What are the chances?

Post your questions about tracing the source IP address of an email here.
Locked
joe
New Member
Posts: 1
Joined: Wed Mar 31, 2010 1:45 pm

What are the chances?

Post by joe » Wed Mar 31, 2010 2:05 pm

Yo waz up peeps!

Heya, Im investigating a real pain in the a** troll... one whos been personal attacking friends and likes to impersonate me.

the question is... Im communicating with the troll now and with some site administrator where most of the sh*t took place, feel me?

So i emailed a little *invisible* gif, call it "x.gif" and which resides on my server...l when this guy opened my email i saw this:

(this is his confirmed IP info I got on my server logs)

166.205.0.000 - - [31/Mar/2010:15:18:09 -0400] "GET /images/x.gif HTTP/1.1" 200 92 "-" "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_1_3 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko)"



Then I also emailed to the administrator another gif image, call it "y.gif", which also resides on my server....when the guy opened the email, I got this on my server logs:

92.239.230.00 - - [31/Mar/2010:16:22:30 -0400] "GET /images/y.gif HTTP/1.1" 200 875 "-" "Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_1_3 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko)"


Aight!! ...notice that the computer info on those strings says that these are IPHONEs, and the browser user agent matches exactly..... everything else is different.

How common is this to Apple Iphones in general??
Are there that many user agents for them??
What are the chances that these two guys are actually the same user??

any help will be sooo appreciated...

J.R.

DonAtAplus
New Member
Posts: 2
Joined: Sun May 09, 2010 7:54 am

Re: What are the chances?

Post by DonAtAplus » Sun May 09, 2010 8:07 am

Most all cell phones use a dynamic IP much like dial-up home services. Every time the user connects he/she would get a different IP. The user-agent will not change it he/she is using the same device (cell Phone; computer;...) to send the email.

This is why the IP in the email header changes. You may be able to get an approximate location from a block of IP's used by the ISP's IP address ranges and this could give you an approximate area However, an exact location of the sender would be extremely hard for cell phones unless you can use a GPS fix on the cell phone like the FBI does.

Locked

Who is online

Users browsing this forum: No registered users and 2 guests