republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

US Cable Support > Comcast HSI > [Connectivity] www.usbank.com not reachable from my Comcast conn

Search Topic:
 Uniqs:
4186		 Share Topic
Posting?
Post a:
Post a:
Links: ·Forum Rules ·Forum FAQ ·Bandwidth Limits/Congestion Management ·Copyright Infringement?
AuthorAll Replies


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast

[Connectivity] www.usbank.com not reachable from my Comcast conn

I can not get to »www.usbank.com or »www.usbank.com from my Comcast connection, but I have no problems (other than the normal slow speed) connecting through a tethered AT&T 3G cellphone.

Pings and traceroutes fail over both connections (not unusual for a banking site), but here are the traceroute results for anyone wishing to see them (the first is using Comcast, and the second is using the tethered AT&T cellphone).


C:\>tracert www.usbank.com
 
Tracing route to www.usbank.com [170.135.216.181]
over a maximum of 30 hops:
 
  1    <1 ms    <1 ms    <1 ms  gw1.dcs-net [192.168.9.254]
  2    37 ms    29 ms    17 ms  107.3.232.1
  3    43 ms    10 ms     8 ms  xe-4-0-0-0-sur02.murfreesboro.tn.nash.comcast.net [68.85.50.129]
  4    11 ms    11 ms    12 ms  xe-5-1-3-0-ar01.goodslettvll.tn.nash.comcast.net [68.86.176.105]
  5    22 ms    19 ms    20 ms  pos-5-6-0-0-cr01.56marietta.ga.ibone.comcast.net [68.86.90.89]
  6    22 ms    19 ms    24 ms  pos-0-11-0-0-pe01.56marietta.ga.ibone.comcast.net [68.86.88.186]
  7    19 ms    19 ms    19 ms  as7018-pe01.56marietta.ga.ibone.comcast.net [75.149.228.86]
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10  ^C
C:\>use-att3g.cmd
 
C:\>rasdial "AT&T Mobility"
Connecting to AT&T MOBILITY...
Verifying username and password...
Registering your computer on the network...
Successfully connected to AT&T MOBILITY.
Command completed successfully.
 
C:\>tracert www.usbank.com
 
Tracing route to www.usbank.com [170.135.216.181]
over a maximum of 30 hops:
 
  1     *        *        *     Request timed out.
  2   157 ms   438 ms   161 ms  172.26.248.2
  3   147 ms   175 ms   155 ms  172.16.7.82
  4   152 ms   163 ms   141 ms  10.251.11.23
  5   143 ms   162 ms   166 ms  10.251.10.2
  6   210 ms   154 ms   168 ms  10.252.1.1
  7   154 ms   164 ms   162 ms  209-183-048-002.mobile.mymmode.com [209.183.48.2]
  8   151 ms   149 ms   240 ms  172.16.75.1
  9   151 ms   159 ms   184 ms  12.94.97.13
 10   338 ms   409 ms   209 ms  cr2.dlstx.ip.att.net [12.122.100.114]
 11   214 ms   202 ms   206 ms  cr1.attga.ip.att.net [12.122.28.173]
 12   413 ms   192 ms   194 ms  cr2.wswdc.ip.att.net [12.122.1.174]
 13   195 ms   202 ms   203 ms  cr2.n54ny.ip.att.net [12.122.3.37]
 14   189 ms   202 ms   198 ms  12.122.94.233
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *     ^C
C:\>use-att3g.cmd /disconnect
 
C:\>rasdial "AT&T Mobility" /disconnect
Command completed successfully.



Anyone else having problems reaching the US Bank website on a Comcast connection today?

--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
to forum · permalink · 2012-12-18 13:07:56 ·


pflog
Bueller? Bueller?
Premium,MVM
join:2001-09-01
El Dorado Hills, CA
kudos:3

Re: [Connectivity] www.usbank.com not reachable from my Comcast

It's ok from California:

                                       Packets               Pings
 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 96.188.38.1                       0.0%     1    8.7   8.7   8.7   8.7   0.0
 2. 68.85.104.1                       0.0%     1    7.8   7.8   7.8   7.8   0.0
 3. 68.87.212.33                      0.0%     1    8.5   8.5   8.5   8.5   0.0
 4. 68.86.90.133                      0.0%     1   12.6  12.6  12.6  12.6   0.0
 5. 68.86.85.50                       0.0%     1   16.6  16.6  16.6  16.6   0.0
 6. 68.86.85.66                       0.0%     1   19.7  19.7  19.7  19.7   0.0
 7. 192.205.37.1                      0.0%     1   18.3  18.3  18.3  18.3   0.0
 8. ???

Looks like a localized issue. Perhaps folks in nearby locations can test.
to forum · permalink · 2012-12-18 13:13:14 ·


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL

reply to NetFixer
AOK from Florida.

to forum · permalink · 2012-12-18 13:13:45 ·


jaynick
lit up
Premium
join:2001-02-06
Sterling Heights, MI
kudos:2

reply to NetFixer
Ok in Mich.

to forum · permalink · 2012-12-18 13:14:52 ·


tshirt
Premium,MVM
join:2004-07-11
Snohomish, WA
kudos:3
Reviews:
·Comcast

reply to NetFixer
Working fine here, BUT I have had problems with that site before.
Also try direct to the secure site (HTTPS) as sometimes the http redirector (your link) fails.
BTW pingplotter resolves 170.135.216.181 as bnkuse.com which links to some suspious results when googled.

to forum · permalink · 2012-12-18 13:47:35 ·

ExoticFish

join:2008-08-31
Stuarts Draft, VA

reply to NetFixer
Works here as well.

to forum · permalink · 2012-12-18 13:48:32 ·

JoelC707
Premium
join:2002-07-09
West Point, GA
kudos:5

reply to NetFixer
I figured since it fails at 56 Marietta it might fail for me since I'm in the Atlanta area but no I can get to it just fine. Traceroute still fails at 56 Marietta though.

C:\Users\jcleveland>tracert usbank.com
 
Tracing route to usbank.com [170.135.216.181]
over a maximum of 30 hops:
 
  1    13 ms    22 ms    25 ms  c-76-105-72-1.hsd1.ga.comcast.net [76.105.72.1]
  2    93 ms     9 ms     7 ms  68.85.90.21
  3    27 ms     9 ms    10 ms  xe-12-0-3-0-ar01.b0atlanta.ga.atlanta.comcast.net [68.85.232.113]
  4    11 ms    12 ms    11 ms  pos-5-12-0-0-cr01.56marietta.ga.ibone.comcast.net [68.86.93.125]
  5    13 ms    15 ms   183 ms  pos-0-11-0-0-pe01.56marietta.ga.ibone.comcast.net [68.86.88.186]
  6    14 ms    12 ms    13 ms  as7018-pe01.56marietta.ga.ibone.comcast.net [75.149.228.86]
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *     ^C
C:\Users\jcleveland>
to forum · permalink · 2012-12-18 13:48:37 ·


noc007

join:2002-06-18
Cumming, GA

reply to NetFixer
Just like JoelC707, the tracert fails for me at the same place but the site pulls up fine.

to forum · permalink · 2012-12-18 14:25:11 ·

ajeff

join:2007-07-30
Orleans, VT
Reviews:
·Fairpoint Commun..

reply to NetFixer
Check the time and date set on your computer. Following from MS Supprt:

I can’t access my bank or other secure websites.
Try this

When you connect to a secure website, Internet Explorer uses an encrypted channel that uses Secure Sockets Layer (SSL) technology to encrypt transactions. Corrupted information in the SSL can cause websites not to load correctly. Clearing the SLL state may resolve this issue. To do this, follow these steps:

Click Start, type Internet Explorer in the search box, and then, in the list of results, click Internet Explorer.
In Internet Explorer, click Tools, and then click Internet Options.
Click the Content tab, and then click Clear SSL state.

If clearing the SSL state did not resolve the issue, the date and time settings on your PC might be incorrect. Some secure sites require that the date and time on your PC match the date and time of the website. To check the date and time, follow these steps:

In Control Panel, open Date and Time. To do this, click Start
, type date and time in the Start Search box, and then click Date and Time in the Programs list.
Click Change date and time.
In the Date and Time Settings dialog box, set the date and time to the correct values.
Click OK two times.

If you still can’t access secure websites, get help from the Microsoft Communityonline community.

to forum · permalink · 2012-12-18 14:27:35 ·


IowaCowboy
Want to go back to Iowa
Premium
join:2010-10-16
Springfield, MA
Reviews:
·Comcast
·Verizon Broadban..

reply to NetFixer
My mother still has her account at Bank of The West from when we were living in Iowa but it is impossible to reach it on her computer connected to Comcast. If she does it on one of my MacBooks, she gets in. It sounds more like an issue with your computer. Try a different computer on the same connection and if you get in, it's the computer but if you don't get in, it's Comcast. I always try either a different computer on the same connection or a different connection (a MiFi/mobile hotspot) on the same computer before calling for ISP support. I have had Comcast CSRs play the blame customer owned equipment game when I tried the above mentioned troubleshooting and it was clearly a Comcast issue.

to forum · permalink · 2012-12-18 15:17:54 ·


airwavz
Always the green wire

join:2011-09-11
Mount Juliet, TN
kudos:1

reply to NetFixer
Greets from Mt. Juliet TN - working fine here on a Comcast Biz-class line at 2:45 pm, using https: . I'd be lost without my online banking access; I've always been very happy with US Bank's online portal. I've seen it down for maintenance, but never had a 'Comcast-specific' issue. Hope you get it straightened out soon.
--
Original account from 2000 - given up in protest (I don't believe in 'Political Correctness') - but DSLR is STILL my home page...

to forum · permalink · 2012-12-18 15:54:07 ·


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast

reply to NetFixer
Thanks to all who tested from their locations; knowing that it was not a wide area Comcast problem kept me from wasting time opening a trouble ticket.

About an hour ago it started working again from my Comcast connection here.

It had been unavailable over my Comcast connection since ~08:00, but it worked just fine over either my AT&T 3G or AT&T DSL connection. My guess is that it was a temporary routing table or ACL issue somewhere in the path.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

to forum · permalink · 2012-12-18 16:17:23 ·


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast

reply to tshirt

said by tshirt:

Working fine here, BUT I have had problems with that site before.
Also try direct to the secure site (HTTPS) as sometimes the http redirector (your link) fails.
BTW pingplotter resolves 170.135.216.181 as bnkuse.com which links to some suspious results when googled.

I tried (and posted) both the http and the https links. Also, suspicious or not, 170.135.216.181 is the IP address in the A record for www.usbank.com no matter whose DNS server I try.


C:\>dig www.usbank.com
 
; <<>> DiG 9.9.2 <<>> www.usbank.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50374
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         249     IN      A       170.135.216.181
 
;; Query time: 0 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Tue Dec 18 15:18:40 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @75.75.75.75 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @75.75.75.75 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12440
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         745     IN      A       170.135.216.181
 
;; Query time: 124 msec
;; SERVER: 75.75.75.75#53(75.75.75.75)
;; WHEN: Tue Dec 18 15:19:04 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @68.94.156.1 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @68.94.156.1 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62816
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         900     IN      A       170.135.216.181
 
;; Query time: 124 msec
;; SERVER: 68.94.156.1#53(68.94.156.1)
;; WHEN: Tue Dec 18 15:19:46 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @8.8.8.8 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @8.8.8.8 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         547     IN      A       170.135.216.181
 
;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 18 15:20:19 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @4.2.2.1 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @4.2.2.1 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35180
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         900     IN      A       170.135.216.181
 
;; Query time: 124 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Tue Dec 18 15:20:31 2012
;; MSG SIZE  rcvd: 59



Doing a DNS lookup for the IP address 170.135.216.181 shows a large number of PTR records pointing to what appear to be US Bank owned or affiliated sites. That many PTR records is unusual, but not necessarily suspicious.


C:\>dig -x 170.135.216.181
;; Truncated, retrying in TCP mode.
 
; <<>> DiG 9.9.2 <<>> -x 170.135.216.181
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2519
;; flags: qr rd ra; QUERY: 1, ANSWER: 124, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;181.216.135.170.in-addr.arpa.  IN      PTR
 
;; ANSWER SECTION:
181.216.135.170.in-addr.arpa. 1695 IN   PTR     practicefinance.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhomeloans.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     financingpartner.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarinsurance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     ralphscreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarcommercial.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     weststar-mortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarhomemortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarstellarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankfirsthomehelp.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhomemortgages.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     currencyexpress.firstar.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarsmallbusiness.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank-home-mortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarcorporatetrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarglobalservices.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarstudentfinance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarinvestorservice.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank-first-home-help.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     downeysavingsonlinebanking.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cdo.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.fwms.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.cbofl.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.sweeps.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.reivisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.surveys.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.vailbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.cachevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.moneypass.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.vailbanks.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.usbankvisa.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstar-mfs.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstar401k.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.fmcreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.grabcashfast.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.gymboreevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     mychoicebanking.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.porticofunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.vailbanksinc.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.weststarbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.cpssalestools.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.123rewardscard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.uconnectonline.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.heritagemontana.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarinsurance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.ralphscreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarcommercial.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.weststar-mortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarhomemortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarstellarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarsmallbusiness.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarcorporatetrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarglobalservices.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarstudentfinance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarinvestorservice.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     epay.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     fwms.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     pffb.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cbofl.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     ecash.fsbnm.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     ubank.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbhm.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     032www.cachevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     artown.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     bnkusa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     online.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     sweeps.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     topusb.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.cc.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.info.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstar.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     pffbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     reivisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     retechs.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     surveys.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     uat-www.reivisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     us-bank.us.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     facts529.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     frysvisa.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     frysvisa.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     payments.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.us.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhr.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbanksl.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbtrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     vailbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cachevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     swiftsend.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.cc.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.us.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.info.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankeve.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     vailbanks.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     testrecord.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankvisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankvisa.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankvisa.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstar-mfs.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstar401k.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     epymtservice.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     fmcreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     grabcashfast.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     gymboreevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     porticofunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     vailbanksinc.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     weststarbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cpssalestools.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     downeysavings.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     123rewardscard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     communications.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorptrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhomeloan.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     heritagemontana.com.
 
;; Query time: 562 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Tue Dec 18 15:31:47 2012
;; MSG SIZE  rcvd: 3258



What is suspicious is a whois query for IP address 170.135.216.181.
Privacy Protect in Shanghai, China? 


C:\>whois 170.135.216.181
 
Whois v1.11 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005-2012 Mark Russinovich
 
Connecting to COM.whois-servers.net...
Connecting to whois.hebeidomains.com...
 
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
Administrative:
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
Technical:
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
For contacting domain owner send email to above email address
or visit Privacy--Protect.org and send it via form there
 
This is whois privacy protection
 
We will reveal registrant's info for UDRP proceeding
or after relevant authorities request in our jurisdiction
===============================================================
===============================================================
===============================================================
 
The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about
or related to a domain name registration record. We make this information
available "as is", and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful purposes
and that, under no circumstances will you use this data to:
(1) enable high volume, automated, electronic processes that stress
or load this whois database system providing you this information; or
(2) allow, enable, or otherwise support the transmission of mass unsolicited
commercial advertising or solicitations via direct mail, electronic mail,
or by telephone.
 
The compilation, repackaging, dissemination or other use of this data is
expressly prohibited without prior written consent from us. The Registrar
of record is HebeiDomains.com. We reserve the right to modify these terms
at any time. By submitting this query, you agree to abide by these terms.
 
Request number 1 from 5 daily allowed from your IP address.
Email to trick bots (does not work)  HERITAGEMONTANA.COM@hotmail.com



--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
to forum · permalink · 2012-12-18 16:47:25 ·


OSUGoose

join:2007-12-27
Columbus, OH

What's this dig command ur using?

to forum · permalink · 2012-12-18 16:56:43 ·


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast

said by OSUGoose:

What's this dig command ur using?

It is the DNS query tool that is supplied as part of the Bind DNS package. »www.isc.org/software/bind
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
to forum · permalink · 2012-12-18 17:08:02 ·


JohnInSJ
Premium
join:2003-09-22
San Jose, CA
Reviews:
·PHONE POWER
·Comcast

reply to NetFixer

said by NetFixer:

said by tshirt:

Working fine here, BUT I have had problems with that site before.
Also try direct to the secure site (HTTPS) as sometimes the http redirector (your link) fails.
BTW pingplotter resolves 170.135.216.181 as bnkuse.com which links to some suspious results when googled.

I tried (and posted) both the http and the https links. Also, suspicious or not, 170.135.216.181 is the IP address in the A record for www.usbank.com no matter whose DNS server I try.


C:\>dig www.usbank.com
 
; <<>> DiG 9.9.2 <<>> www.usbank.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50374
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         249     IN      A       170.135.216.181
 
;; Query time: 0 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Tue Dec 18 15:18:40 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @75.75.75.75 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @75.75.75.75 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12440
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         745     IN      A       170.135.216.181
 
;; Query time: 124 msec
;; SERVER: 75.75.75.75#53(75.75.75.75)
;; WHEN: Tue Dec 18 15:19:04 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @68.94.156.1 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @68.94.156.1 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62816
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         900     IN      A       170.135.216.181
 
;; Query time: 124 msec
;; SERVER: 68.94.156.1#53(68.94.156.1)
;; WHEN: Tue Dec 18 15:19:46 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @8.8.8.8 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @8.8.8.8 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49514
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         547     IN      A       170.135.216.181
 
;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 18 15:20:19 2012
;; MSG SIZE  rcvd: 59
 
C:\>dig @4.2.2.1 www.usbank.com
 
; <<>> DiG 9.9.2 <<>> @4.2.2.1 www.usbank.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35180
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.usbank.com.                        IN      A
 
;; ANSWER SECTION:
www.usbank.com.         900     IN      A       170.135.216.181
 
;; Query time: 124 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Tue Dec 18 15:20:31 2012
;; MSG SIZE  rcvd: 59



Doing a DNS lookup for the IP address 170.135.216.181 shows a large number of PTR records pointing to what appear to be US Bank owned or affiliated sites. That many PTR records is unusual, but not necessarily suspicious.


C:\>dig -x 170.135.216.181
;; Truncated, retrying in TCP mode.
 
; <<>> DiG 9.9.2 <<>> -x 170.135.216.181
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2519
;; flags: qr rd ra; QUERY: 1, ANSWER: 124, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1280
;; QUESTION SECTION:
;181.216.135.170.in-addr.arpa.  IN      PTR
 
;; ANSWER SECTION:
181.216.135.170.in-addr.arpa. 1695 IN   PTR     practicefinance.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhomeloans.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     financingpartner.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarinsurance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     ralphscreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarcommercial.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     weststar-mortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarhomemortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarstellarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankfirsthomehelp.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhomemortgages.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     currencyexpress.firstar.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarsmallbusiness.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank-home-mortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarcorporatetrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarglobalservices.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarstudentfinance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarinvestorservice.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank-first-home-help.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     downeysavingsonlinebanking.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cdo.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.fwms.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.cbofl.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.sweeps.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.reivisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.surveys.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.vailbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.cachevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.moneypass.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.vailbanks.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.usbankvisa.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstar-mfs.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstar401k.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.fmcreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.grabcashfast.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.gymboreevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     mychoicebanking.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.porticofunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.vailbanksinc.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.weststarbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.cpssalestools.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.123rewardscard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.uconnectonline.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.heritagemontana.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarinsurance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.ralphscreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarcommercial.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.weststar-mortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarhomemortgage.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarstellarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarsmallbusiness.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarcorporatetrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarglobalservices.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarstudentfinance.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     www.firstarinvestorservice.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     epay.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     fwms.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     pffb.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cbofl.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     ecash.fsbnm.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     ubank.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbhm.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     032www.cachevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     artown.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     bnkusa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     online.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     sweeps.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     topusb.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.cc.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbank.info.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstar.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     pffbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     reivisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     retechs.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     surveys.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     uat-www.reivisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     us-bank.us.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     facts529.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     frysvisa.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     frysvisa.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     payments.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.us.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     u-s-bank.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhr.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbanksl.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbtrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     vailbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cachevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     swiftsend.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.cc.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.us.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.biz.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorp.info.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankeve.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     vailbanks.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     testrecord.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankvisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankvisa.net.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankvisa.org.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstar-mfs.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstar401k.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     epymtservice.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     firstarfunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     fmcreditcard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     grabcashfast.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     gymboreevisa.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     porticofunds.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     vailbanksinc.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     weststarbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     cpssalestools.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     downeysavings.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     123rewardscard.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     communications.usbank.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbancorptrust.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     usbankhomeloan.com.
181.216.135.170.in-addr.arpa. 1695 IN   PTR     heritagemontana.com.
 
;; Query time: 562 msec
;; SERVER: 192.168.9.2#53(192.168.9.2)
;; WHEN: Tue Dec 18 15:31:47 2012
;; MSG SIZE  rcvd: 3258



What is suspicious is a whois query for IP address 170.135.216.181.
Privacy Protect in Shanghai, China? 


C:\>whois 170.135.216.181
 
Whois v1.11 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005-2012 Mark Russinovich
 
Connecting to COM.whois-servers.net...
Connecting to whois.hebeidomains.com...
 
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
Administrative:
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
Technical:
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
For contacting domain owner send email to above email address
or visit Privacy--Protect.org and send it via form there
 
This is whois privacy protection
 
We will reveal registrant's info for UDRP proceeding
or after relevant authorities request in our jurisdiction
===============================================================
===============================================================
===============================================================
 
The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about
or related to a domain name registration record. We make this information
available "as is", and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful purposes
and that, under no circumstances will you use this data to:
(1) enable high volume, automated, electronic processes that stress
or load this whois database system providing you this information; or
(2) allow, enable, or otherwise support the transmission of mass unsolicited
commercial advertising or solicitations via direct mail, electronic mail,
or by telephone.
 
The compilation, repackaging, dissemination or other use of this data is
expressly prohibited without prior written consent from us. The Registrar
of record is HebeiDomains.com. We reserve the right to modify these terms
at any time. By submitting this query, you agree to abide by these terms.
 
Request number 1 from 5 daily allowed from your IP address.
Email to trick bots (does not work)  HERITAGEMONTANA.COM@hotmail.com



My Whois doesn't match yours. I am worried for you :) Mine matches the google result for whois 170.135.216.181

$ whois 170.135.216.181
#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 170.135.216.181"
#
# Use "?" to get help.
#
 
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=170.135.216.181?showDetails=true&showARIN=false&ext=netref2
#
 
NetRange:       170.135.0.0 - 170.135.255.255
CIDR:           170.135.0.0/16
OriginAS:       
NetName:        FIRSTBANK-B
NetHandle:      NET-170-135-0-0-1
Parent:         NET-170-0-0-0-0
NetType:        Direct Assignment
RegDate:        1994-05-13
Updated:        2002-03-29
Ref:            http://whois.arin.net/rest/net/NET-170-135-0-0-1
 
OrgName:        First Bank System Inc.
OrgId:          FBS-1
Address:        601 2nd Ave S
City:           Minneapolis
StateProv:      MN
PostalCode:     55402
Country:        US
RegDate:        1994-05-13
Updated:        2011-09-24
Ref:            http://whois.arin.net/rest/org/FBS-1
 
OrgAbuseHandle: DTC8-ORG-ARIN
OrgAbuseName:   Domain, Technical Contact
OrgAbusePhone:  +1-503-261-5000 
OrgAbuseEmail:  domtech@usbank.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/DTC8-ORG-ARIN
 
OrgTechHandle: CKN23-ARIN
OrgTechName:   No, Contact Known
OrgTechPhone:  +1-800-555-1234 
OrgTechEmail:  nobody@example.com
OrgTechRef:    http://whois.arin.net/rest/poc/CKN23-ARIN
 
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
--
My place : »www.schettino.us
to forum · permalink · 2012-12-18 17:48:27 ·


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast

said by JohnInSJ:

said by NetFixer:

What is suspicious is a whois query for IP address 170.135.216.181.
Privacy Protect in Shanghai, China? 

C:\>whois 170.135.216.181
 
Whois v1.11 - Domain information lookup utility
Sysinternals - www.sysinternals.com
Copyright (C) 2005-2012 Mark Russinovich
 
Connecting to COM.whois-servers.net...
Connecting to whois.hebeidomains.com...
 
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
Administrative:
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
Technical:
   HERITAGEMONTANA.COM
   Privacy Protect
   General Delivery/Poste restante
   855 Tianyaoqiao Lu
   2000 Shanghai, China
   All Postal Mails Will Be Rejected, do not mail there anything !
 
   Tel.: +55.1137117371
   Email: HERITAGEMONTANA.COM (at) privacy--protect.org
 
For contacting domain owner send email to above email address
or visit Privacy--Protect.org and send it via form there
 
This is whois privacy protection
 
We will reveal registrant's info for UDRP proceeding
or after relevant authorities request in our jurisdiction
===============================================================
===============================================================
===============================================================
 
The data in this whois database is provided to you for information
purposes only, that is, to assist you in obtaining information about
or related to a domain name registration record. We make this information
available "as is", and do not guarantee its accuracy. By submitting a
whois query, you agree that you will use this data only for lawful purposes
and that, under no circumstances will you use this data to:
(1) enable high volume, automated, electronic processes that stress
or load this whois database system providing you this information; or
(2) allow, enable, or otherwise support the transmission of mass unsolicited
commercial advertising or solicitations via direct mail, electronic mail,
or by telephone.
 
The compilation, repackaging, dissemination or other use of this data is
expressly prohibited without prior written consent from us. The Registrar
of record is HebeiDomains.com. We reserve the right to modify these terms
at any time. By submitting this query, you agree to abide by these terms.
 
Request number 1 from 5 daily allowed from your IP address.
Email to trick bots (does not work)  HERITAGEMONTANA.COM@hotmail.com

My Whois doesn't match yours. I am worried for you :) Mine matches the google result for whois 170.135.216.181

$ whois 170.135.216.181
#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 170.135.216.181"
#
# Use "?" to get help.
#
 
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=170.135.216.181?showDetails=true&showARIN=false&ext=netref2
#
 
NetRange:       170.135.0.0 - 170.135.255.255
CIDR:           170.135.0.0/16
OriginAS:       
NetName:        FIRSTBANK-B
NetHandle:      NET-170-135-0-0-1
Parent:         NET-170-0-0-0-0
NetType:        Direct Assignment
RegDate:        1994-05-13
Updated:        2002-03-29
Ref:            http://whois.arin.net/rest/net/NET-170-135-0-0-1
 
OrgName:        First Bank System Inc.
OrgId:          FBS-1
Address:        601 2nd Ave S
City:           Minneapolis
StateProv:      MN
PostalCode:     55402
Country:        US
RegDate:        1994-05-13
Updated:        2011-09-24
Ref:            http://whois.arin.net/rest/org/FBS-1
 
OrgAbuseHandle: DTC8-ORG-ARIN
OrgAbuseName:   Domain, Technical Contact
OrgAbusePhone:  +1-503-261-5000 
OrgAbuseEmail:  domtech@usbank.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/DTC8-ORG-ARIN
 
OrgTechHandle: CKN23-ARIN
OrgTechName:   No, Contact Known
OrgTechPhone:  +1-800-555-1234 
OrgTechEmail:  nobody@example.com
OrgTechRef:    http://whois.arin.net/rest/poc/CKN23-ARIN
 
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Yep, if I do the whois query from my Linux server, I get the FirstBank (a US Bank predecessor) results too.


webhost:/home/royces # whois 170.135.216.181
#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 170.135.216.181"
#
# Use "?" to get help.
#
 
#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=170.135.216.181?showDetails=true&showARIN=false&ext=netref2
#
 
NetRange:       170.135.0.0 - 170.135.255.255
CIDR:           170.135.0.0/16
OriginAS:
NetName:        FIRSTBANK-B
NetHandle:      NET-170-135-0-0-1
Parent:         NET-170-0-0-0-0
NetType:        Direct Assignment
RegDate:        1994-05-13
Updated:        2002-03-29
Ref:            http://whois.arin.net/rest/net/NET-170-135-0-0-1
 
OrgName:        First Bank System Inc.
OrgId:          FBS-1
Address:        601 2nd Ave S
City:           Minneapolis
StateProv:      MN
PostalCode:     55402
Country:        US
RegDate:        1994-05-13
Updated:        2011-09-24
Ref:            http://whois.arin.net/rest/org/FBS-1
 
OrgTechHandle: CKN23-ARIN
OrgTechName:   No, Contact Known
OrgTechPhone:  +1-800-555-1234
OrgTechEmail:  nobody@example.com
OrgTechRef:    http://whois.arin.net/rest/poc/CKN23-ARIN
 
OrgAbuseHandle: DTC8-ORG-ARIN
OrgAbuseName:   Domain, Technical Contact
OrgAbusePhone:  +1-503-261-5000
OrgAbuseEmail:  domtech@usbank.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/DTC8-ORG-ARIN
 
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#



I only recently installed the Mark Russinovich whois utility on my Windows boxes. So much for trusting Microsoft's port of a *nix utility. I guess I need to go back to using the GeekTools application instead.

--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
to forum · permalink · 2012-12-18 18:13:31 ·


IowaCowboy
Want to go back to Iowa
Premium
join:2010-10-16
Springfield, MA
Reviews:
·Comcast
·Verizon Broadban..

reply to JohnInSJ
They still have domain names under the Firstar Brand?

US Bank bought Firstar in the late '90s or early 2000's. I know this because Firstar became US Bank when I still lived in Iowa and I moved to Massachusetts in 2002.

Banks were being bought out like crazy back then. Commercial Federal Bought out Perpetual Savings Bank and they are now Bank of the West. Bank of America bought out Fleet. My current bank, Berkshire Bank was Woronoco Savings Bank before being bought out by Berkshire Bank.

I bet many of these banks still have servers using the domain names of their former names.

When I had AT&T for cell phone, they had many of their apps under the domains of mycingular even though their name changed to AT&T.

to forum · permalink · 2012-12-18 18:26:08 ·


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Comcast Business..
·Vonage
·Cingular Wireless
·Comcast
1 edit

said by IowaCowboy:

They still have domain names under the Firstar Brand?

US Bank bought Firstar in the late '90s or early 2000's. I know this because Firstar became US Bank when I still lived in Iowa and I moved to Massachusetts in 2002.

Banks were being bought out like crazy back then. Commercial Federal Bought out Perpetual Savings Bank and they are now Bank of the West. Bank of America bought out Fleet. My current bank, Berkshire Bank was Woronoco Savings Bank before being bought out by Berkshire Bank.

I bet many of these banks still have servers using the domain names of their former names.

When I had AT&T for cell phone, they had many of their apps under the domains of mycingular even though their name changed to AT&T.

It would appear that US Bank has indeed preserved many (if not all) of their predecessors' domain names.

I remember the buyout because I lost a third party maintenance contract after the US Bank purchase of Firstar. I used to maintain routers and other communication devices for Star Bank and Firstar in this area for a VAR who supplied the equipment.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
to forum · permalink · 2012-12-18 18:33:05 ·
Forums > US Cable Support > Comcast HSI

Sunday, 19-May 03:21:45 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics