Whois information
NetRange: 4.0.0.0 - 4.127.255.255
CIDR: 4.0.0.0/9
NetName: LVLT-ORG-4-8
NetHandle: NET-4-0-0-0-1
Parent: NET4 (NET-4-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Level 3 Parent, LLC (LPL-141)
RegDate: 1992-12-01
Updated: 2019-07-17
Ref: https://rdap.arin.net/registry/ip/4.0.0.0
OrgName: Level 3 Parent, LLC
OrgId: LPL-141
Address: 100 CenturyLink Drive
City: Monroe
StateProv: LA
PostalCode: 71203
Country: US
RegDate: 2018-02-06
Updated: 2024-06-17
Comment: USAGE OF IP SPACE MUST COMPLY WITH OUR ACCEPTABLE USE POLICY:
Comment: https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: ADDRESSES COVERED BY THIS ORG-ID ARE NON-PORTABLE ANY ISP ANNOUNCING OR TRANSITING PORTIONS WITHIN OUR RANGES SHOULD NOT RELY ON PRESENTED LOA'S OR OLD WHOIS UNLESS THOSE RANGES ARE ALSO ACTIVELY DIRECTLY ANNOUNCED TO A LUMEN ASN. WITH ALL LOA'S THESE CONDITIONS APPLY:
Comment:
Comment: 1. You are permitted to route the Lumen IP prefixes listed via Public BGP to your alternate ISP from the designated ASN. Any other ASN originating the prefix listed is forbidden.
Comment: 2. The Lumen IP prefixes listed can be routed via Public BGP to your alternate ISP as long as you remain an active customer with Lumen and continue to route the prefixes over at least one Lumen Internet circuit without significant traffic engineering.
Comment: 3. Should your Internet services with Lumen be discontinued, Lumen reserves the right to have your alternate ISP terminate the routing of the Lumen IP prefixes without advanced notification, should you fail to do so.
Comment: 4. All IP Addresses assigned or allocated by Lumen to an end-user (customer or ISP) shall be considered non-portable and will be reclaimed by Lumen upon service termination.
Comment: 5. Lumen reserves the right to conduct audits to ensure the LOA conditions are being met.
Comment: 6. Usage of IP space must comply with our AUP https://www.lumen.com/en-us/about/legal/acceptable-use-policy.html
Comment:
Comment: Our looking glass is located at: https://lookingglass.centurylink.com/
Comment:
Comment: For subpoena or court order please fax 844.254.5800 or refer to our Trust & Safety page:
Comment: https://www.lumen.com/en-us/about/legal/trust-center/trust-and-safety.html
Comment:
Comment: For abuse issues, please email abuse@aup.lumen.com
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email)
Comment: Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/LPL-141
OrgTechHandle: APL7-ARIN
OrgTechName: ADMIN POC LVLT
OrgTechPhone: +1-877-453-8353
OrgTechEmail: ipadmin@lumen.com
OrgTechRef: https://rdap.arin.net/registry/entity/APL7-ARIN
OrgAbuseHandle: LAC56-ARIN
OrgAbuseName: L3 Abuse Contact
OrgAbusePhone: +1-877-453-8353
OrgAbuseEmail: abuse@level3.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/LAC56-ARIN
OrgRoutingHandle: RPKIR-ARIN
OrgRoutingName: RPKI-ROA
OrgRoutingPhone: +1-877-886-6515
OrgRoutingEmail: rpki-roa@lumen.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/RPKIR-ARIN
Most recent complaints
Please help us keep Internet safer and cleaner by leaving a descriptive comment about 4.79.204.36 IP address
DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.
WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.
** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.
Complaint by Steph :
Maybee hackers...139 connections in 2 minutes!
Complaint by Ari :
Systematic port scans from this ip-address 13
Complaint by Dave :
This IP address hacked into my email account and blizzard acount. I found it on my log-in report, and then looked it up.
Complaint by FAB :
I'm victim of this IP as well 4.79.204.36. There hundreds of unmatched URL requests on our website and our website generating errors. It looks like a nerdy hacker trying to hack our website
Complaint by FAB :
I'm victim of this IP 4.79.204.36 as well . There hundreds of unmatched URL requests on our website and our website generating errors. It looks like a nerdy hacker trying to hack our website
Complaint by Rich :
- Variable 'login && password' of the POST method triggered the filter 'wordpress login bruteforcing' for the content 'Admin:4897798'.
Complaint by Mike :
traced back to E-Bay Washington (PayPal?)
Complaint by anurag singh :
[url=https://blacksput-onion.com]blacksprut darknet[/url] - блÑкÑпрут Ñайт, www blacksprut com
Complaint by Rainforest-frogs :
This ip tried hacking my email beward
Complaint by Turboz :
My ddos deflate script picked this up hitting my website today most probably a "booter" service based ip. "Banned the following ip addresses on Wed Nov 28 10:24:01 EST 2012 4.79.204.36 with 839 connections"
Complaint by Jorge :
Getting in our website several times, please verified all this complains... Thanks
Complaint by ruiz :
Dear Sir/Madam Could you please find out more details about this IP address and to send an answer on the following e-mail vn.chkaidze@yahoo.com with respect Julia
Complaint by az :
Both unsecure website as well as dictionary attacker
Complaint by John :
I been getting these strange popups each time I check my mail. Its like someone poking around my inbox all hours of the night. I aint got clue who that sneaky someone is but Im tired of it. Sometimes I wonder if my old pc turned against me. Can somebody explain why my messages acting like a tv rerun I never signed up for
Complaint by Peter :
Send his location check
Complaint by Kez :
Same as above my DDoS script blocked the IP 4.79.204.36 after 500 GET requests in 120 seconds. Sent abuse report to security@level3.com.
Complaint by same here :
61 seconds - 460 connections.
Complaint by Cat :
My malware bytes keeps blocking this address as harmful.
Complaint by Life :
4.79.204.36 same complaints as above...
Complaint by FXM911 :
Just been hit by it as well, 100s of connection in a couple of minutes. What's the point !!!
Complaint by bird :
over 600 connections. someone should blow these ******** up
Complaint by Josh :
that ip did something to my web server. netstat showed as SYN/RECV and the webserver was not accessible anymore. after blocking the ip out it works again. is this some sort of attack?
Complaint by ACE :
123
Complaint by alistair cooper :
large number of sql errors (approx 60) from this ip address 4.79.204.36 all at the same time, trying to illegally access my website's admin functions.
Complaint by Al Hawtin :
I received an e-mail, sent from the same email. The letter was attached PDF file, and it is only "Sent from my Sony Xperia™ smartphone".