?
Solved

Finding phisical place of IP Adress.

Posted on 2000-03-03
8
Medium Priority
?
418 Views
Last Modified: 2013-12-23
My girlfriend is receiving harrassing Email from geilerd53@hotmail.com(his name = my name, so he has a bogus profile with hotmail), she received already 3 mails from that person. The IP adress of the sender is 195.130.132.49 (all three times) now is it possible to find out what the phisical place of that ip adress is (every computer on the net has an ipadress), or it could also help if I know the provider of the sender.
0
Comment
Question by:IBE
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 

Accepted Solution

by:
scottriley earned 600 total points
ID: 2579598
The IP resolves as follows:

Name:    romulus.telenet-ops.be
Address:  195.130.132.49

You would be best advised to forward the 3 emails to abuse@hotmail.com they will investigate and if your complaint is upheld - they will close his account.  Unfortunately though there is nothing stopping him getting a new hotmail account with fake details =(

The IP is probably the gateway of his network / service provider etc...  Hotmail may well trace the incident right back to the service provider and the ISP may even ban his Dial-Up account.  If he opens another dial-up account and abuses again, it is possible that the ISP can close his account and prevent his telephone number from being accepted into the ISP...

Unfortunately there are too many other ISP's he can use and creating a fake hotmail account isn't exactly rocket science...
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 2579669
Complain to hotmail and get the account disabled.

You could probably track this IP to an ISP, but no further, as details would be confidential.

An ISP will no doubt own this IP address, in which case they can look up in their logs who owns it and you can go from there.

You could try reporting this to the police - they may have some sort of tracing facility ?

0
 

Expert Comment

by:scottriley
ID: 2579682
Yeah the police may help, but in the UK the Police generally have no clue regarding internet technologies.  They will refer to the abuse department at the ISP, if no complaint has been made to the ISP then they cannot help the police prosecute.  At least that's my understanding from our abuse department here - definately complain to the ISP first, they can always call the police in on the matter later if necessary.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 1

Expert Comment

by:westerdal
ID: 2579720
Contact the ISP that owns the IP

You can find the Owner of the IP
by typing it in at this address at:

http://www.arin.net/whois/

Tell them your story and I am sure they will kick the user, they may not tell you his name but they will warn him or boot him.
0
 
LVL 6

Expert Comment

by:joopv
ID: 2582965
IP address Result
195.130.132.49 romulus.telenet-ops.be [more info for this domain name]  

WHOIS Result:
European Regional Internet Registry/RIPE NCC (NETBLK-RIPE-C)
   These addresses have been further assigned to European users.
   Netname: RIPE-CBLK3
   Netblock: 195.0.0.0 - 195.255.255.0
   Maintainer: RIPE
   Coordinator:
      RIPE Network Coordination Centre  (RIPE-NCC-ARIN)  nicdb@RIPE.NET
      +31 20 535 4444
Fax- - +31 20 535 4445
   Domain System inverse mapping provided by:
   NS.RIPE.NET                  193.0.0.193
   NS.EU.NET                  192.16.202.11
   AUTH03.NS.UU.NET            198.6.1.83
   NS2.NIC.FR                  192.93.0.4
   SUNIC.SUNET.SE            192.36.148.18
   MUNNARI.OZ.AU            128.250.1.21
   NS.APNIC.NET                  203.37.255.97
   Record last updated on 16-Oct-1998.
   Database last updated on 3-Mar-2000 18:02:27 EDT.

inetnum:     195.130.128.0 - 195.130.149.255
netname:     TELENET
descr:       Telenet Operaties N.V.
country:     BE
admin-c:     PS396-RIPE
tech-c:      PS396-RIPE
status:      ASSIGNED PA
mnt-by:      TELENET-DBM
mnt-lower:   TELENET-DBM
changed:     Piet.Spiessens@telenet.be 19981113
source:      RIPE
route:       195.130.128.0/19
descr:       TELENET
origin:      AS6848
mnt-by:      TELENET-DBM
changed:     Piet.Spiessens@telenet.be 19971217
source:      RIPE
person:      Piet Spiessens
address:     Telenet Operaties N.V.
address:     Liersesteenweg 4
address:     B-2800 Mechelen
address:     Belgium
phone:       +32 15 333 000
fax-no:      +32 15 333 999
e-mail:      tech@telenet-ops.be
nic-hdl:     PS396-RIPE
mnt-by:      TELENET-DBM
changed:     tech@telenet-ops.be 20000202
source:      RIPE



0
 
LVL 32

Expert Comment

by:jhance
ID: 2583782
If the messages are truly threatening, I'd suggest you do the following:

1) Report this to HOTMAIL and include copies of all the messages including their headers.

2) Report this to the administrator at the 195.130.132.49 network.  That seems to be Piet.Spiessens@telenet.be.  It seems odd that you're getting harassed from Belgium but it could be that their site has been compromised and someone is using their systems for this abuse.  In either case, they should be interested.

3) Print out hardcopies and copy to a floppy disk all of the messages and file them along with a complaint at your local law enforcement office.

Having been involved with a similar situation in the past, I can tell you that HOTMAIL and the police take these things very seriously.  I don't know about the 195.130.132.49 administrators but the ones at the place I contacted were very fast to act.
0
 

Author Comment

by:IBE
ID: 2611613
Sorry westerdal, scottriley was first.
scottriley please propose answer so I can give you the points
0
 

Author Comment

by:IBE
ID: 2611617
thanks for helping everybody
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question