Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Tracing email country of origin.


  • Please log in to reply

#1
Bubba72

Bubba72

    New Member

  • Member
  • Pip
  • 3 posts
Hi people,

I'm new to the forum and I hope you can help.

Basically I suspect someone of being dishonest. I caught them out and I think they are trying to cover up with more lies.

At the bottom I've added the email header details of two separate emails; one was a test by me, the other I'm trying to trace its country of origin.

Said person supposedly sent me an email from inside Taiwan - I am in Taiwan too - but as they haven't been honest I had my doubts.

Their message was sent via yahoo email client on iPhone. The person claimed to be in Taiwan but every ip points to Singapore. When analysing the iPhone xymcookie (at the very bottom of their info) I noticed two ips. One was from this person's mobile provider in Taiwan, and the other was again from Singapore. This suggests that the internal ip of their phone had to reach an external ip to send the message. But why contact Singapore's serves and not Taiwan's? I got very suspicious as said person claimed a friend was going to Singapore while they were at home - I guess some people involuntarily give snippets of the truth. Anyway, I decided to conduct a little test...

I sent myself an email from a yahoo client, to my email - all inside Taiwan. You will see that all the servers are Taiwanese locations, not Singaporean like the other email.

In my mind the evidence is clear, the original email was sent from a location in Singapore, not Taiwan.

Am I correct? I'd appreciate advice on where I may be wrong.

Thank you.

Here are the ips from the possibly dishonest, Singapore email:

sender IP is 106.10.151.224

Received: from [106.10.166.61] by nm33.bullet.mail.sg3.yahoo.com with NNFMP; 30 Mar 2014 15:48:39 -0000
Received: from [106.10.167.129] by tm18.bullet.mail.sg3.yahoo.com with NNFMP; 30 Mar 2014 15:48:39 -0000
Received: from [127.0.0.1] by smtp102.mail.sg3.yahoo.com with NNFMP; 30 Mar
X-Rocket-Received: from [192.168.0.101] email deleted by me@36.231.103.236 with xymcookie [106.10.149.123]

Here is my test:

sender IP is 98.138.229.31

Received: from [127.0.0.1] by nm38.bullet.mail.ne1.yahoo.com with NNFMP; 01 Apr 2014 06:48:23 -0000
Received: from [98.138.226.177] by nm38.bullet.mail.ne1.yahoo.com with NNFMP; 01 Apr 2014 06:45:23 -0000
Received: from [203.188.200.143] by tm12.bullet.mail.ne1.yahoo.com with NNFMP; 01 Apr 2014 06:45:23 -0000
Received: from [203.188.200.58] by tm5.bullet.mail.tp2.yahoo.com with NNFMP; 01 Apr 2014 06:45:23 -0000
Received: from [127.0.0.1] by omp1009.mail.tp2.yahoo.com with NNFMP; 01 Apr

*My own IP address was here, and it located me to the exact street *

Thank you

Edited by Bubba72, 01 April 2014 - 07:53 AM.

  • 0

Advertisements


#2
Sixpack

Sixpack

    Member

  • Member
  • PipPip
  • 11 posts

The first IP, according to IP Address Lookup, is from Singapore. You can go to

 

http://ip-lookup.net/domain.php , or more accurately, http://ip-lookup.net

 

and type in the rest of the IP addresses and see if they can find out for you. IP address lookup is a good site and I use it often.

 

Hope this helps.


  • 0

#3
Bubba72

Bubba72

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi,

Thank you for your response.

I've already checked the other IP addresses from the original email. They originated from Singapore, except the person's cell IP, but that contacted an external address in Singapore also.

I'm interested to know if I'm correct. I mean, there's no way a Taiwanese email address, supposedly sending email from inside Taiwan to inside Taiwan, would contact servers in Singapore, right? My test email shows this would not happen.

I just want to be sure about my findings before I use them. Can anyone with more knowledge of this than me shed some light?

To be honest I'm not a tech person at all, just a dude who's a little miffed that someone supposedly close to me could lie to my face, and then use a big lie to cover up a another big lie.

I'm pretty convinced I'm correct on this, and I'd like to be able see their face when they find out that I'm not as stupid as they think.

Please fell free to check the IPs.

:)
  • 0

#4
Sixpack

Sixpack

    Member

  • Member
  • PipPip
  • 11 posts

Maybe your best bet would be to cut some ties.


  • 0

#5
Bubba72

Bubba72

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
That's difficult - they're family.
  • 0

#6
Sixpack

Sixpack

    Member

  • Member
  • PipPip
  • 11 posts

sorry, havr a wonderful day...


  • 0

#7
Artellos

Artellos

    Tech Secretary

  • Global Moderator
  • 3,888 posts

Bubba72,

 

It just doesn't work the way that you describe. For all you know the email service they use, uses servers in Singapore. For all we know they could be using a service from the US. For example; I have a ".nl" address, but the servers used to send the emails are not hosted in the Netherlands.

 

I am afraid we are not here to solve family disputes. There is no real way to be certain without having court orders and digging into detailed logging information (which we do not have access to).

 

Regards,

Olrik


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP