joewho
Premium
join:2004-08-20
Las Vegas, NV
| help with whois
I believe this e-mail is from milwaukee, but the whois only takes me to CA, as far as I can tell.
Can someone look at this and tell me if you can determine more from it. It's from a scammer, to a customer. Due to the way this was sent to me, I'm not sure if the customer's ip is showing or not. I don't think it is. I x'd out the customers e-mail addy.
X-Apparently-To: xxx@yahoo.com via 206.190.38.174; Thu, 12 Jan 2006 08:39:00 -0800
X-Originating-IP: [206.190.38.175]
Return-Path:
Authentication-Results: mta215.mail.mud.yahoo.com from=yahoo.com; domainkeys=pass (ok)
Received: from 206.190.38.175 (HELO web51309.mail.yahoo.com) (206.190.38.175) by mta215.mail.mud.yahoo.com with SMTP; Thu, 12 Jan 2006 08:38:59 -0800
Received: (qmail 46834 invoked by uid 60001); 12 Jan 2006 16:38:54 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=MDmkXXF5u13wpPfDxmQaLlVZmOdskt5robDdzhQLgVo2h9gZRBViarayVfQEelRCYbeAwdzSM5zperCB BzshzlKFfw6qHwqgc4+l5PhBE9/HyGLzy7NGpipavujrwB8f7jaEUZJ9jPb26LaFLZH7Ei85Gc6D24cwEPPV2raYhVs= ;
Message-ID:
Received: from [69.210.113.97] by web51309.mail.yahoo.com via HTTP; Thu, 12 Jan 2006 08:38:54 PST
Date: Thu, 12 Jan 2006 08:38:54 -0800 (PST)
From: "mr fix u up right" View Contact Details Add Mobile Alert
Yahoo! DomainKeys has confirmed that this message was sent by yahoo.com. Learn more
Subject: Re: Fwd: Re: It's Time
To: "xxxx xxxxx>
In-Reply-To:
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-941233383-1137083934=:46770"
Content-Transfer-Encoding: 8bit
Content-Length: 3019
Thanks
--
we're all connected |
|
heels_fan
1.20.09 The start of Socialism
Premium
join:2003-02-07
Columbia, TN | copy all the header of the email here »www.spamcop.com/
and it will show you what ISP it came from |
|
NetFixer
Freedom is NOT Free
Premium
join:2004-06-24
Murfreesboro, TN
 ·Vonage
 ·AT&T Southeast
 ·Cingular Wireless
·AT&T CallVantage
| A reverse DNS lookup (not a whois query) for IP address 69.210.113.97 returns this response:
97.113.210.69.IN-ADDR.ARPA 7190 IN PTR adsl-69-210-113-97.dsl.milwwi.ameritech.net
This would indicate that the email in question originated from an SBC DSL account in Milwaukee.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed.
Test your firewall. |
|
joewho
Premium
join:2004-08-20
Las Vegas, NV
| reply to joewho
I came up with the same results from a reverse dns lookup. Redback2 in milwaukee.
I recommended that the customer just contact sbc abuse.
I think he's worried that they won't do anything.
Thanks for the help guys.
--
we're all connected |
|
