Hi,
can someone help me trace an IP in an email header back to the sender's ISP? I'm trying to narrow in someone who has been sending harassment emails to all the parents at my kid's preschool. They did it from an gmail address so I'm not sure how much I can actually find out.
― akm, Sunday, 31 January 2010 06:24 (sixteen years ago)
Does pinging it resolve to a host name? Does tracert show you anything usable? You can also report it to Google: http://mail.google.com/support/bin/request.py?contact_type=abuse_spoofing
― Jaq, Sunday, 31 January 2010 06:52 (sixteen years ago)
http://cqcounter.com/whois/
― ♖♕♖ (am0n), Sunday, 31 January 2010 07:38 (sixteen years ago)
http://ws.arin.net/whois/
would love to hear the results of this, i hope this creep gets pwned
― ('_') (omar little), Sunday, 31 January 2010 07:51 (sixteen years ago)
me 2
― Goon's Anatomy (J0rdan S.), Sunday, 31 January 2010 08:32 (sixteen years ago)
at some point you might wanna get the cops involved
― wtf lebron, that chick doesn't need a gatorade bath (k3vin k.), Sunday, 31 January 2010 08:33 (sixteen years ago)
Tracing an IP address for a GMail account is probably going to get you at best either a public access computer in a library, or somebody's unsecured wireless router. A combination of Google and cops is probably the best way to go.
― might seem normal (snoball), Sunday, 31 January 2010 11:55 (sixteen years ago)
the whois will bring back one of googles gmail ip ranges, best reporting it to gmail.
― Jarlrmai, Sunday, 31 January 2010 12:30 (sixteen years ago)
You're right, it does reveal the person's router (it's a 10.x.x.x address). I have a private investigator looking into it and the cops are being alerted as well.
― akm, Sunday, 31 January 2010 16:25 (sixteen years ago)
I think what snoball was saying is it might be somebody else's unsecured router the harasser is using.
― Guayaquil (eephus!), Sunday, 31 January 2010 16:46 (sixteen years ago)
10.x.x.x is a local address though, don't think that's much use?
― Colonel Poo, Sunday, 31 January 2010 17:00 (sixteen years ago)
(xpost) yeah, someone sending threatening e-mails is going to take basic precautions against getting caught, like using a publicly accessible computer, or tapping into someone else's wireless internet connection.Last time I had to do this, it was a Yahoo mail account five years ago. The IP address was for a public library, but it turned out that the computers there were set up so that anyone could walk up and use them, and we never found out the person who sent the e-mail.
― might seem normal (snoball), Sunday, 31 January 2010 17:12 (sixteen years ago)
You might get somewhere if the GMail account is still being used. But it's more likely that the sender set up the account for the one time purpose of sending the threatening e-mail.
― might seem normal (snoball), Sunday, 31 January 2010 17:18 (sixteen years ago)
Yeah a 10.x address is private (LAN/DHCP) address space and reveals nothing, there shuold also be a public address but agree with everyone else: someone covering their track'd send from net cafe/library/other persons wifi... unless they're monumentally dumb.
― millivanillimillenary (Trayce), Sunday, 31 January 2010 22:58 (sixteen years ago)