Please look up this IP for me.

Joined
12 November 2002
Messages
357
Location
Spokane, WA
I just put in a 10 hour day trying to stay one step ahead of this guy who got a hold of my credit card number off the internet.

He took over these accounts:
PayPal
Ebay
Hotmail
Yahoo
Neteller

I have regained control to all these accounts thanks to instant email notification and wireless web on my cell phone! Otherwise, I would have never noticed any of the activity on any of my accounts and this guy would have made off with my whole bank account.
The only reason I got my Yahoo and Hotmail accounts back is because my cell phone's wireless web service keeps these accounts open, so when the guy changed my passwords, i was able to retrieve them through my phone. NO THANKS at all to Hotmail or Yahoo, who give absolutely no chat or phone support for this sort of problem! Ebay and PayPal were on the ball, so mass kudos to them. Neteller was not much help, so I closed my checking account before they could retrieve funds transferred by this guy.

Anyway, I would like to know exactly where all this activity came from, so here's the IP address: 66.111.227.132

Any members who find out they live near this guy after we find out where he lives, feel free to beat the snot out of him! I think he lives in Turkey, though :frown:

To avoid this happening to you, erase your credit card information from your email accounts. This is the only way this guy was able to access my accounts without a password.

I have yet to find out how he got my credit card number.

Thanks,
Dave
 
OrgName: WebHostPlus Inc
OrgID: WEBHO-3
Address: 2115 Linwood avenue
City: Fort Lee
StateProv: NJ
PostalCode: 07024
Country: US

NetRange: 66.111.192.0 - 66.111.255.255
CIDR: 66.111.192.0/18
NetName: WEBHOSTPLUS-INC
NetHandle: NET-66-111-192-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.WEBHOSTPLUS.NET
NameServer: NS2.WEBHOSTPLUS.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Comment:
RegDate: 2001-05-30
Updated: 2005-03-16

OrgAbuseHandle: ABUSE396-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-201-520-1800
OrgAbuseEmail: [email protected]

OrgTechHandle: WEBHO1-ARIN
OrgTechName: WEBHOSTPLUS NOC
OrgTechPhone: +1-201-520-1800
OrgTechEmail: [email protected]

# ARIN WHOIS database, last updated 2006-03-17 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
 
tochigidream said:
To avoid this happening to you, erase your credit card information from your email accounts. This is the only way this guy was able to access my accounts without a password.

So was the problem that your CC info was on file with your email provider or was the problem that you emailed your CC info at some point in time and he found it in your inbox/outbox?

-- Joe
 
JoeSchmoe said:
So was the problem that your CC info was on file with your email provider or was the problem that you emailed your CC info at some point in time and he found it in your inbox/outbox?

-- Joe

I used my credit card this last weekend to make an online purchase on a site I've used frequently for the last couple years. I have no idea how he got it, but he used my billing info (with my credit card number) to access my accounts. My credit card was on file with my email providers. Instead of a password, billing info with a credit card number will work just as well.

Dave

Thanks Joel!
 
satan_srv said:
OrgName: WebHostPlus Inc
OrgID: WEBHO-3
Address: 2115 Linwood avenue
City: Fort Lee
StateProv: NJ
PostalCode: 07024
Country: US

NetRange: 66.111.192.0 - 66.111.255.255
CIDR: 66.111.192.0/18
NetName: WEBHOSTPLUS-INC
NetHandle: NET-66-111-192-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.WEBHOSTPLUS.NET
NameServer: NS2.WEBHOSTPLUS.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Comment:
RegDate: 2001-05-30
Updated: 2005-03-16

OrgAbuseHandle: ABUSE396-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-201-520-1800
OrgAbuseEmail: [email protected]

OrgTechHandle: WEBHO1-ARIN
OrgTechName: WEBHOSTPLUS NOC
OrgTechPhone: +1-201-520-1800
OrgTechEmail: [email protected]

# ARIN WHOIS database, last updated 2006-03-17 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.



wow
 
this is just the ISP info... you can dig more and find out who it was... just requires a supeana... but the ISP keeps logs of every account, and where they came from and what times... just for such legal issues.
 
So basically....with that information posted above, this guy should be screwed right? I sure hope that's the case...would be nice to see the punk arrested. Although it's probably a 12 year old kid.
 
Seems webhostplus is only a hosting company.
Suppose the guy knew what he was doing.

You might wanna check their abuse account, normally [email protected] , but dont hold up your hopes.
You need all sorts off logs before they will do anything.

Well, thats my personal expierience with hosting companys. They realy dont care.
 
Back
Top