Help to decipher this IP info please ...

Discussion in 'Computer Support' started by me, Apr 14, 2007.

  1. me

    me Guest

    Someone used my wife's credit AND debit card to make transactions online.
    She found out the IP address of the origin.I did a lookup,but not sure
    exactly what to look for.
    Below is the IP address and the info it returned. She will be making a
    police report and we also want to contact the ISP and report it to them.
    There are several email addresses and phone numbers,which would be best to
    use?(abuse?)
    Or should we just forward this whole info page to the FBI?
    thanks for your help.


    Search results for: 74.193.122.155

    OrgName: Suddenlink Communications
    OrgID: SUDDE
    Address: 1021 ESE Loop 323
    Address: Suite 100
    City: Tyler
    StateProv: TX
    PostalCode: 75701
    Country: US

    ReferralServer: rwhois://rwhois.suddenlink.net:4321

    NetRange: 74.192.0.0 - 74.195.255.255
    CIDR: 74.192.0.0/14
    NetName: SUDDE-NETBLK
    NetHandle: NET-74-192-0-0-1
    Parent: NET-74-0-0-0-0
    NetType: Direct Allocation
    NameServer: NS1.SUDDENLINK.NET
    NameServer: NS2.SUDDENLINK.NET
    Comment:
    RegDate: 2006-09-27
    Updated: 2006-09-27

    OrgAbuseHandle: ABUSE1394-ARIN
    OrgAbuseName: Abuse
    OrgAbusePhone: +1-903-266-4800
    OrgAbuseEmail:

    OrgNOCHandle: NOC1310-ARIN
    OrgNOCName: Network Operations Center
    OrgNOCPhone: +1-903-939-9008
    OrgNOCEmail:

    OrgTechHandle: DNSHO5-ARIN
    OrgTechName: DNS Hosting
    OrgTechPhone: +1-903-266-4836
    OrgTechEmail:

    # ARIN WHOIS database, last updated 2007-04-13 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.
     
    me, Apr 14, 2007
    #1
    1. Advertisements

  2. me

    Bert Hyman Guest

    In "me"
    If you're actually making a police report, just give them the IP
    address; I understand that they actually pay people to do things like
    this.

    And it would probably not be a good idea for you to contact the ISP
    yourself.
     
    Bert Hyman, Apr 14, 2007
    #2
    1. Advertisements


  3. Mail & call them and tell them to log all activity from IP:

    74.193.122.155


    call
    888-822-5151
     
    Milhouse Van Houten, Apr 14, 2007
    #3
  4. me

    Len Guest

    What did they order? Is it a company she has used before or one that she
    has not been near?
    What did she do to find out the IP number you quoted? It usually takes
    time, so she should have contacted the police and card companies by now.
    The ISP will not give you the details - it is possible it was done
    anonymously anyway. So you will never trace the person unless items were
    delivered to an address. Even the address could have been rented or vacant.
    The company will be able to give full details of the names and addresses
    used to place orders, it would not have been accepted unless they knew the
    name on the card and in some cases personal details.

    In the UK we have chip & pin, so you need a 4 digit code. This has led to
    chip&pin machines being tampered with such as in SHELL petrol stations last
    year. A lot of stolen details are used abroad as they can't easily be used
    in the UK if there is a PIN number involved. The major problem with UK
    cards is that they have a magnetic strip which defeats the object of the
    chip!

    You would be best speaking to the police and allowing them to investigate as
    they will be able to request the details required. In the UK a customer has
    to prove they didn't make the transaction and with chip&pin that's
    difficult. Even if your card details are stolen and pin stolen at petrol
    stations and supermarkets by cameras looking on to the keypad, you are
    blamed.
    It was to give the banks a way out of paying up and stopping dishonest
    retailers using stolen cards.
     
    Len, Apr 14, 2007
    #4

  5. In the US one calls the credit card company and disputes the charge,
    it is usually immediately withdrawn.. Only reinstated when proof to
    the contrary exists.
     
    Milhouse Van Houten, Apr 14, 2007
    #5
  6. me

    me Guest

    We're in the US. It actually happened to her credit card first,so she
    cancelled it,and they gave her the IP address 75.30.129.20
    AND the email address that was used by the person on the purchase. She
    cancelled the card just to be sure.

    Then it happened to her debit card. IP address 74.193.122.155 usng my wife's
    actual email address !!
    She called the card issuers directly today when she saw the transactions on
    her statement online.

    They made payments to the same online porn site,so no actual goods were sent
    to an address.

    She cancelled both cards,but she is still out money. It's not a lot,but its
    the principle of it.

    I was thinking it may have been from online transactions that she has
    made,and somehow someone got her details,like if she had to talk to an
    operator to take her order or something.
     
    me, Apr 14, 2007
    #6
  7. me

    Pennywise Guest

    Ya, the best security can't stop the operator or person who receives
    your Info from abusing it, and it happens a lot.

    Also how you access the internet.

    I use Clearwire (http://clearwire.com/) as my HighSpeed provider, it's
    a wifi setup. Right in the TOS it mentions that anyone using packet
    snooper like Ethereal (http://www.ethereal.com/) could intercept all
    my traffic :)
     
    Pennywise, Apr 14, 2007
    #7
  8. me

    Whiskers Guest

    Your wife may have fallen for one or more 'phishing' scams - for example,
    she may followed the instructions in an email pretending to be from her
    bank or credit-card company asking for 'confirmation' of her personal
    information to be typed into a web-site masquerading as the genuine one.

    Hint for future reference: banks and credit-card companies don't do that
    sort of thing, even if they know your email address. Never trust any
    email claiming to come from your bank etc without contacting that bank
    directly for confirmation. Do not click on links in HTML email.
     
    Whiskers, Apr 14, 2007
    #8
  9. me

    me Guest


    Interesting thought about the phishing,but I managed to drum it into her
    head long ago not to respond to any of those types of emails,so I dont think
    she got caught out that way.
     
    me, Apr 14, 2007
    #9
  10. me

    GHalleck Guest


    Sure she did because thieves know more ways of getting the essential
    information than the user knows about how to protect it. There is a
    lot more than merely checking e-mails and avoiding the obvious. It
    is the spamming e-mail, for instance, that might really be the most
    dangerous, especially one in html and containing web-bots, scripts,
    etc. One must always have running anti-virus, anti-malware and
    anti-adware applications with current definitions. Firewalls should
    be set up to block unknown, outgoing calls. Non-essential Microsoft
    Windows processes that are vulnerable to outside hacking should be
    disabled. Cookies should be eliminated, especially those that were
    created as a result of on-line transactions. The computer that surfs
    the Internet is a potential minefield to its owner; do regular sweeps
    to make sure that it has not been infiltrated.
     
    GHalleck, Apr 15, 2007
    #10
  11. me

    Mike Easter Guest

    74.193.122.155 rDNS
    r74-193-122-155.drdrcmta01.drdrla.by.dh.suddenlink.net

    The IP is in a /14 netblock [1024 class C blocks or 262,144 IPs]
    belonging to Suddenlink, but suddenlink's whois shows that a single
    class C block 74.193.122.0/24 containing that IP is assigned to an
    'entity' whose geo address is 1501 North Pine, DeRidder, LA. That is
    the address of a Cable TV business which in 2004 was listed as the
    address for the Cox Communications of DeRidder, but later shows up with
    a Suddenlink address in DeRidder. So, you are back to the original
    suddenlink 'owner' shown in the arin lookup.

    The other IP you gave 75.30.129.20 rDNS
    adsl-75-30-129-20.dsl.rcsntx.sbcglobal.net is a Southwestern Bell which
    geo is somewhere around Richardson, TX, which is just north of Dallas.
    Richardson is over 300 miles from DeRidder, so the two IPs don't have a
    close geo approximation.

    If the 74 IP is a cable modem, those IPs tend to 'stick' to the same
    client for months at a time, whereas the DSL type 75 IP is much more
    dynamic.

    Providers will respond to subpoenas, sometimes the ability to associate
    an IP with a meatspace persona is pretty good. Other times it is not.
     
    Mike Easter, Apr 15, 2007
    #11
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.