Search This Blog

Tuesday, February 21, 2012

Tracking A Hacker

Tracing route to 67.40.248.33 [67.40.248.33]...
hop rtt rtt rtt ip address fully qualified domain name
1 1 1 1 70.84.211.97 61.d3.5446.static.theplanet.com
2 1 0 0 70.87.254.5 po101.dsr02.dllstx5.networklayer.com
3 159 1 67 70.85.127.109 po52.dsr02.dllstx3.networklayer.com
4 1 0 1 173.192.18.230 ae17.bbr02.eq01.dal03.networklayer.com
5 0 0 0 67.130.194.53 dax-edge-03.inet.qwest.net
6 69 53 52 67.14.49.6 ptld-agw2.inet.qwest.net
7 52 52 52 207.225.86.86 ptld-dsl-gw43-86.ptld.qwest.net
8 186 184 177 67.40.248.33 67-40-248-33.ptld.qwest.net
Posted by at

12 comments:

  1. Ne033xFebruary 21, 2012 at 9:50 PM

    Collecting data on path to 67.40.248.33 [67.40.248.33]...
    hop 1 2 3 4 5 6 7 8
    rtt (ms) 3 0 0 4 0 * 52 176
    rtt (ms) 5 0 0 0 0 * 53 171
    rtt (ms) 6 0 0 0 0 * 52 220
    rtt (ms) 0 0 0 0 6 * 53 177
    rtt (ms) 0 0 0 0 0 * 52 160
    median 3 0 0 0 0 0 52 176
    delta/2 1 0 0 0 0 0 24 62

    Graphing...
    [70.84.211.98] C27306-53609b
    1 [70.84.211.97] 61.d3.5446.static.theplanet.com
    [70.87.254.5] po101.dsr02.dllstx5.networklayer.com
    [70.85.127.109] po52.dsr02.dllstx3.networklayer.com
    [173.192.18.230] ae17.bbr02.eq01.dal03.networklayer.com
    [67.130.194.53] dax-edge-03.inet.qwest.net
    [67.14.49.6] ptld-agw2.inet.qwest.net
    24 [207.225.86.86] ptld-dsl-gw43-86.ptld.qwest.net
    62 [67.40.248.33] 67-40-248-33.ptld.qwest.net

    ReplyDelete
  2. Ne033xFebruary 21, 2012 at 9:51 PM

    Be scared - be very scared!

    ReplyDelete
  3. Ne033xFebruary 21, 2012 at 9:55 PM

    traceroute to 67.40.248.33 (67.40.248.33), 10 hops max, 60 byte packets
    1 10.116.48.3 (10.116.48.3) 0.410 ms 0.597 ms 0.581 ms
    2 10.1.50.45 (10.1.50.45) 0.352 ms 0.531 ms 10.1.44.45 (10.1.44.45) 0.523 ms
    3 10.1.51.14 (10.1.51.14) 4.193 ms 10.1.45.14 (10.1.45.14) 4.194 ms 10.1.51.14 (10.1.51.14) 4.156 ms
    4 216.182.232.54 (216.182.232.54) 30.140 ms 216.182.224.94 (216.182.224.94) 0.521 ms 216.182.224.92 (216.182.224.92) 0.489 ms
    5 72.21.220.240 (72.21.220.240) 0.627 ms 205.251.245.56 (205.251.245.56) 0.623 ms 0.595 ms
    6 72.21.222.156 (72.21.222.156) 1.322 ms 1.346 ms 1.568 ms
    7 72.21.220.158 (72.21.220.158) 30.431 ms 92.380 ms 1.620 ms
    8 dca2-edge-01.inet.qwest.net (72.165.86.73) 2.077 ms dca2-edge-01.inet.qwest.net (65.120.78.81) 2.552 ms dca2-edge-01.inet.qwest.net (72.165.86.73) 2.050 ms
    9 ptld-agw1.inet.qwest.net (67.14.49.2) 92.359 ms 92.345 ms 92.331 ms
    10 ptld-dsl-gw43-82.ptld.qwest.net (207.225.86.82) 92.324 ms 92.128 ms 91.855 ms

    ReplyDelete
  4. Ne033xFebruary 21, 2012 at 9:57 PM

    http://centralops.net/co/

    ReplyDelete
  5. Ne033xFebruary 21, 2012 at 10:11 PM

    NetRange 173.192.0.0 - 173.193.255.255
    CIDR 173.192.0.0/15
    Name SOFTLAYER-4-8
    Handle NET-173-192-0-0-1
    Parent NET173 (NET-173-0-0-0-0)
    Net Type Direct Allocation
    Origin AS AS36351
    Organization SoftLayer Technologies Inc. (SOFTL)
    Registration Date 2009-07-21
    Last Updated 2009-08-27
    Comments
    RESTful Link http://whois.arin.net/rest/net/NET-173-192-0-0-1

    ReplyDelete
  6. Ne033xFebruary 21, 2012 at 10:12 PM

    NOC IPADM258-ARIN (IPADM258-ARIN)
    Abuse ABUSE1025-ARIN (ABUSE1025-ARIN)
    Tech IPADM258-ARIN (IPADM258-ARIN)

    ReplyDelete
  7. Ne033xFebruary 21, 2012 at 10:13 PM

    Name 192.173.in-addr.arpa.
    Nameservers NS2.ARPA.GLOBAL-DATACENTER.COM
    NS1.ARPA.GLOBAL-DATACENTER.COM
    Last Updated 2009-08-27

    ReplyDelete
  8. Ne033xFebruary 21, 2012 at 10:16 PM

    All points lead to FBI Washington, DC, Seattle, WA and Dallas, TX!!!

    ReplyDelete
  9. Ne033xFebruary 22, 2012 at 1:17 AM

    Address lookup
    canonical name 67-40-248-33.ptld.qwest.net.
    aliases
    addresses 67.40.248.33


    DNS Servers:

    authns2.qwest.net
    authns1.qwest.net


    Register your domain name at http://www.cscglobal.com


    Network Whois record

    Queried whois.arin.net with "n 67.40.248.33"...

    NetRange: 67.40.0.0 - 67.42.255.255
    CIDR: 67.42.0.0/16, 67.40.0.0/15
    OriginAS:
    NetName: QWEST-INET-116
    NetHandle: NET-67-40-0-0-1
    Parent: NET-67-0-0-0-0
    NetType: Direct Allocation
    RegDate: 2001-11-27
    Updated: 2006-02-09
    Ref: http://whois.arin.net/rest/net/NET-67-40-0-0-1

    OrgName: Qwest Communications Company, LLC
    OrgId: QCC-22
    Address: 1801 California Street
    City: Denver
    StateProv: CO
    PostalCode: 80202
    Country: US
    RegDate: 2006-02-09
    Updated: 2011-09-08
    Ref: http://whois.arin.net/rest/org/QCC-22

    OrgTechHandle: QIA-ARIN
    OrgTechName: Qwest IP Admin
    OrgTechPhone: +1-703-363-3172
    OrgTechEmail: ipadmin@qwestip.net
    OrgTechRef: http://whois.arin.net/rest/poc/QIA-ARIN

    OrgAbuseHandle: QIA2-ARIN
    OrgAbuseName: Qwest Abuse
    OrgAbusePhone: +1-877-886-6515
    OrgAbuseEmail: abuse@qwest.net
    OrgAbuseRef: http://whois.arin.net/rest/poc/QIA2-ARIN

    OrgNOCHandle: QIN-ARIN
    OrgNOCName: Qwest IP NOC
    OrgNOCPhone: +1-877-886-6515
    OrgNOCEmail: support@qwestip.net
    OrgNOCRef: http://whois.arin.net/rest/poc/QIN-ARIN

    DNS records
    name class type data time to live
    67-40-248-33.ptld.qwest.net IN A 67.40.248.33 86400s (1.00:00:00)
    qwest.net IN MX
    preference: 10
    exchange: mx4.qwest.net
    3600s (01:00:00)
    qwest.net IN MX
    preference: 10
    exchange: mx1.qwest.net
    3600s (01:00:00)
    qwest.net IN MX
    preference: 10
    exchange: mx2.qwest.net
    3600s (01:00:00)
    qwest.net IN MX
    preference: 10
    exchange: mx3.qwest.net
    3600s (01:00:00)
    qwest.net IN TXT P: CUT_SLKC 86400s (1.00:00:00)
    qwest.net IN A 204.147.80.81 86400s (1.00:00:00)
    qwest.net IN SOA
    server: authns1.qwest.net
    email: dns-admin.qwestip.net
    serial: 2120209000
    refresh: 10800
    retry: 3600
    expire: 604800
    minimum ttl: 300
    86400s (1.00:00:00)
    qwest.net IN NS authns1.qwest.net 86400s (1.00:00:00)
    qwest.net IN NS authns2.qwest.net 86400s (1.00:00:00)
    33.248.40.67.in-addr.arpa IN PTR 67-40-248-33.ptld.qwest.net 86400s (1.00:00:00)

    ReplyDelete
  10. Ne033xFebruary 22, 2012 at 1:21 AM

    This comment has been removed by the author.

    ReplyDelete
  11. Ne033xFebruary 25, 2012 at 6:36 PM

    tracing path from www.net.princeton.edu to 207.225.86.86 ...

    traceroute to 207.225.86.86 (207.225.86.86), 30 hops max, 40 byte packets
    1 gigagate1 (128.112.128.114) 0.613 ms 0.340 ms 0.343 ms
    2 vgate1 (128.112.12.22) 0.397 ms 0.364 ms 0.346 ms
    3 te-1-4-3998-pe01.philadelphia.pa.ibone.comcast.net (24.104.128.89) 7.719 ms 7.335 ms 7.166 ms
    4 te-2-1-0-2-cr01.ashburn.va.ibone.comcast.net (68.86.84.177) 12.218 ms 11.834 ms 12.684 ms
    5 pos-0-2-0-0-pe01.ashburn.va.ibone.comcast.net (68.86.86.70) 12.238 ms 11.607 ms 12.352 ms
    6 ix-2-0-2-0.tcore2.AEQ-Ashburn.as6453.net (216.6.87.97) 11.151 ms 11.372 ms 12.144 ms
    7 63.146.27.97 (63.146.27.97) 9.143 ms 9.471 ms 11.799 ms
    8 * * *
    9 ptld-dsl-gw43-82.ptld.qwest.net (207.225.86.82) 84.906 ms * 85.508 ms

    Done.

    ReplyDelete
  12. Ne033xFebruary 25, 2012 at 6:39 PM

    racing route to 97.115.96.123 [97.115.96.123]...
    hop rtt rtt rtt ip address fully qualified domain name
    1 1 1 1 70.84.211.97 61.d3.5446.static.theplanet.com
    2 0 0 0 70.87.254.1 po101.dsr01.dllstx5.networklayer.com
    3 0 0 0 70.85.127.105 po51.dsr01.dllstx3.networklayer.com
    4 44 0 0 173.192.18.228 ae16.bbr02.eq01.dal03networklayer.com
    5 0 1 0 67.130.194.53 dax-edge-03.inet.qwest.net
    6 53 53 53 67.14.49.6 ptld-agw2.inet.qwest.net
    7 52 53 52 207.225.86.86 ptld-dsl-gw43-86.ptld.qwest.net
    8 151 147 147 97.115.96.123 97-115-96-123.ptld.qwest.net

    Trace complete

    -- end --

    ReplyDelete

Subscribe to: Post Comments (Atom)