|
IP address question
Anyone know how to track this IP address?
I have gotten it this far but havent the slightest idea what it says in line 17. Joe A TraceRoute to 71.226.82.73 [c-71-226-82-73.hsd1.fl.comcast.net] Hop (ms) (ms) (ms) IP Address Host name 1 0 0 0 66.98.244.1 gphou-66-98-244-1.ev1servers.net 2 0 0 0 66.98.241.16 gphou-66-98-241-16.ev1servers.net 3 1 0 0 38.99.206.173 - 4 1 1 2 38.112.35.237 g4-0-0.core01.iah01.atlas.cogentco.com 5 1 3 1 154.54.2.202 t4-1.mpd01.iah01.atlas.cogentco.com 6 43 43 44 154.54.2.165 te2-4.mpd01.dca01.atlas.cogentco.com 7 45 44 44 154.54.2.182 v3491.mpd01.dca02.atlas.cogentco.com 8 45 45 46 154.54.5.46 v3496.mpd01.iad01.atlas.cogentco.com 9 45 46 44 154.54.3.221 g9-0-0-3492.core01.iad01.atlas.cogentco.com 10 40 41 41 192.205.33.201 gr1-a3110s1.attga.ip.att.net 11 38 38 37 12.123.8.190 tbr2033001.wswdc.ip.att.net 12 38 37 39 12.122.10.70 tbr1-cl17.attga.ip.att.net 13 39 37 37 12.123.20.9 gar2-p360.attga.ip.att.net 14 49 48 47 12.124.58.166 - 15 47 47 47 68.86.166.53 - 16 47 48 50 68.86.166.34 ubr01.fruitlandpr.fl.lakecnty.comcast.net 17 57 Timed out 52 71.226.82.73 c-71-226-82-73.hsd1.fl.comcast.net |
Fitlering ICMP traffic on that hop, probably a home router dropping the packets, etc.
Edit - or the computer/router/whatever that has that IP leased isn't turned on at the moment. |
IP address: 71.226.82.73
Reverse DNS: c-71-226-82-73.hsd1.fl.comcast.net. Reverse DNS authenticity: [Unknown] ASN: 22909 ASN Name: DNEO-OSP1 IP range connectivity: 4 Registrar (per ASN): ARIN Country (per IP registrar): US [United States] Country Currency: USD [United States Dollars] Country IP Range: 71.192.0.0 to 71.255.255.255 Country fraud profile: Normal City (per outside source): Lady Lake, Florida Country (per outside source): US [United States] Private (internal) IP? No IP address registrar: BOGUS Known Proxy? No |
Port 25 and 110 are open (SMTP and POP).
|
HD,
So the IP address is no good or fake? This is coming from someone trying to scam me. Caught them and have not paid a penny but trying to find out where its coming from. It was supposed to be a Yahoo email address but keep seeing other IP addresses. Its being sent out of an email program called "The Bat!" Thx, Joe A |
The Bat is a windows email client...
Address is in a pool of dynamic addresses. I just ran nmap on it (port scanner), looks like it is hooked up directly to a windows box with no router/firewall/etc. running. Code:
root@host:~# nmap -sS -O -PI -PT 71.226.82.73 |
Joe, its a real address.
Joe, there are certain *ahem* actions that could be taken, but seeing as that they are on Comcast, we may have the wrong IP. In other words, they use dynamic addresses, and we may end up targeting the wrong person. What is this joker trying to do? |
Will email you directly.
|
Quote:
This could be fun. How pissed are you at these folks Joe? |
Icemaster - note that the address is in a dhcp pool, and my scan didn't show 25 or 110 open like harddrive's did... different computer now. No need to mess up some poor granny's collection of pix of her grandkids...
|
Quote:
Trying to scam me out of $3000. I figured it out early but would love to turn these jerks into the law. |
Quote:
Best thing at this point would be to make Comcast aware of it. Not that that would do much... |
Joe that bad finally??
|
My latest nmap scan also shows a port 25 .... I doubt that grandma has an SMTP server setup .... doing a -p- also
|
Jordi,
Nothing new but the request to help by sending $3k came through a few days ago. I have not responded to it but would love to send them to jail or at least get them stopped from trying to screw people on the internet. |
You told me the story on Monday over dinner ... sad, very sad ...
I think that the IP address still good, based in Florida (Lady Lake ?) |
Quote:
Let me do some.....adventuring, tomorrow. |
Thanks guys.
|
HardDrive .... Cain & Abel ARP functions??
|
Here is a more recent nmap version scan:
Starting Nmap 4.20 ( http://insecure.org ) at 2007-01-19 00:40 PST Interesting ports on c-71-226-82-73.hsd1.fl.comcast.net (71.226.82.73): Not shown: 1687 closed ports PORT STATE SERVICE 135/tcp filtered msrpc 136/tcp filtered profile 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 1025/tcp open NFS-or-IIS 1026/tcp open LSA-or-nterm 1080/tcp filtered socks 5000/tcp open UPnP Device type: general purpose|specialized Running (JUST GUESSING) : Microsoft Windows 2000|2003 (91%), Symbol Windows PocketPC/CE (86%) Aggressive OS guesses: Microsoft Windows 2000, SP0, SP1, or SP2 (91%), Microsoft Windows 2000 Server SP4 (90%), Microsoft Windows 2000 SP3 (89%), Microsoft Windows 2000 SP4 (89%), Microsoft Windows 2003 Server SP1 (88%), Symbol MC9060-G mobile computer (runs Microsoft Windows CE .NET 4.20) (86%), Microsoft Windows 2000 Server SP4 (85%) No exact OS matches for host (test conditions non-ideal). Network Distance: 15 hops OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ . Nmap finished: 1 IP address (1 host up) scanned in 21.820 seconds SmileWavy |
| All times are GMT -8. The time now is 12:09 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website