Could someone advise or help please?

Get the latest on wired & wireless, talk network setups, get help with connectivity problems, web hosts, etc.
Post Reply
Fubsy08
n00b
Posts: 4
Joined: Tue Oct 13, 2009 7:04 am

Could someone advise or help please?

Post by Fubsy08 » Tue Oct 13, 2009 7:32 am

First off hi all,

I'm new to the forum and have joined up because I could really do with some help and this seemed like a good place to start as it looks like theres a few people in here who know what they are talking about and will hopefully be able to help or at least guide me in the right direction.

Anyway without going on to much ive had a threatening email, now i know we've all had them before but this is abit different as the person seems to know an awful lot about me, and without going into detail its basicly to do with a past relationship where 2 children are involved and I would really like to try and find out who this person is does anyone know how i can extract their email address from the email sent to me via outlook express and any further things i can do to obtain this persons identity or something to that extent?

I've pasted the message source below.

Any help would be greatly appreciated.

Regards
Fubsy

Received: from smtp-in2.blueyonder.co.uk ([172.23.146.13]) by ECOWV13M.Telewest.Internal with Microsoft SMTPSVC(6.0.3790.3959);
Sun, 11 Oct 2009 06:09:42 +0100
Received: from eback03.blueyonder.co.uk ([195.188.53.214]) by smtp-in2.blueyonder.co.uk with Microsoft SMTPSVC(6.0.3790.3959);
Sun, 11 Oct 2009 06:09:43 +0100
Received: from [172.23.170.139] (helo=anti-virus01-10)
by eback03.blueyonder.co.uk with smtp (Exim 4.52)
id 1Mwqgg-0000Fq-Vx
for fubarhome@blueyonder.co.uk; Sun, 11 Oct 2009 06:09:43 +0100
Received: from [64.12.100.31] (helo=imr-ma05.mx.aol.com)
by exim10.blueyonder.co.uk with esmtp (Exim 4.68)
(envelope-from <NeutraI1024@aol.com>)
id 1Mwqgg-0002Uo-Cc
for fubarhome@blueyonder.co.uk; Sun, 11 Oct 2009 06:09:42 +0100
Received: from imo-ma03.mx.aol.com (imo-ma03.mx.aol.com [64.12.78.138])
by imr-ma05.mx.aol.com (8.14.1/8.14.1) with ESMTP id n9B59ZXg002609
for <fubarhome@blueyonder.co.uk>; Sun, 11 Oct 2009 01:09:35 -0400
Received: from NeutraI1024@aol.com
by imo-ma03.mx.aol.com (mail_out_v42.5.) id 4.be1.67171599 (41812)
for <fubarhome@blueyonder.co.uk>; Sun, 11 Oct 2009 01:09:32 -0400 (EDT)
From: NeutraI1024@aol.com
Message-ID: <be1.67171599.3802c28c@aol.com>
Date: Sun, 11 Oct 2009 01:09:32 EDT
Subject: (no subject)
To: fubarhome@blueyonder.co.uk
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-----------------------------1255237772"
X-Mailer: AOL 9.0 VR sub 5002
X-Spam-Flag:NO
X-AOL-SENDER: NeutraI1024@aol.com
X-Envelope-To: fubarhome@blueyonder.co.uk
Return-Path: NeutraI1024@aol.com
X-OriginalArrivalTime: 11 Oct 2009 05:09:43.0156 (UTC) FILETIME=[0AFB1340:01CA4A31]
Old-X-EsetId: 4CD4D62A08B4706953D2D67C04EE3C
X-EsetId: 4CD4D62A08B4706953D2D67C04EE3C
X-EsetScannerBuild: 5789

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Could someone advise or help please?

Post by stasik » Wed Oct 14, 2009 12:55 am

i dont know how to use outlook, but u have to look at the mail header and u ll see the IP address of the sender (no mater if it was sent with outlook or not). based on http://www.ipligence.com/emailtrace the mail was sent from USA with IP 64.12.78.138. thats the far u can get with the email header. and if he used proxy/tunnels, thats not even his original IP. from here u can do a port scan, call his ISP, etc (if this is his original ip!!)...

Fubsy08
n00b
Posts: 4
Joined: Tue Oct 13, 2009 7:04 am

Re: Could someone advise or help please?

Post by Fubsy08 » Wed Oct 14, 2009 1:27 am

stasik wrote:i dont know how to use outlook, but u have to look at the mail header and u ll see the IP address of the sender (no mater if it was sent with outlook or not). based on http://www.ipligence.com/emailtrace the mail was sent from USA with IP 64.12.78.138. thats the far u can get with the email header. and if he used proxy/tunnels, thats not even his original IP. from here u can do a port scan, call his ISP, etc (if this is his original ip!!)...
Hiya stasik thanks for the reply, I was under the impression this person was alittle closer to home from the things he has said, but maybe not.. Ethier way I've contacted the police and they are going to deal with it but would still like to figure out who this person is...

Anyway thanks for the reply.
Regards
Fubsy

guidj0s
Hacker in Training
Posts: 74
Joined: Sat Oct 10, 2009 11:29 pm
Contact:

Re: Could someone advise or help please?

Post by guidj0s » Wed Oct 14, 2009 6:19 am

If someone is threatening your family, especially your children, the best thing to do would be to go to the police with the IP number stasik gave you, and also the e-mail header along with the message. Getting back at someone online is only smart if they don't have physical access to you (or your family, etc). Not because you could get into a fight, but because you could be shot/stabbed.

Fubsy08
n00b
Posts: 4
Joined: Tue Oct 13, 2009 7:04 am

Re: Could someone advise or help please?

Post by Fubsy08 » Wed Oct 14, 2009 8:17 am

guidj0s wrote:If someone is threatening your family, especially your children, the best thing to do would be to go to the police with the IP number stasik gave you, and also the e-mail header along with the message. Getting back at someone online is only smart if they don't have physical access to you (or your family, etc). Not because you could get into a fight, but because you could be shot/stabbed.
I know m8 and they are very wise words. I have been in touch with the Sussex Online Crime Team and they are sending an officer around tommorow i read out the emails to them and they are taking the matter very seriously, It's just ontop of everything else at the moment its just to much to bare, im having a difficult time as it is without having mindless threats sent to me.

Best Regards
Fubsy

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Could someone advise or help please?

Post by stasik » Wed Oct 14, 2009 11:10 am

good luck with that, but if its a matter of serious issue, i thing they used some proxy/tunnel. u r lucky if they did it from some internet caffee as most of them have cctv. he/she/they could also just drive around to find some unsecure wifi and use it to send the email. i have 2 unsecured wifi around me right now. but if u r sure he is not in the usa, then he used proxy. is he smart/computer literate??? maybe he didnt expect u to go to police, so he was dumb. let us know how it ends!!!

Fubsy08
n00b
Posts: 4
Joined: Tue Oct 13, 2009 7:04 am

Re: Could someone advise or help please?

Post by Fubsy08 » Wed Oct 14, 2009 11:32 am

stasik wrote:good luck with that, but if its a matter of serious issue, i thing they used some proxy/tunnel. u r lucky if they did it from some internet caffee as most of them have cctv. he/she/they could also just drive around to find some unsecure wifi and use it to send the email. i have 2 unsecured wifi around me right now. but if u r sure he is not in the usa, then he used proxy. is he smart/computer literate??? maybe he didnt expect u to go to police, so he was dumb. let us know how it ends!!!
Well its hard to say, if he/she is smart or not but the way the emails are wrote would surgest that they are not and i know i should'nt of really but i did reply saying i was going to the police about the matter to which they replied " you need the police do you? tracing my ip and email address ? do it, saves us coming to you " and since i said that i havnt heard anything else since so perhaps they hadnt fully thought it through, i do agree it would be very easy for them to send the emails from another persons wifi or a cafe etc but i doubt they had thought that far.

That said tho i don't know anybody in the USA not anybody that would know me or my family that well.. Well like i said the police are coming around tommorow so will see how it goes thanks for all ur replies and thoughts on the matter.

Best Regards
Fubsy

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Could someone advise or help please?

Post by stasik » Wed Oct 14, 2009 2:37 pm

u did hurry up... if u were about to reply them back, u should had used a receive + read notification (some email providers support that option for money) and u would see from what IP they read ur email, coz many people think to hide real ip only when write the email, and not when reading it. i think, that best thing to sort this things is by ignoring. emails, phones calls, etc, just ignore them as long as they are not physically. u have no idea how ur ignorance could drive them mad. they feed on ur fear, ur reaction to their action is what they want. dont waist ur time with some pricks :wink:

Post Reply