UBB.Dev
Posted By: Chevy454 IP trace question - 04/08/2004 12:20 AM
We had a new user sign up today with a suspicious username, so I ran the registration IP addy through SamSpade and here is what I got:

IP results

Could someone tell me if this is the actual ISP or if this is where all of the "on paper" info refers back to similar to what AOL does? A user we just banned a couple of days ago has an IP that falls within the same block, so I'm just curious...
Posted By: JoshPet Re: IP trace question - 04/08/2004 1:00 AM
Not much to know from that - other than they use AT&T for their internet service provider.
Posted By: Chevy454 Re: IP trace question - 04/08/2004 1:04 AM
So, is New Jersey the home office I assume? And would ANY at&t internet customer's IP come back to NJ, regardless of their actualy physical location (similar to AOL)??
Posted By: navaho Re: IP trace question - 04/08/2004 1:40 AM
It doesn't have a PTR record, but looking at the router it's attached to my quess would be Dallas Texas.

[]
traceroute to 12.37.58.3 (12.37.58.3), 30 hops max, 38 byte packets
1 core3-vlan40 (131.149.0.1) 0.603 ms 0.416 ms 0.362 ms
2 core1-4g0 (131.149.4.53) 77.454 ms 222.579 ms 0.987 ms
3 ottborder1-2-1a1-0-50.cn.playground.net (131.148.12.1) 0.748 ms 2.220 ms 1.491 ms
4 216.191.231.41 (216.191.231.41) 2.371 ms 1.972 ms 1.865 ms
5 pos8-3.core2-ott.bb.allstream.net (216.191.225.21) 1.497 ms 11.341 ms 2.739 ms
6 pos2-0.core1-ott.bb.allstream.net (216.191.65.225) 1.748 ms 1.600 ms 1.491 ms
7 pos2-1.core1-tor.bb.allstream.net (216.191.65.177) 5.994 ms 6.094 ms 6.614 ms
8 srp2-0.gwy1-tor.bb.allstream.net (216.191.65.243) 6.120 ms 7.594 ms 5.741 ms
9 12.125.142.5 (12.125.142.5) 18.361 ms 18.587 ms 17.480 ms
10 gbr6-p80.cgcil.ip.att.net (12.123.5.222) 20.612 ms 19.211 ms 18.479 ms
11 tbr2-cl7.sl9mo.ip.att.net (12.122.10.46) 27.981 ms 26.082 ms 25.101 ms
12 tbr2-cl6.dlstx.ip.att.net (12.122.10.90) 38.596 ms 38.953 ms 39.466 ms
13 ar5-p3110.[:"red"]dlstx[/].ip.att.net (12.123.16.113) 38.849 ms 38.073 ms 38.219 ms
14 12.126.182.114 (12.126.182.114) 50.093 ms 46.074 ms 48.586 ms
[/]

You're whois only shows the owner of the netblock. No more, No less. AT&T owns the netblock. That's all a whois will tell you.
Posted By: Chevy454 Re: IP trace question - 04/08/2004 4:03 AM
Thanks for all the help! Obviously I never thought to do a tracert, but that's where I should have started. I literally learn something here EVERY day...

Thanks again!
Posted By: Chevy454 Re: IP trace question - 08/10/2004 10:22 PM
Can anyone gather anything, like the location of router, from this tracert on 149.174.164.14:

[]1 66-164-240-254.bcsinfosystems.com (66.164.240.254) 0.445 ms 0.535 ms 0.483 ms
2 lvl3gw.ams1.packetexchange.net (213.19.161.1) 0.868 ms 0.743 ms 0.732 ms
3 ae-0-51.mp1.Amsterdam1.Level3.net (213.244.165.1) 1.243 ms 1.529 ms 1.359 ms
4 so-3-0-0.mp1.London2.Level3.net (212.187.128.46) 8.992 ms 8.769 ms 8.854 ms
5 as-0-0.bbr2.Washington1.Level3.net (4.68.128.102) 81.200 ms 81.263 ms 81.312 ms
6 ge-4-0-0-52.gar1.Washington1.Level3.net (4.68.121.34) 81.443 ms 81.675 ms 81.309 ms
7 pop1-vie-P6-0.atdn.net (66.185.139.85) 82.195 ms 82.017 ms 83.181 ms
8 bb2-vie-P0-0.atdn.net (66.185.139.82) 83.841 ms 83.509 ms 83.683 ms
9 bb2-rtc-P13-0.atdn.net (66.185.152.218) 86.219 ms 82.442 ms 82.478 ms
10 pop1-rtc-P15-0.atdn.net (66.185.140.99) 97.477 ms 82.460 ms 82.619 ms
11 dar1-gtc-S0-0-0.atdn.net (66.185.134.182) 82.610 ms 82.975 ms 82.583 ms
12 * * *
13 cache-gtc-aa10.proxy.aol.com (149.174.164.14) 83.166 ms 82.890 ms 83.185 ms
[/]

Thanks in advance!
Posted By: scroungr Re: IP trace question - 08/10/2004 10:37 PM
its an american online proxy

Country US
State OH
City Columbus
Postal code 43220
Posted By: Twisty Re: IP trace question - 08/11/2004 9:32 AM
OrgName: HUFFINES AUTO GROUP
OrgID: HAG-4
Address: 1001 COIT ROAD
City: PLANO
StateProv: TX
PostalCode: 75086
Country: US

NetRange: 12.37.58.0 - 12.37.58.127
CIDR: 12.37.58.0/25
NetName: HUFFINES64-58-0
NetHandle: NET-12-37-58-0-1
Parent: NET-12-0-0-0-1
NetType: Reassigned
Comment:
RegDate: 2001-02-14
Updated: 2001-02-14

TechHandle: MT611-ARIN
TechName: Torigian, Mike
TechPhone: +1-713-850-5000
TechEmail: [][email protected][/]

OrgTechHandle: MT611-ARIN
OrgTechName: Torigian, Mike
OrgTechPhone: +1-713-850-5000
OrgTechEmail: [][email protected][/]

TARGET: 12.37.58.3
NAME: HUFFINES64-58-0
NUMBER: 12.37.58.0 - 12.37.58.127
CITY: PLANO
STATE: TEXAS
COUNTRY: US
LAT: 33.06
LONG: -96.74
LAT_LONG_GRAN: City
LAST_UPDATED: 14-Feb-2001
NIC: ARIN
LOOKUP_TYPE: Block Allocation
RATING:
DOMAIN_GUESS: first-point.net
STATUS: OK



FIRST-POINT.NET...

Registrant:
Kelly, Frank
(23579713I)
756 River Road
Fair Haven, NJ 07704
US
Phone: (312) 655-1500
Fax: (312) 655-1501

Domain Name: FIRST-POINT.NET

Administrative Contact , Technical Contact :
Kelly, Frank
(CKVGCGOAEI)
[][email protected][/]
756 River Road
Fair Haven, NJ 07704
US
Phone: (312) 655-1500
Fax: (312) 655-1501

Record expires on 17-Feb-2005
Record created on 17-Feb-1999
Database last updated on 07-Jul-2004

Domain servers in listed order: Manage DNS

NS.JUMP.NET 140.239.96.12
NS2.JUMP.NET 64.55.216.12
Posted By: DrChaos Re: IP trace question - 08/11/2004 2:15 PM
Twisty, where did you do a search to get results like that?
Posted By: Twisty Re: IP trace question - 08/12/2004 11:03 AM
http://dnsstuff.com/
© UBB.Developers