Do these IP's belong to the same person?

[myownnickname]

I am the admin of a message board and in the last couple of weeks, we've had 3 new people all join who share an IP that is very similar. They claim to all be 3 seperate ppl but they all talk the same (sentence structure, grammer, etc.) and it feels like it's the same person just playing a game with us. (ugh!)

The IP's are:

4.225.213.13

4.233.41.179

4.168.138.111

Can someone help me with this, please? I hate to be untrusting of ppl, but I really feel we're being taken for a ride. I appreciate your help tremendously!

 

[jimbopalmer]

the first address is a dialup modem server in Denver CO USA owned by Level3.net

the second is a dialup modem server in Los Angeles CA USA owned by Level3.net

the third is also a dialup modem server in Los Angeles CA USA owned by Level3.net

a single account could be using all three

I tried to remain child-like, all I acheived was childish.

 

[sirbijan]

how'd ya find where they belong to jimbo? I mean the ISP names and ...?

 

[sirbijan]

I think I found the answer to my own question, I did a traceroute on the IP:

=====================================
[root@localhost hoomand]# traceroute 4.225.213.13
traceroute to 4.225.213.13 (4.225.213.13), 30 hops max, 40 byte packets
1 62.60.213.1 (62.60.213.1) 198.901 ms 216.291 ms 217.413 ms
2 192.168.2.9 (192.168.2.9) 229.661 ms 243.920 ms 245.482 ms
3 213.176.110.166 (213.176.110.166) 190.257 ms 197.419 ms 252.873 ms
4 213.176.110.254 (213.176.110.254) 258.091 ms 295.880 ms 304.374 ms
5 195.146.63.221 (195.146.63.221) 308.100 ms 312.195 ms 314.055 ms
6 62.216.144.177 (62.216.144.177) 536.055 ms 543.927 ms 548.436 ms
7 so-3-0-0.0.cjr01.nyc005.flagtel.com (62.216.128.50) 423.028 ms 431.755 ms 523.895 ms
8 ge-6-17.car3.NewYork.Level3.net (63.209.170.241) 477.104 ms 495.898 ms 495.867 ms
9 ae-2-54.bbr2.NewYork1.Level3.net (4.68.97.97) 511.763 ms ae-2-52.bbr2.NewYork1.Level3.net (4.68.97.33) 512.455 ms ae-2-56.bbr2.NewYork1.Level3.net (4.68.97.161) 517.589 ms
10 as-0-0.bbr2.Denver1.Level3.net (64.159.4.226) 559.940 ms 575.837 ms 576.439 ms
11 ge-6-0.hsa1.Denver1.Level3.net (4.68.107.3) 587.882 ms 588.087 ms ge-9-2.hsa1.Denver1.Level3.net (4.68.107.163) 596.259 ms
12 nas104.Denver1.Level3.net (63.215.28.44) 599.874 ms 599.726 ms 601.560 ms
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
=====================================

One question: shouldn't traceroute only show the IPs? In here I can see some names (actually that Denver thing!), so, does traceroute try to resolve IPs to FQDN if possible (contacting some DNS and performing some reverse lookup or something?)

 

[jimbopalmer]

Oddly, TRACERT is faster at finding names that IP's, as it waits for the DNS to timeout before admitting to just an IP

I tried to remain child-like, all I acheived was childish.