Okay, here's a challenge for all you 'puter savvy guys n' gals out there. My IP address is 4.245.173.164 . Tell me where I am! And if you can do that you must must must tell me how you did it.
I've been updating a post from yesterday and I am hitting a wall trying to locate the source of the "PayPal" scammers. I wanna know what frickin' wall socket their line is plugged into.
You have been tasked! Have at it!
Posted by Tuning Spork at January 8, 2006 07:28 PM | TrackBackAfter carefully scanning the internet with all of the tools at my disposal, I conclude that you are in...
Nah, that would be cheating.
Posted by: Stephen Macklin at January 8, 2006 07:43 PMLOL, Steve!
Posted by: Tuning Spork at January 8, 2006 07:59 PMOK Seriously even though I know where you are I went to see what I could find.
Using the Whois function in Apple OS X network Utility I learned the following about your ISP
OrgName: Level 3 Communications, Inc.
OrgID: LVLT
Address: 1025 Eldorado Blvd.
City: Broomfield
StateProv: CO
PostalCode: 80021
Country: US
NetRange: 4.0.0.0 - 4.255.255.255
CIDR: 4.0.0.0/8
NetName: LVLT-ORG-4-8
NetHandle: NET-4-0-0-0-1
Parent:
NetType: Direct Allocation
NameServer: NS1.LEVEL3.NET
NameServer: NS2.LEVEL3.NET
Comment:
RegDate:
Updated: 2004-06-04
OrgAbuseHandle: APL8-ARIN
OrgAbuseName: Abuse POC LVLT
OrgAbusePhone: +1-877-453-8353
OrgAbuseEmail: abuse@level3.com
OrgTechHandle: TPL1-ARIN
OrgTechName: Tech POC LVLT
OrgTechPhone: +1-877-453-8353
OrgTechEmail: ipaddressing@level3.com
I was unable to discover any info about you or your system with this tool. There are several hits in my Site Meter from level 3 but none that match your location. Ahem.
Posted by: Stephen Macklin at January 8, 2006 08:03 PMThat's pretty much what I was able to find. But I went here and got some detailed info about my 'puter by clicking on "my IP address":
Your details
IP address : 4.245.173.164
Hostname : dialup-4.245.173.164.Dial1.Stamford1.Level3.net
User-Agent : Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7.5) Gecko/20041217
Country : United States United States
Your port :
Proxy IP : Not available
Proxy server : Not available
Proxy origin : Not available
Proxy connection : Not available
Referer page : http://arul.telenet-systems.com/ip.php
Screen Resolution : 1024 x 768
Screen Colour depth : 8
Number of colours : 256
Operating System : Undefined OS
Browser : Gecko 20041217
Number of pages viewed : 1
Platform : Win32
Java enabled : false
.NET enabled : false
Cookies stored :
Flash enabled : true
Shockwave Director : false
Media Player enabled : true
RealPlayer enabled : false
Quicktime enabled : false
Acrobat Reader enabled : false
VRML enabled: false
Extra software installed : None installed!
Plugins : :: Installed Plugins ::- Shockwave Flash 8.0 r22 (NPSWF32.dll)
Shockwave Flash- Default Plug-in (npnul32.dll)
Mozilla Default Plug-in- Windows Multimedia Services DRM Store Plug-In (npwmsdrm.dll)
Microsoft® Windows Media Services- Network Object Plugin (npdrmv2.dll)
Microsoft (R) DRM- Npdsplay dll (npdsplay.dll)
Windows Media Player Plug-in Dynamic Link Library
Mime types : :: Installed Mime Types ::- Macromedia Flash movie (application/x-shockwave-flash)
- FutureSplash movie (application/futuresplash)
- Mozilla Default Plug-in (*)
- DRM File (application/x-drm)
- Network Interface Plugin (application/x-drm-v2)
- Media Files (application/asx)
- Media Files (video/x-ms-asf-plugin)
- Media Files (application/x-mplayer2)
- Media Files (video/x-ms-asf)
- Media Files (video/x-ms-wm)
- Media Files (audio/x-ms-wma)
- Media Files (audio/x-ms-wax)
- Media Files (video/x-ms-wmv)
- Media Files (video/x-ms-wvx)
But, apparantly, you have to query (verb) from that specific computer in order to garner that much info about it.
Posted by: Tuning Spork at January 8, 2006 08:26 PMAll I did to figure out where you are is review my email. But that's cheating, right?
Posted by: RP at January 9, 2006 10:07 AMHey Spork,
Call me at work or email me. I want to give you my car.
Posted by: Cousin B at January 9, 2006 04:23 PMHey, I check out the ip address of all my commenters, just in case later on they go crazy & start threatening me. Its happened before. Why? 'cause there's many ways to "mask" your IP address, so no one knows where you or your server really are. I would bet those PayPal Phishers use mirrored servers and lots of other hacker tricks to escape detection. Only super fast computers and very sophisticated (read expensive) software will be able to detect them. sorry super sleuth but this is something for the pros.
Posted by: michele at January 9, 2006 07:38 PMAw, drat.
Posted by: Tuning Spork at January 9, 2006 08:51 PMAnd we'd have caught them too if wasn't for those meddling kids.
Posted by: Stephen Macklin at January 9, 2006 10:24 PM...and their dog.
Posted by: Tuning Spork at January 9, 2006 10:36 PMThanks, I needed that laugh!
Posted by: michele at January 9, 2006 11:44 PMNobody ever offers to give me their car in my comments...
Although, now that I think about, I have been offered a few other things...;)
Posted by: Susie at January 10, 2006 07:38 PMOkay, first let me say this was a great exercise that was lots of fun! When I was in Grad school I ran a computer lab. Every year I hired only the top applicants who scored the highest on a Network and IP protocol test I would give. It was a technological test called "whereami". We were on a Unix system so they had to be really knowlegable geeks. All they would have to go on is one email that I would send. There job was to locate me not only down from the building all the way to the exact room and PC # I was logged into.
Well, using some of my old knowledge and tools (which are bookmarked) at work, I have narrowed your location down to Meridien, CT. [Don't worry, I would never publish your home address.] Of course, I couldn't go further because you were offline and not using your dial-up when I did this, so your ISP is not able to report back to me regarding your precise location.
I tried checking the information you displayed on these paypal scammer guys and guess what... they must have used illegal relay routing methods becuase their pathway went all over the world. However, the origination shows up as Eastern Europe.
Please be very careful with your pc. These bastards can infect it with a worm, spyware or an invisible trojan virus can infect your pc and send information back to these guys. In rereading your post what worried me was that you clicked on your email. THat act along can render you vulnerable to these bastards without you being aware of it. So, if you have spyware and anti-virus first run updates to these programs and then run them so you can check your pc. If you don't have a firewall, please get one. There are a few that are shareware that are low cost. Some firewalls automatically come with the big name antivirus.
Well, that's it. Let me know if I'm on target or not. Your ISP buys access to the internet back to Level3, so I traced your last email to all over the US on various hops through Colorado, Washington DC to Stamford and then onto Meridien. Am I way off?
Posted by: michele at January 11, 2006 04:55 PMdid you call cousin B yet? It's not everyday someone wants to give you their car!! coooool.
Posted by: Sister the elder at January 11, 2006 09:09 PMYes, I have, S the E. I'm just worried that it's gonna cost me $400 to get the thing on the road. (Back-taxes, insurance, registration... the gubmint wants money to let you do stuff, y'know. @#$% gubmint...)
Posted by: Tuning Spork at January 12, 2006 01:07 AM