Tracing annoymouse emails

gr0und
7 years ago

0

Hey guys so I have been receiving strange emails of recent how every all the ip’s i try to get from them are really confusing. What can I do to trace who it is sending them?

I am a basic novice…

13replies
3voices
260views
dloser
7 years ago

0

Confusing?

If the annoying mouse is somewhat smart, they will use some proxy so their own IP will not show.

gr0und
7 years ago

0

Here is the header from the email,

Return-Path: lillianeve@gmail.com

Received-SPF: pass (google.com: domain of lillianeve@gmail.com designates 2607:f8b0:4003:c06::231 as permitted sender) client-ip=2607:f8b0:4003:c06::231;
Authentication-Results: mx.google.com;
dkim=pass header.i=@gmail.com;
spf=pass (google.com: domain of lillianeve@gmail.com designates 2607:f8b0:4003:c06::231 as permitted sender) smtp.mailfrom=lillianeve@gmail.com;

My question is how do you trace something through a proxy?

L00PeR
7 years ago

0

If you are using gmail, click on show original and show us the hole code or paste it on: http://www.ip2location.com/free/email-tracer

That webpage will tell you the IP, but, as @gr0und said, he might be using a proxy….

For checking if that IP is his IP and not the proxy’s one, you can use this page: http://whois.domaintools.com/.

That page will return you something like this:
```NetRange: 216.58.192.0 - 216.58.223.255
CIDR: 216.58.192.0/19
NetName: GOOGLE
NetHandle: NET-216-58-192-0-1
Parent: NET216 (NET-216-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS15169
Organization: Google Inc. (GOGL)
RegDate: 2012-01-27
Updated: 2012-01-27
Ref: https://whois.arin.net/rest/net/NET-216-58-192-0-1

OrgName: Google Inc.
OrgId: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
RegDate: 2000-03-30
Updated: 2017-01-28
Ref: https://whois.arin.net/rest/org/GOGL

OrgAbuseHandle: ABUSE5250-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-650-253-0000
OrgAbuseEmail:
OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE5250-ARIN

OrgTechHandle: ZG39-ARIN
OrgTechName: Google Inc
OrgTechPhone: +1-650-253-0000
OrgTechEmail:
OrgTechRef: https://whois.arin.net/rest/poc/ZG39-ARIN```
(This is what returns when you type Google’s IP)

You can extract the data you need from there :p.

dloser
7 years ago

0

@L00PeR**: gr0und is OP. ;)

@gr0und**: The IP you mentioned is the one from google’s server. It won’t do you any good. And the fact that it’s a gmail address, makes it unlikely that the IP you want is mentioned anywhere.

There is also not much you can do when people are using a proxy.

But even if you would get the IP somehow, then what? What are you expecting to achieve with it?

L00PeR
7 years ago

0

I’m not sure what kind of mails that person send him, but if that person is insulting or impending him he could give the IP to the police.

dloser
7 years ago

0

Perhaps he should just go to the police then and let them figure out the IP. :p

gr0und
7 years ago

0

Ha how am I op dloser?

They come into my spam box but they are so personalized its unreal. All I would like to achieve is to find out who is sending them. Is there a web bug I could attach that would reveal the true sender of these emails? Or do you think it is a lost cause?

L00PeR
7 years ago

0

Well if you are meaning to hack into the proxy server…. xD
You can try….

JOKE!!, PLEASE DON’T TRY…

L00PeR
7 years ago

0

And then sniffing the packets and finding the IP which is sending emails to your account… xD

I REPEAT, DON’T TRYYY!!! XD

L00PeR
7 years ago

0

Just talk with the police if that person disturbs you too much.

dloser
7 years ago

0

@gr0und: http://www.urbandictionary.com/define.php?term=op

And yes, lost cause, no bugs.

Best information you have is the reply-to address and possible links that might be in the mail. But I doubt it’ll be of any use.

Spam is spam. Anything you (or someone else about you) put out there can and will be used.

L00PeR
7 years ago

0

You can also try doing some information gathering…
Which is the mail of that guy??
Try searching for a Facebook account, Linkedin, Twitter…. Which has a similar/identical name to the mail address.

gr0und
7 years ago

0

I cant say it is harassment of any kind its just aroused my curiosity, this was th email that hit me the hardest with the thoughts as it reflected what had been going on up stairs:

“Its the exact right moment because it fits where you are now. Maybe if you had opened my emails a year ago it wouldn’t have made the same kind of sense to you. It happens to me all the time where I will be playing with an idea in my head or practicing a new perspective and I will see words that reflect that same idea in random advertisement or the tiniest snippet I hear from someone else’s conversation.”

I think I am just the one in a million sucker who has found something in spam email. Funny you don’t understand the power of these people till you fall for the trick your self.

Thanks for your suggestions with regards to sniffing the packets dude but I really don’t want to get in trouble with the 50.

Discussion thread has been locked. You can no longer add new posts.
1 of 14

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss