help needed - determine source of an email

Post your questions about tracing the source IP address of an email here.
Locked
bailey
New Member
Posts: 3
Joined: Tue Nov 11, 2014 7:27 pm

help needed - determine source of an email

Post by bailey » Tue Nov 11, 2014 7:33 pm

can someone help me figure out where this email originated (location or from whom)? thnx.

Received: by 10.220.121.130 with SMTP id h2csp137780vcr;
Mon, 10 Nov 2014 10:08:28 -0800 (PST)
X-Received: by 10.42.151.66 with SMTP id d2mr3465006icw.74.1415642906999;
Mon, 10 Nov 2014 10:08:26 -0800 (PST)
Return-Path: <{removed}@gmail.com>
Received: from mail-ie0-x242.google.com (mail-ie0-x242.google.com. [2607:f8b0:4001:c03::242])
by mx.google.com with ESMTPS id 8si28146288iog.87.2014.11.10.10.08.26
for <{removed}@gmail.com>
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Mon, 10 Nov 2014 10:08:26 -0800 (PST)
Received-SPF: pass (google.com: domain of {removed}@gmail.com designates 2607:f8b0:4001:c03::242 as permitted sender) client-ip=2607:f8b0:4001:c03::242;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of {removed}@gmail.com designates 2607:f8b0:4001:c03::242 as permitted sender) smtp.mail={removed}@gmail.com;
dkim=pass header.i=@gmail.com;
dmarc=pass (p=NONE dis=NONE) header.from=gmail.com
Received: by mail-ie0-f194.google.com with SMTP id tr6so2239874ieb.9
for <{removed}@gmail.com>; Mon, 10 Nov 2014 10:08:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=Ds0gI6AuO1bGs/LWMbAv8EPXDwEWIf7BtoFJ2GH3mts=;
b=Rabrayl6tOiRpO6Al4afFf2GmwQ2oVc0k0R20JPIfMlMIl/ysw75VDffN99GBbImJ+
tDzFd7Xa+hmELSy7GGv6e6QPT+1ij6u1NnFn5H+Mxp74EEvRqoq3bPC/4yTa/7b5eIZ2
fnrt2XQF86LLNb549RhcYsay3iraqzhKU1C+QIlnQKnmajV6wageprlRoXJm9t0XmO9J
XOjnI9xnb/xmkH1/Ly7Wr+rDUOlzHRD8Krv7PGfbfAlV+qgvkAZMLnYQiWaeU3j6gfd6
i442Tu8WJaw4Xy1Z+QjC8ymOmtKOJX/LQ205Q8AeavZeyDxwZuENbCGuCgQpLwBo8cDV
N7XQ==
MIME-Version: 1.0
X-Received: by 10.43.140.20 with SMTP id iy20mr1864588icc.45.1415642906493;
Mon, 10 Nov 2014 10:08:26 -0800 (PST)
Received: by 10.64.243.68 with HTTP; Mon, 10 Nov 2014 10:08:25 -0800 (PST)
Date: Mon, 10 Nov 2014 10:08:25 -0800
Message-ID: <CAOd6vWWj4yr_uiv7n6ZqMYPkCbRJr=aCDpn180f56aWNnA-fXw@mail.gmail.com>

lisati
Active Member
Posts: 1071
Joined: Fri Apr 15, 2011 2:25 pm
Location: Porirua, New Zealand

Re: help needed - determine source of an email

Post by lisati » Wed Nov 12, 2014 3:04 pm

Unfortunately, gmail don't provide anything in the way of useful information to the recipient about the true origin of mail coming from one of their users.

bailey
New Member
Posts: 3
Joined: Tue Nov 11, 2014 7:27 pm

Re: help needed - determine source of an email

Post by bailey » Wed Nov 12, 2014 8:23 pm

shoot, really? is there anything we can do to find out more? even the most basic information would help. i am not particularly computer literate. is there something more I can get out the email/ or contact gmail to find out more?

this is a case of serious weirdness, of someone stalking a family member. the person who sent the emails is using an alias but - from the information sent in the email - is clearly an acquaintance who knows quite a bit about us. here is a second email sent the day before, from a different email address/ alias but (as was apparent from the body of the email) clearly from the same person. much appreciate any help!

Received: by 10.220.121.130 with SMTP id h2csp35122vcr;
Sun, 9 Nov 2014 16:18:54 -0800 (PST)
X-Received: by 10.140.98.202 with SMTP id o68mr11232403qge.49.1415578733220;
Sun, 09 Nov 2014 16:18:53 -0800 (PST)
Return-Path: <{removed}@gmail.com>
Received: from mail-qc0-x243.google.com (mail-qc0-x243.google.com. [2607:f8b0:400d:c01::243])
by mx.google.com with ESMTPS id b97si17835713qga.118.2014.11.09.16.18.52
for <{removed}@gmail.com>
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Sun, 09 Nov 2014 16:18:53 -0800 (PST)
Received-SPF: pass (google.com: domain of <{removed}@gmail.com> designates 2607:f8b0:400d:c01::243 as permitted sender) client-ip=2607:f8b0:400d:c01::243;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of <{removed}@gmail.com> designates 2607:f8b0:400d:c01::243 as permitted sender) smtp.mail={removed}@gmail.com>;
dkim=pass header.i=@gmail.com;
dmarc=pass (p=NONE dis=NONE) header.from=gmail.com
Received: by mail-qc0-f195.google.com with SMTP id c9so1452450qcz.10
for <{removed}@gmail.com>; Sun, 09 Nov 2014 16:18:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=s1KbdNBdp8qSeZ8NIcD4fkHAicQ1s6noqKqoWKvvd/0=;
b=in6Wqr20qB1B11nTaD9tb6mo8o/Bl6kEQn7rat4/mLQfGIquelJ3/vdM+AwWGXKlA9
TCwefsAwdUTh6qFEdWNG5dCQwCL2SwYIJULN3W2n2TNyOgyl1gequ7xcHWO76Vr9AoI3
ZnQhKo5RwxcsUQ6p7pG+lJhukPXkvh1Hi1rH0rACw0cmPoXS5bAo8kkC3MCOkmKSrvVG
MCNKK73AMOa1a6uVdJ1CWmMc+2ma8b6xtr2CENXQZ2nXCAX52FrgM/W5InM+jIbxo/k4
a9R50NQgCDz/tJmlhU5p3hCMaomSE8OnLoDh6oPai4KE0tA+M1yZt6nGPdKhiZFMfPfU
N6PA==
MIME-Version: 1.0
X-Received: by 10.224.151.207 with SMTP id d15mr39946695qaw.4.1415578732727;
Sun, 09 Nov 2014 16:18:52 -0800 (PST)
Received: by 10.140.19.41 with HTTP; Sun, 9 Nov 2014 16:18:52 -0800 (PST)
Date: Sun, 9 Nov 2014 16:18:52 -0800
Message-ID: <CA+JmU=sjJ4+BNAb2c=chYQtiQitqcJN2akTXivG_ofTa6zZ=3g@mail.gmail.com>

George
Active Member
Posts: 523
Joined: Thu Jan 24, 2013 10:24 pm

Re: help needed - determine source of an email

Post by George » Thu Nov 13, 2014 4:28 am

As explained in the previous post, Gmail does not provide the originating IP in their headers. I really don't know why, as it only helps potential scammers and other disreputable people. All Microsoft servers now do the same as well.

bailey
New Member
Posts: 3
Joined: Tue Nov 11, 2014 7:27 pm

Re: help needed - determine source of an email

Post by bailey » Thu Nov 13, 2014 8:02 am

Thanks George. I am surprised there is absolutely nothing that can be gleaned from the email, or a way to dig further to find at least a rough location of where it came from.

Robbie
New Member
Posts: 1
Joined: Fri Nov 14, 2014 7:09 pm

Re: help needed - determine source of an email

Post by Robbie » Fri Nov 14, 2014 7:15 pm

It may take a bit more savvy, but the IP can be located.... and all the target has to do is check their email, for it to be captured.......... http://smallbusiness.chron.com/set-emai ... 49332.html

sheikyoboudi
New Member
Posts: 1
Joined: Fri Dec 09, 2016 8:07 pm

Re: help needed - determine source of an email

Post by sheikyoboudi » Fri Dec 09, 2016 8:10 pm

Bailey: is this in reference to AntiGreen2008?

Locked

Who is online

Users browsing this forum: No registered users and 3 guests