 03-27-2008 04:19 PM
this has now been sorted can this thread now be closed.

Butcher 03-29-2008 11:55 AM
Don't know why vb.org can't act on such people
makes me sick and makes you want to go somewhere else rather than sit here with these people about

lasto 03-29-2008 03:21 PM
hello butcher long time no see m8 - hope all is well with you :)

In all fariness to the board this was dealt with on here and sometimes when you think things are not getting sorted they are.


All times are GMT. The time now is 03:32 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01086 seconds
  • Memory Usage 1,749KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (15)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete