Ducati Sporting Club UK
Idle Chat
Still needs to be clean and of value to the club.
 
 
Thread Tools Display Modes
  #1  
Old 20-Mar-2004, 17:50
rockhopper's Avatar
rockhopper rockhopper is offline
Registered Forum User
Ducati Corse
 
Posts: 3,367
Join Date: Jul 2001
IP address tracing

Anyone know how to trace an email address? Someone has sent me a rather nasty email from a made up hotmail address. They know personal stuff about me so it narrows it down to a few people it could be. I got the IP address from the email header. Can this tell me anything such as the area of the country or the ISP that was used? Can i match it up with normal emails they might have sent me or does it change each time you log on?

I'm not suggesting that its anyone off here by the way, the stuff they have said is stuff that no one on here knows about!!
Quote+Reply
  #2  
Old 20-Mar-2004, 18:36
Athelstan's Avatar
Athelstan Athelstan is offline
Registered Forum User
Mille
 
Posts: 325
Join Date: Jul 2003
Mood: Abbia Divertimento---o0o---Cassaforte Di Soggiomo
Tracing

Rockhopper
I do not know what the legal situation is in UK, but here the provider of your own ISP has a duty to inform you (if requested) who the sender's ISP is and a contact address. You then take it up with them and they have a duty to either: a) block the sender or b) provide your legal team with the identity of the sender as evidence in proceedings. So why not try this out with your ISP? Good Luck.
Quote+Reply
  #3  
Old 20-Mar-2004, 18:42
kwikbitch's Avatar
kwikbitch kwikbitch is offline
Registered Forum User
Ducati Meccanica
 
Posts: 2,911
Join Date: Sep 2003
Mood: Smiley and waiting for the sunshine
Athelstan is right...
Paul...Try this...

http://www.dnsstuff.com/

Once you find out who owns the IP address you can write to them asking for the telephone number if it is a dial up or the address if the IP is fixed.
You can also E-mail the ISP and get the IP address shut down.
If they have used something like ghost surf the IP address you received will have been bounced off anonymous servers from around the world. That makes the IP address fake. So then you wont be able to trace it...
LX

[Edited on 20-3-2004 by kwikbitch]
Quote+Reply
  #4  
Old 20-Mar-2004, 18:43
Desmondo Desmondo is offline
Registered Forum User
Big Twin
 
Posts: 1,698
Join Date: Jan 2002
Mood: :devil:
You'll be able to find out who the ISP is but appart from that, unless you want to contact the ISP there's not really agreat deal of info that you'll be able to find out.

Either ping it from DOS or go and use the tools here.
Quote+Reply
  #5  
Old 20-Mar-2004, 18:54
rockhopper's Avatar
rockhopper rockhopper is offline
Registered Forum User
Ducati Corse
 
Posts: 3,367
Join Date: Jul 2001
Cheers guys, and thats a good link Lisa. I dont want to make a fuss about it or anything, just that the address this was sent to is only known by a very few people, all of which i consider to be friends!!

Tried the links and they come up with all sorts of good info but nothing that really means anything to me! Trouble is i dont really know much about how the intenet works. The header of the mail says "x-originating-IP;[195.92.168.168]"

Presumably this is the IP address of the computer that the email was sent from?


[Edited on 20-3-2004 by rockhopper]
Quote+Reply
  #6  
Old 20-Mar-2004, 19:20
Nigel C's Avatar
Nigel C Nigel C is offline
Registered Forum User
Big Twin
 
Posts: 1,710
Join Date: Aug 2002
Mood: happy bike passed MOT
this is useful as well


symantec
Quote+Reply
  #7  
Old 20-Mar-2004, 22:05
rockhopper's Avatar
rockhopper rockhopper is offline
Registered Forum User
Ducati Corse
 
Posts: 3,367
Join Date: Jul 2001
Cheers Weeksy oh and congrats on the engagement!

The header reads:

MIME-Version: 1.0
X-Originating -IP:[195.92.168.168]
x-Originating-Email: [i'll hide this if you dont mind!!]
x-Sender: same addy as above
Received:from 195.92.168.168 by by14fd.bay14.hotmail.msn.com with HTTP;Fri, 19 Mar 2004 11:55:55 GMT

Means nothing to me i'm afraid but that all that came up.
Quote+Reply
  #8  
Old 20-Mar-2004, 22:32
Nigel C's Avatar
Nigel C Nigel C is offline
Registered Forum User
Big Twin
 
Posts: 1,710
Join Date: Aug 2002
Mood: happy bike passed MOT
hope u dont mind rockhopper but i put that ip address into my link right click on the links under node name and network and you will get the information ie: name and email etc


http://security.symantec.com/ssc/vr_...SLHFEPGEVVSDUX

oh didn't work you'll have to enter it yourself you wont be able to copy and paste it in though

[Edited on 20-3-2004 by Nigel C]
Quote+Reply
  #9  
Old 20-Mar-2004, 22:38
FiscusFish's Avatar
FiscusFish FiscusFish is offline
Registered Forum User
500SD
 
Posts: 782
Join Date: Feb 2004
Mood: Must fix Superlight... Must fix Superlight...
Doing a quick WHOIS on the IP address brings it up as an Energis UK number. It also states the address is used by the "Birmingham POP network". It gives an abuse email of abuse@energis.com
Quote+Reply
  #10  
Old 20-Mar-2004, 23:14
rockhopper's Avatar
rockhopper rockhopper is offline
Registered Forum User
Ducati Corse
 
Posts: 3,367
Join Date: Jul 2001
Yes, i found the name Energis cropping up lots of times this afternoon, trouble is it comes up if i put my own Ip address in the search as well and I'm with Freeserve. Does that mean that the guilty party is with Freeserve as well?
Quote+Reply
Reply
  
Thread Tools
Display Modes
Postbit Selector
Switch to Vertical postbit Use Vertical Postbit

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Recent Posts - Contact Us - DSC Home - Archive - Top
Powered by vBulletin 3.5.4 - Copyright © 2000 - 2024, Jelsoft Enterprises Ltd. - © Ducati Sporting Club UK - All times are GMT +1. The time now is 11:54.