An investigation into the geographical locations of Internet Protocol (IP) addresses used for the Mumbai terror attacks led the police to places in Pakistan, Russia, Kuwait and the United States. Five of the 10 locations traced are in Pakistan, Crime Branch Cyber Cell inspector Mukund Pawar said in his testimony before the special sessions court here on Wednesday.
The U.S. Federal Bureau of Investigation gave the Indian police a list of 10 IP addresses. As per the charge sheet, it is from these addresses that the email id firstname.lastname@example.org was allegedly accessed to make payments to CallPhonex, a U.S.-based Internet communication service provider.
Mr. Pawar said he was tasked with finding the actual locations from where the IPs were accessed. Cyber Cell officials used the services of the website www.all-nettools.com to trace the physical addresses. “I downloaded the information available on the website in respect of the 10 addresses.”
Five IPs — 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, and 184.108.40.206 — were traced to Pakistan, the witness said. The IP 220.127.116.11 threw up the names Col. R Saadat Ullah and Khurram Shazad from SCO Kasim Road, Rawalpindi. Another IP led to Sajid Iftikhar, seventh floor, EFU House, Jail Road, Lahore. The rest of the three IPs were traced to World Call Network Operations, 16-S, Gulberg, Pakistan.
The remaining five addresses were proxies, traced to Chicago, Moscow and Safat in Kuwait.
The court raised doubts over the credibility of this investigation as the source of information was a website. “Is it an authorised website? Where did the website get the location from,” asked judge M.L. Tahaliyani. The officer replied: “It is a foreign website.”
Noting that none other than “your service provider could divulge details of your IP and the location,” Mr. Tahaliyani said tracing the location of a user by using the services of a website could amount to breach of privacy. He was also sceptical of the merits of this technical evidence.