I need to find out who's IP this is

[lguzik]

Someone currently set up an email account in my name and used this account in a personally offensive and wrongful way. I need to find out whos IP address this is. I tried Yahoo and Road Runner, they will tell me nothing. I even tried ARIN, and I am left with little information. Can someone please help me attain this information? The IP address in question is 24.208.217.224 Thank you to whoever can help me.

[AllGamer]

run NSLOOKUP IP

like this NSLOOKUP 24.208.217.224

and you get back dhcp024-208-217-224.indy.rr.com

so Road Runner ISP in Indiana

if you want to find out more try this http://visualroute.visualware.com/
and run it for the IP 24.208.217.224

Try it it's really cool

[AllGamer]

Originally posted by lguzik
Someone currently set up an email account in my name and used this account in a personally offensive and wrongful way. I need to find out whos IP address this is. I tried Yahoo and Road Runner, they will tell me nothing. I even tried ARIN, and I am left with little information. Can someone please help me attain this information? The IP address in question is 24.208.217.224 Thank you to whoever can help me.

BTW, Welcome to SysOpt

[Bigjakkstaffa]

My god - that visual route thing is fantastic

--Jakk

[Ammok]

you need to bear in mind that that some dial up connections automatically issue a new ip number each time they connect.

Also, there is a ninety percent probability that the person you suspect of doing this, did it.

Something in this drivel might give you a clue, but you could also contact your own isp as this activity is illegal, maybe they can help.



IP address: 24.208.217.224
Host name: dhcp024-208-217-224.indy.rr.com

TraceRoute to 24.208.217.224 [dhcp024-208-217-224.indy.rr.com]

Hop (ms) (ms) (ms) IP Address Host name
1 94 47 16 66.46.176.3 -
2 0 0 0 216.191.97.45 pos5-2.core2-mtl.bb.attcanada.ca
3 0 0 0 216.191.65.217 srp2-0.core1-mtl.bb.attcanada.ca
4 0 16 0 216.191.65.173 pos2-1.core2-tor.bb.attcanada.ca
5 0 15 0 216.191.65.243 srp2-0.gwy1-tor.bb.attcanada.ca
6 31 16 31 12.125.142.5 -
7 15 16 16 12.123.5.222 gbr6-p80.cgcil.ip.att.net
8 16 31 31 12.122.5.14 gbr4-p90.cgcil.ip.att.net
9 16 31 15 12.123.5.149 ggr1-p370.cgcil.ip.att.net
10 16 16 31 192.205.32.238 att-gw.chi.aol.com
11 31 15 32 66.185.148.66 bb2-chi-p1-0.atdn.net
12 32 46 32 66.185.152.215 bb2-vie-p10-0.atdn.net
13 78 79 78 66.185.152.212 bb2-col-p3-0.atdn.net
14 78 79 78 66.185.140.55 pop1-col-p6-0.atdn.net
15 93 79 78 66.185.147.82 rr-indianapolis.atdn.net
16 78 94 78 65.26.189.161 srp1-0.iplsin1-rtr1.indy.rr.com
17 78 94 78 65.26.189.70 pos1-0.znvlin1-ubr1.indy.rr.com
18 Timed out Timed out Timed out -
19 Timed out Timed out Timed out -
20 Timed out Timed out Timed out -
21 Timed out Timed out Timed out -

Trace aborted.

Domain registry query for rr.com:

Whois Server Version 1.3

Domain names in the .com, .net, and .org domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Domain Name: RR.COM
Registrar: NETWORK SOLUTIONS, INC.
Whois Server: whois.networksolutions.com
Referral URL: http://www.networksolutions.com
Name Server: DNS1.RR.COM
Name Server: DNS2.RR.COM
Name Server: DNS3.RR.COM
Name Server: DNS4.RR.COM
Updated Date: 24-oct-2002


>>> Last update of whois database: Mon, 20 Jan 2003 05:16:56 EST <<<

The Registry database contains ONLY .COM, .NET, .ORG, .EDU domains and
Registrars.



--------------------------------------------------------------------------------

WHOIS whois.networksolutions.com rr.com:

Welcome to the VeriSign Registrar WHOIS Server.

The IP address from which you have visited the VeriSign Registrar WHOIS
database is contained within a list of IP addresses that may have failed
to abide by VeriSign's WHOIS policy. Failure to abide by this policy can
adversely impact our systems and servers, preventing the processing of
other WHOIS requests.

To see the VeriSign WHOIS Policy, click on or copy and paste the following
URL into your browser:

http://www.netsol.com/cgi-bin/whois/whois/

If you feel that you have received this message in error, please contact us at
1-888-642-9675, (703)-742-0914, or via e-mail at:
whoisquery@networksolutions.com

Your IP address is 66.46.181.116.


--------------------------------------------------------------------------------

.com is for "Commercial" which is a Generic Top Level Domain (gTLD) - Not associated with a country
Root: ICANN
Registration web site: http://www.internic.net
Whois server: whois.networksolutions.com
Whois web interface: http://www.internic.net
Second Level Domains Registered
Cost: Varies depending upon registrar
Dispute Policy: http://www.icann.org/udrp/udrp.htm
Notes: Domains registered by many competing registrars. Prices vary. Whois is a 2-step process. the registry is first checked to see which registrar controls the domain and that specific registrar's whois database is queried to see ownership information.
Updated: July 22, 2001

DNS Records for rr.com:

query from dns.consumer.net to get an authoritative nameserver

NameServer used for query: dns1.rr.com



Answer records
rr.com 1 NS dns1.rr.com 3600s
rr.com 1 NS dns2.rr.com 3600s
rr.com 1 NS dns3.rr.com 3600s
rr.com 1 NS dns4.rr.com 3600s
rr.com 1 SOA server: dns1.rr.com
email: abuse@rr.com
serial: 2003011502
refresh: 10800
retry: 3600
expire: 604800
minimum ttl: 3600
3600s
rr.com 1 MX preference: 10
exchange: vamx02.mgw.rr.com
3600s
rr.com 1 MX preference: 20
exchange: vamx01.mgw.rr.com
3600s
rr.com 1 MX preference: 20
exchange: tnmx01.mgw.rr.com
3600s
rr.com 1 MX preference: 20
exchange: ohmx01.mgw.rr.com
3600s
rr.com 1 MX preference: 20
exchange: ohmx02.mgw.rr.com
3600s
rr.com 1 MX preference: 30
exchange: herndon.mgw.rr.com
3600s

Authority records

Additional records
dns1.rr.com 1 A 24.30.200.3 3600s
dns2.rr.com 1 A 24.30.201.3 3600s
dns3.rr.com 1 A 24.30.199.7 3600s
dns4.rr.com 1 A 65.24.0.172 3600s
vamx02.mgw.rr.com 1 A 24.30.200.18 86400s
vamx01.mgw.rr.com 1 A 24.30.201.18 86400s
tnmx01.mgw.rr.com 1 A 24.165.200.11 86400s
ohmx01.mgw.rr.com 1 A 65.24.0.111 86400s
ohmx02.mgw.rr.com 1 A 65.24.0.110 86400s

DNS Records for indy.rr.com


query from dns.consumer.net to get an authoritative nameserver

NameServer used for query: clmboh1-dns1.columbus.rr.com



Answer records
indy.rr.com 1 MX preference: 100
exchange: vamx01.mgw.rr.com
3600s
indy.rr.com 1 MX preference: 30
exchange: ohio.mgw.rr.com
3600s
indy.rr.com 1 MX preference: 10
exchange: ohmx01.mgw.rr.com
3600s
indy.rr.com 1 MX preference: 10
exchange: ohmx02.mgw.rr.com
3600s
indy.rr.com 1 MX preference: 10
exchange: tnmx01.mgw.rr.com
3600s
indy.rr.com 1 MX preference: 20
exchange: ncmx01.mgw.rr.com
3600s
indy.rr.com 1 MX preference: 20
exchange: ncmx02.mgw.rr.com
3600s
indy.rr.com 1 NS clmboh1-dns2.columbus.rr.com 86400s
indy.rr.com 1 NS clmboh1-dns1.columbus.rr.com 86400s
indy.rr.com 1 NS clmboh1-dns5.columbus.rr.com 86400s
indy.rr.com 1 SOA server: indy.rr.com
email: rradm@indy.rr.com
serial: 2002111905
refresh: 3600
retry: 900
expire: 604800
minimum ttl: 86400
86400s

Authority records

Additional records
vamx01.mgw.rr.com 1 A 24.30.201.18 62757s
ohmx01.mgw.rr.com 1 A 65.24.0.111 62759s
ohmx02.mgw.rr.com 1 A 65.24.0.110 62759s
tnmx01.mgw.rr.com 1 A 24.165.200.11 63062s
ncmx01.mgw.rr.com 1 A 24.93.67.251 62759s
ncmx02.mgw.rr.com 1 A 24.93.67.222 62759s
clmboh1-dns2.columbus.rr.com 1 A 65.24.0.165 86400s
clmboh1-dns1.columbus.rr.com 1 A 65.24.0.164 86400s
clmboh1-dns5.columbus.rr.com 1 A 65.24.0.168 86400s


Network IP address lookup:

whois whois.arin.net 24.208.217.224:



OrgName: Road Runner
OrgID: RRMA

NetRange: 24.208.0.0 - 24.211.31.255
CIDR: 24.208.0.0/15, 24.210.0.0/16, 24.211.0.0/19
NetName: RR-CENTRAL-3BLK
NetHandle: NET-24-208-0-0-1
Parent: NET-24-0-0-0-0
NetType: Direct Allocation
NameServer: DNS1.RR.COM
NameServer: DNS2.RR.COM
NameServer: DNS3.RR.COM
NameServer: DNS4.RR.COM
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-06-29
Updated: 2002-08-14

TechHandle: ZS30-ARIN
TechName: ServiceCo LLC
TechPhone: +1-703-345-3416
TechEmail: abuse@rr.com

OrgTechHandle: IPTEC-ARIN
OrgTechName: IP Tech
OrgTechPhone: +1-703-345-3416
OrgTechEmail: abuse@rr.com

OrgTechHandle: IPCON-ARIN
OrgTechName: IPControl
OrgTechPhone: +1-703-345-3416
OrgTechEmail: tconley@va.rr.com

OrgAbuseHandle: ABUSE10-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-703-345-3416
OrgAbuseEmail: abuse@rr.com

# ARIN Whois database, last updated 2003-01-19 20:00
# Enter ? for additional hints on searching ARIN's Whois database.

[Ammok]

I agree, the visual route is better than my text one!!!!

[Ammok]

Oh, and I forgot to mention, amongst the huge trace information is an abuse email for roadrunner, if you contact them direct you might be on to something.

[AllGamer]

Originally posted by Bigjakkstaffa
My god - that visual route thing is fantastic

--Jakk

Nooooooo way!!

You'r telling me you've not ever used it before?

i've been playing with that thing for a year or 2 already

and yes it's an Excellent tool

[AllGamer]

Originally posted by Ammok
I agree, the visual route is better than my text one!!!!

LOL

yeah your Old School method is good for people that knows what to do with the info like us

but for a new person that doesn't even know Nslookup, that massive flood of Text is just a bunch of for them

So yup for newbies Visual Route is more fun and informative

[Ammok]

got to agree there, much more fun.

[Bizkitkid2001]

I can't get a trace. It always sais lost packets, can't go to the next network hop?


NM I figured it out.


But its strange, my firewall ping two IP address from london to a company called Richmond Software, never herd of it? Don't remember going to there web site either?

[lguzik]

I tried the virtual tracker, and it keeps getting stuck in GA. I read a past post from 99 where two different people were able to get the actual info from ARIN. I have already come up with the same stuff as all of you. No one at any of the companies will release any info to me, and I do not want to have to wait till I get a supoena.

[Bigjakkstaffa]

It trackedme up till about middlesbrogh then lost me

--Jakk

[Bigjakkstaffa]

You might wanna try a program called neotrace

Just enter a search for it in google, its only a small file. Its similar to that applet but a lot more reliable

--Jakk

[jrobbinson]

i had it for three years now its a great progge its small intergrates into IE in the tool bar if wanted and into right click as when right clicking a link also gave a map and every thing that visual progge gave which screwed up ZA and my connection had to dis-reconnect and reported wrong when i just tried the live trial. neotrace was free but it looks like norton bought them and intergrated them as in no longer free.
Glad I Saved A Copy!

HERE SOME OF WHAT I GOT


Registrant:
Road Runner HoldCo, LLC (RR6-DOM)
13241 Woodland Park Rd
null
US

Domain Name: RR.COM

Administrative Contact, Technical Contact:
Road Runner (XGUKSSRMIO) abuse@RR.COM
Road Runner
13241 Woodland Park Rd
Herndon, VA 20171
US
703-345-3416 fax: 703-345-2518

Record expires on 02-Oct-2010.
Record created on 01-Oct-1996.
Database last updated on 20-Jan-2003 22:32:40 EST.

Domain servers in listed order:

DNS1.RR.COM 24.30.200.3
DNS2.RR.COM 24.30.201.3
DNS3.RR.COM 24.30.199.7
DNS4.RR.COM 65.24.0.172
__________________________________________________ __

NETWORKS:


OrgName: Road Runner
OrgID: RRMA

NetRange: 24.208.0.0 - 24.211.31.255
CIDR: 24.208.0.0/15, 24.210.0.0/16, 24.211.0.0/19
NetName: RR-CENTRAL-3BLK
NetHandle: NET-24-208-0-0-1
Parent: NET-24-0-0-0-0
NetType: Direct Allocation
NameServer: DNS1.RR.COM
NameServer: DNS2.RR.COM
NameServer: DNS3.RR.COM
NameServer: DNS4.RR.COM
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-06-29
Updated: 2002-08-14

TechHandle: ZS30-ARIN
TechName: ServiceCo LLC
TechPhone: +1-703-345-3416
TechEmail: abuse@rr.com

OrgTechHandle: IPTEC-ARIN
OrgTechName: IP Tech
OrgTechPhone: +1-703-345-3416
OrgTechEmail: abuse@rr.com

OrgTechHandle: IPCON-ARIN
OrgTechName: IPControl
OrgTechPhone: +1-703-345-3416
OrgTechEmail: tconley@va.rr.com

OrgAbuseHandle: ABUSE10-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-703-345-3416
OrgAbuseEmail: abuse@rr.com

ARIN Whois database, last updated 2003-01-19 20:00
Enter ? for additional hints on searching ARIN's Whois database.