can this be traced?

On June 2, some scumbag emptied my e-gold account from 69.143.136.149
after disabling access from 86.144.184.151. Is it possible to trace
exactly where these machines are?

Thanks

Re: can this be traced?

thedarkman wrote:
> On June 2, some scumbag emptied my e-gold account from 69.143.136.149
> after disabling access from 86.144.184.151. Is it possible to trace
> exactly where these machines are?

The two providers know. You can reach them at abuse@comcast.net and
abuse@btbroadband.com.

Yours,
VB.
--
"If you want to play with a piece of windows software that makes you
click all over the place, there's always minesweeper."

Kyle Stedman about "Personal Firewalls" in c.s.f

Re: can this be traced?

"thedarkman" wrote in message
news:1149410621.325488.305910@i39g2000cwa.googlegroups.com.. .
>
>
> On June 2, some scumbag emptied my e-gold account from 69.143.136.149

IP: 69.143.136.149
Country: United States
City: Arlington, Virginia


> after disabling access from 86.144.184.151.

IP: 86.144.184.151
Country: United Kingdom
City: Unknown

Re: can this be traced?

thedarkman wrote:
> On June 2, some scumbag emptied my e-gold account from 69.143.136.149
> after disabling access from 86.144.184.151. Is it possible to trace
> exactly where these machines are?

69.143.136.149 rDNS c-69-143-136-149.hsd1.va.comcast.net
86.144.184.151 rDNS host86-144-184-151.range86-144.btcentralplus.com

Neither are listed on known proxy lists of spamsources

The comcast looks like a highspeed dynamic in VA US.
The btcentralplus is a dynamic in the UK - maybe also broadband

When there is sufficient law enforcement or judicial interest in the
behavior of a particular IP address at a particular time, the provider/s
can be subpoenaed to turn over their logs or records to aid in the
identification of the meatspace identity of the client who controlled
that IP at the time.

In the case of broadbands, sometimes they are serving as an abused
proxy, unwitting to their own activities.

--
Mike Easter

Re: can this be traced?

On 4 Jun 2006 01:43:41 -0700, "thedarkman"
wrote:

>
>
>On June 2, some scumbag emptied my e-gold account from 69.143.136.149
>after disabling access from 86.144.184.151. Is it possible to trace
>exactly where these machines are?
>
>Thanks


69.143.136.149 Arlington, Virginia, USA
OrgAbuseHandle: NAPO-ARIN
OrgAbuseName: Network Abuse and Policy Observance
OrgAbusePhone: +1-856-317-7272
OrgAbuseEmail: abuse@comcast.net

OrgTechHandle: IC161-ARIN
OrgTechName: Comcast Cable Communications Inc
OrgTechPhone: +1-856-317-7200
OrgTechEmail: CNIPEO-Ip-registration@cable.comcast.com




86.144.184.151 Maidstone, England , UK
abuse-mailbox: abuse@btbroadband.com

role: BT CENTRAL PLUS - OPERATIONAL SUPPORT
remarks: ******************************************************
remarks: * Please send abuse reports to abuse@btbroadband.com *

source: RIPE

% Information related to '86.128.0.0/10AS2856'

route: 86.128.0.0/10
descr: BT Public Internet Service
origin: AS2856
mnt-by: BTNET-MNT
changed: ipmaster@bt.com 20050212
source: RIPE

--

-Graham

remove the double 'e' to email me.

Re: can this be traced?

Mike Easter wrote:

> thedarkman wrote:
>> On June 2, some scumbag emptied my e-gold account from 69.143.136.149
>> after disabling access from 86.144.184.151. Is it possible to trace
>> exactly where these machines are?
>
> 69.143.136.149 rDNS c-69-143-136-149.hsd1.va.comcast.net
> 86.144.184.151 rDNS host86-144-184-151.range86-144.btcentralplus.com
>
>
> When there is sufficient law enforcement or judicial interest in the
> behavior of a particular IP address at a particular time, the provider/s
> can be subpoenaed to turn over their logs or records to aid in the
> identification of the meatspace identity of the client who controlled
> that IP at the time.
>

I would say online fraud qualifies for such interest.

Re: can this be traced?

"thedarkman" wrote in message
news:1149410621.325488.305910@i39g2000cwa.googlegroups.com.. .
>
>
> On June 2, some scumbag emptied my e-gold account from 69.143.136.149
> after disabling access from 86.144.184.151. Is it possible to trace
> exactly where these machines are?
>

Most likely, the perpetrator hacked someone's machine remotely and used the
machine and its IP to get to your account. You don't think he or she is
going to leave a trail back to he or she do you?

Your money is gone and you're not going to get it back-- practice safe hex.

Duane :)

Re: can this be traced?

Duane Arnold wrote:

> Your money is gone and you're not going to get it back-- practice safe hex.

It's e-Gold, so you can demand your money back because

1. their lack of security is devasting, as always
2. you most likely didn't lawfully agree to take any responsibility

Re: can this be traced?

"thedarkman" writes:



>On June 2, some scumbag emptied my e-gold account from 69.143.136.149
>after disabling access from 86.144.184.151. Is it possible to trace
>exactly where these machines are?

>Thanks

>whois 69.143.136.149
Comcast Cable Communications, Inc. JUMPSTART-3 (NET-69-136-0-0-1)
69.136.0.0 - 69.143.255.255
Comcast Cable Communications, Inc. DC-20 (NET-69-143-0-0-1)
69.143.0.0 - 69.143.255.255


whois 86.144.184.151

% Information related to '86.142.0.0 - 86.144.255.255'

inetnum: 86.142.0.0 - 86.144.255.255
remarks: ******************************************************
remarks: * Please send abuse reports to abuse@btbroadband.com *
remarks: ******************************************************
netname: BT-CENTRAL-PLUS
descr: IP pools
country: GB
admin-c: BTCP1-RIPE
tech-c: BTCP1-RIPE
status: ASSIGNED PA
mnt-by: BTNET-MNT
mnt-lower: BTNET-MNT
mnt-routes: BTNET-MNT
source: RIPE # Filtered

role: BT CENTRAL PLUS - OPERATIONAL SUPPORT
remarks: ******************************************************
remarks: * Please send abuse reports to abuse@btbroadband.com *
remarks: ******************************************************
address: BT
address: Wholesale
address: UK
abuse-mailbox: abuse@btbroadband.com
admin-c: PC487-RIPE
tech-c: SR401-RIPE
nic-hdl: BTCP1-RIPE
mnt-by: BTNET-MNT
source: RIPE # Filtered

% Information related to '86.128.0.0/10AS2856'

route: 86.128.0.0/10
descr: BT Public Internet Service
origin: AS2856
mnt-by: BTNET-MNT
source: RIPE # Filtered

Re: can this be traced?

Thanks for the prompt response guys; not sure if this crook is in the
UK or US but will try to trace him. I lost $179, which isn't a bundle
but I've recently beenn retired on medical grounds, I suffer from
chronic neck and head pain, needless to say this has increased it.

If he can hack my account though I'll wager he's doing it to other
people big time. Surely they can freeze his account? E-Gold told me
they can't although they have stopped him receiving funds.

Anyone wants to contact me direct, my address is
a_baron[AT]ntlworld.com. The Demon address is for Usenet use only, I'm
no longer with Demon.

Thanks


Unruh wrote:
> "thedarkman" writes:
>
>
>
> >On June 2, some scumbag emptied my e-gold account from 69.143.136.149
> >after disabling access from 86.144.184.151. Is it possible to trace
> >exactly where these machines are?
>
> >Thanks
>
> >whois 69.143.136.149
> Comcast Cable Communications, Inc. JUMPSTART-3 (NET-69-136-0-0-1)
> 69.136.0.0 - 69.143.255.255
> Comcast Cable Communications, Inc. DC-20 (NET-69-143-0-0-1)
> 69.143.0.0 - 69.143.255.255
>
>
> whois 86.144.184.151
>
> % Information related to '86.142.0.0 - 86.144.255.255'
>
> inetnum: 86.142.0.0 - 86.144.255.255
> remarks: ******************************************************
> remarks: * Please send abuse reports to abuse@btbroadband.com *
> remarks: ******************************************************
> netname: BT-CENTRAL-PLUS
> descr: IP pools
> country: GB
> admin-c: BTCP1-RIPE
> tech-c: BTCP1-RIPE
> status: ASSIGNED PA
> mnt-by: BTNET-MNT
> mnt-lower: BTNET-MNT
> mnt-routes: BTNET-MNT
> source: RIPE # Filtered
>
> role: BT CENTRAL PLUS - OPERATIONAL SUPPORT
> remarks: ******************************************************
> remarks: * Please send abuse reports to abuse@btbroadband.com *
> remarks: ******************************************************
> address: BT
> address: Wholesale
> address: UK
> abuse-mailbox: abuse@btbroadband.com
> admin-c: PC487-RIPE
> tech-c: SR401-RIPE
> nic-hdl: BTCP1-RIPE
> mnt-by: BTNET-MNT
> source: RIPE # Filtered
>
> % Information related to '86.128.0.0/10AS2856'
>
> route: 86.128.0.0/10
> descr: BT Public Internet Service
> origin: AS2856
> mnt-by: BTNET-MNT
> source: RIPE # Filtered