Groups

    IP address help

    Hello people, my parents credit card has been fraudulently used by someone, the bank has cancelled the payment but the company are demanding payment for the 'services' which it was used for. The company claim payment was made online using an ip address starting 172.20.xxx.xx but the companies ip address is also 172.20.xx.xx, would it be reasonable to assume the card was used by the company on the companies network and theyre trying to scam us? I dont know much about ip address's but they look suspiciously similar.

    Rep for helpful replies.

    10 Comments

    Original Poster

    dcx_badass;6930639

    Yup that would be reasonable, or someone on the same ISP, you could do … Yup that would be reasonable, or someone on the same ISP, you could do with finding out who owns that IP range.



    Both are private ip address's apparently so would they be owned by an ISP?

    forgive me if i am wrong but 172.x.x.x is a private range and only used internally same as 10.x.x.x

    I'd say that's reasonable to assume too.

    Not sure if this is significant, but if you search any 172.20.x.x IP's on ws.arin.net/whois/ it says they are in a block of IP addresses reserved for "private internets".

    EDIT: took too long to post, lol... but here's some more "private network" info:

    "Machines with these addresses do not have direct access to the Internet … "Machines with these addresses do not have direct access to the Internet (they cannot "ping"). In order to access Internet resources, they must go through a proxy firewall."

    lzachTC;6930859

    I'd say that's reasonable to assume too. Not sure if this is significant, … I'd say that's reasonable to assume too. Not sure if this is significant, but if you search any 172.20.x.x IP's on http://ws.arin.net/whois/ it says they are in a block of IP addresses reserved for "private internets".



    yeah, as i said, they are not permitted on the internet and they will noy get routed. That transaction must have been internal....:thumbsup:

    the internal ip address is just that ...... internal
    its not visible to the outside world. for instance if you have 3 pcs in the house then they would have 3 different internal ip addresses but the outside world would only ever see their external IP which would be the same for all 3

    Original Poster

    mosskeeto;6930796

    forgive me if i am wrong but 172.x.x.x is a private range and only used … forgive me if i am wrong but 172.x.x.x is a private range and only used internally same as 10.x.x.x



    lzachTC;6930859

    I'd say that's reasonable to assume too. Not sure if this is significant, … I'd say that's reasonable to assume too. Not sure if this is significant, but if you search any 172.20.x.x IP's on http://ws.arin.net/whois/ it says they are in a block of IP addresses reserved for "private internets".EDIT: took too long to post, lol... but here's some more "private network" info:



    mosskeeto;6930881

    yeah, as i said, they are not permitted on the internet and they will noy … yeah, as i said, they are not permitted on the internet and they will noy get routed. That transaction must have been internal....:thumbsup:



    Yeah i was thinking this which is why i thought the company must have used the card themselves.

    dcx_badass;6930874

    Have you got the whole ip address? And how did you find out what the … Have you got the whole ip address? And how did you find out what the companies is?



    Yeah i have the whole ip address's. They sent us their copy of the transactions which use a third party site for payments (like paypal) and it showed customer ip and merchant ip.

    Looks like it could be a possibility that someone on-site used your details.

    Either that or this theory:
    - You enter your card details
    - They're processed and sent of to a server (used by the merchant for relaying card details to the payment merchant)
    - Which in turn then relays your details to the payment system

    You ---> Proxy server which relays card details --> Payment merchant
    instead of...
    You ---> Payment merchant

    So, the reason for the private IP appearing as the "customer IP" is because it's identifying the "customer" as the server which relayed the card details.

    Original Poster

    oldmanhouse;6931090

    Looks like it could be a possibility that someone on-site used your … Looks like it could be a possibility that someone on-site used your details.Either that or this theory:- You enter your card details- They're processed and sent of to a server (used by the merchant for relaying card details to the payment merchant)- Which in turn then relays your details to the payment systemYou ---> Proxy server which relays card details --> Payment merchantinstead of...You ---> Payment merchantSo, the reason for the private IP appearing as the "customer IP" is because it's identifying the "customer" as the server which relayed the card details.



    yeah i would go along with that theory but in one of the letters the company sent they said "...this payment was made online by yourself on ip address 172.20.xxx.xx" so by their records that was the ip address used by the person who entered the card details :thinking: thanks tho + rep :thumbsup:

    phone them up and point out that the ip address they have provided is an internal ip address and as such could not have been used to make the purchase and ask them to investigate further. BTW the company would have to prove that it was you that used the service. it sounds to me like they're trying to bully/bluff you into paying

    Original Poster

    wolf359;6931851

    phone them up and point out that the ip address they have provided is an … phone them up and point out that the ip address they have provided is an internal ip address and as such could not have been used to make the purchase and ask them to investigate further. BTW the company would have to prove that it was you that used the service. it sounds to me like they're trying to bully/bluff you into paying



    Cheers OFT are investigating atm, my dad wants to keep all contact to a minimum, i think the stress is starting to affect him now, he's been receiving silent phonecalls a few times a day from a withheld number since all this has happened and the letters are quite intimidating so im trying to help sort it all out quickly for him. Thanks for all your replies guys, left rep for you all.
    Post a comment
    Avatar
    @
      Text
      Top Discussions
      1. BT FIBRE EXISTING CUSTOMER44
      2. Virgin Media when moving house58
      3. Digital ps4 games11
      4. Android Box539

      See more discussions