Solved

Finding phisical place of IP Adress.

Posted on 2000-03-03
8
359 Views
Last Modified: 2013-12-23
My girlfriend is receiving harrassing Email from geilerd53@hotmail.com(his name = my name, so he has a bogus profile with hotmail), she received already 3 mails from that person. The IP adress of the sender is 195.130.132.49 (all three times) now is it possible to find out what the phisical place of that ip adress is (every computer on the net has an ipadress), or it could also help if I know the provider of the sender.
0
Comment
Question by:IBE
8 Comments
 

Accepted Solution

by:
scottriley earned 200 total points
Comment Utility
The IP resolves as follows:

Name:    romulus.telenet-ops.be
Address:  195.130.132.49

You would be best advised to forward the 3 emails to abuse@hotmail.com they will investigate and if your complaint is upheld - they will close his account.  Unfortunately though there is nothing stopping him getting a new hotmail account with fake details =(

The IP is probably the gateway of his network / service provider etc...  Hotmail may well trace the incident right back to the service provider and the ISP may even ban his Dial-Up account.  If he opens another dial-up account and abuses again, it is possible that the ISP can close his account and prevent his telephone number from being accepted into the ISP...

Unfortunately there are too many other ISP's he can use and creating a fake hotmail account isn't exactly rocket science...
0
 
LVL 23

Expert Comment

by:Tim Holman
Comment Utility
Complain to hotmail and get the account disabled.

You could probably track this IP to an ISP, but no further, as details would be confidential.

An ISP will no doubt own this IP address, in which case they can look up in their logs who owns it and you can go from there.

You could try reporting this to the police - they may have some sort of tracing facility ?

0
 

Expert Comment

by:scottriley
Comment Utility
Yeah the police may help, but in the UK the Police generally have no clue regarding internet technologies.  They will refer to the abuse department at the ISP, if no complaint has been made to the ISP then they cannot help the police prosecute.  At least that's my understanding from our abuse department here - definately complain to the ISP first, they can always call the police in on the matter later if necessary.
0
 
LVL 1

Expert Comment

by:westerdal
Comment Utility
Contact the ISP that owns the IP

You can find the Owner of the IP
by typing it in at this address at:

http://www.arin.net/whois/

Tell them your story and I am sure they will kick the user, they may not tell you his name but they will warn him or boot him.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 6

Expert Comment

by:joopv
Comment Utility
IP address Result
195.130.132.49 romulus.telenet-ops.be [more info for this domain name]  

WHOIS Result:
European Regional Internet Registry/RIPE NCC (NETBLK-RIPE-C)
   These addresses have been further assigned to European users.
   Netname: RIPE-CBLK3
   Netblock: 195.0.0.0 - 195.255.255.0
   Maintainer: RIPE
   Coordinator:
      RIPE Network Coordination Centre  (RIPE-NCC-ARIN)  nicdb@RIPE.NET
      +31 20 535 4444
Fax- - +31 20 535 4445
   Domain System inverse mapping provided by:
   NS.RIPE.NET                  193.0.0.193
   NS.EU.NET                  192.16.202.11
   AUTH03.NS.UU.NET            198.6.1.83
   NS2.NIC.FR                  192.93.0.4
   SUNIC.SUNET.SE            192.36.148.18
   MUNNARI.OZ.AU            128.250.1.21
   NS.APNIC.NET                  203.37.255.97
   Record last updated on 16-Oct-1998.
   Database last updated on 3-Mar-2000 18:02:27 EDT.

inetnum:     195.130.128.0 - 195.130.149.255
netname:     TELENET
descr:       Telenet Operaties N.V.
country:     BE
admin-c:     PS396-RIPE
tech-c:      PS396-RIPE
status:      ASSIGNED PA
mnt-by:      TELENET-DBM
mnt-lower:   TELENET-DBM
changed:     Piet.Spiessens@telenet.be 19981113
source:      RIPE
route:       195.130.128.0/19
descr:       TELENET
origin:      AS6848
mnt-by:      TELENET-DBM
changed:     Piet.Spiessens@telenet.be 19971217
source:      RIPE
person:      Piet Spiessens
address:     Telenet Operaties N.V.
address:     Liersesteenweg 4
address:     B-2800 Mechelen
address:     Belgium
phone:       +32 15 333 000
fax-no:      +32 15 333 999
e-mail:      tech@telenet-ops.be
nic-hdl:     PS396-RIPE
mnt-by:      TELENET-DBM
changed:     tech@telenet-ops.be 20000202
source:      RIPE



0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
If the messages are truly threatening, I'd suggest you do the following:

1) Report this to HOTMAIL and include copies of all the messages including their headers.

2) Report this to the administrator at the 195.130.132.49 network.  That seems to be Piet.Spiessens@telenet.be.  It seems odd that you're getting harassed from Belgium but it could be that their site has been compromised and someone is using their systems for this abuse.  In either case, they should be interested.

3) Print out hardcopies and copy to a floppy disk all of the messages and file them along with a complaint at your local law enforcement office.

Having been involved with a similar situation in the past, I can tell you that HOTMAIL and the police take these things very seriously.  I don't know about the 195.130.132.49 administrators but the ones at the place I contacted were very fast to act.
0
 

Author Comment

by:IBE
Comment Utility
Sorry westerdal, scottriley was first.
scottriley please propose answer so I can give you the points
0
 

Author Comment

by:IBE
Comment Utility
thanks for helping everybody
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now