abuser information

Discussion in 'Help Desk' started by Rashed, Oct 30, 2009.

  1. Rashed

    Rashed New Email

    Joined:
    Oct 30, 2009
    Messages:
    2
    Likes Received:
    0
    Please help me. I'm a new bee in this forum.
    I got a message from a yahoo email user. How can I Trace him. I check his email header. But I did not get any particular information about the abuser.
    Some time he use opera min, that means he send email using his mobile phone. I contact with Opera abuse team, did give me the sender information. Can I get abuser information from yahoo abuse team, and how?

    I paste email header below"


    Message Header-1:
    *
    Return-Path: <treena_star@yahoo.com>
    Delivered-To: zulfiqar_ahmed@unitrendbd.com
    Received: (qmail 6232 invoked by uid 511); 2 Oct 2009 18:36:47 +0600
    Received: from 117.58.240.37 by mail.unitrendbd.com (envelope-from <treena_star@yahoo.com>, uid 509) with qmail-scanner-1.25-st-qms
    *(clamdscan: 0.93.3/7844. spamassassin: 3.0.2. perlscan: 1.25-st-qms.*
    *Clear:RC:1(117.58.240.37):.
    *Processed in 0.038399 secs); 02 Oct 2009 12:36:47 -0000
    X-Antivirus-AONBD-Mail-From: treena_star@yahoo.com via mail.unitrendbd.com
    X-Antivirus-AONBD: 1.25-st-qms (Clear:RC:1(117.58.240.37):. Processed in 0.038399 secs Process 6225)
    Received: from aonb-filter.aonbd.net (117.58.240.37)
    * by mail.unitrendbd.com with SMTP; 2 Oct 2009 18:36:46 +0600
    X-Greylist: delayed 112 seconds by postgrey-1.31 at aonb-filter.aonbd.net; Fri, 02 Oct 2009 18:45:26 BDT
    Received: from n12.bullet.mail.mud.yahoo.com (n12.bullet.mail.mud.yahoo.com [209.191.125.209])
    ************* by aonb-filter.aonbd.net (Postfix) with SMTP id 6B4F34B53C
    ************* for <zulfiqar_ahmed@unitrendbd.com>; Fri,* 2 Oct 2009 18:45:25 +0600 (BDT)
    Received: from [68.142.200.224] by n12.bullet.mail.mud.yahoo.com with NNFMP; 02 Oct 2009 11:47:07 -0000
    Received: from [67.195.9.83] by t5.bullet.mud.yahoo.com with NNFMP; 02 Oct 2009 11:47:07 -0000
    Received: from [98.137.27.208] by t3.bullet.mail.gq1.yahoo.com with NNFMP; 02 Oct 2009 11:47:07 -0000
    Received: from [127.0.0.1] by omp118.mail.gq1.yahoo.com with NNFMP; 02 Oct 2009 11:47:07 -0000
    X-Yahoo-Newman-Property: ymail-3
    X-Yahoo-Newman-Id: 147707.74382.bm@omp118.mail.gq1.yahoo.com
    Received: (qmail 43525 invoked by uid 60001); 2 Oct 2009 11:47:07 -0000
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1254484026; bh=IxJXiHnzXNhzdhySqXyXQZ8URJek8Deh9D5ziOFNP58=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:To:MIME-Version:Content-Type; b=3XeAFNJCbFe9dc45FfyE79FfVV4o6VeienophhaqVPlH8nflbWXv9AcIYy5RIFNuM1du4CSGMnlvVx462b8filKki12nk31QrenH5jnvVErQ1cVwfN/uc6HUQ+a6X0mKybIFU+WkmoyHPkbNwH9n84/vHO8n5d8F/9Y+bsxLZsw=
    DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
    * s=s1024; d=yahoo.com;
    * h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:To:MIME-Version:Content-Type;
    * b=3OJ5+l1xCRTR1Eqx1qCzIEDMSnfTeFsAlvD+pmTie4G1hnZsYRa68ecn8Kztz2SAJ99d4ZeBh5p+ivJJLxEC6c7ER+AjJWsvFgl6j1JGmmrrJhJV232RqXdIPCdbtkNp5GgXM101fqBDtIwMTpvyLhnDjLED4DHBZTXa+lq9mTo=;
    Message-ID: <972376.43240.qm@web113010.mail.gq1.yahoo.com>
    X-YMail-OSG: uK9HQSYVM1mIiLTvpSsdbGzwX0S8HxSWvdfixnfDrl_THVlR78BHBO1C
    Received: from [120.50.26.58] by web113010.mail.gq1.yahoo.com via HTTP; Fri, 02 Oct 2009 04:47:06 PDT
    X-Mailer: YahooMailClassic/7.0.14 YahooMailWebService/0.7.347.2
    Date: Fri, 2 Oct 2009 04:47:06 -0700 (PDT)
    From: Treena Akhond <treena_star@yahoo.com>
    To: senjuti_barua@unitrendbd.com, tushar_das@unitrendbd.com,
    * zulfiqar_ahmed@unitrendbd.com, russell_oneil@unitrendbd.com,
    * hamid_kaisar@unitrendbd.com, munir_hossain@unitrendbd.com
    MIME-Version: 1.0
    Content-Type: multipart/alternative; boundary="0-1980535327-1254484026=:43240"
    X--MailScanner-Information: Please contact the ISP for more information
    X--MailScanner-ID: 6B4F34B53C.254D1
    X--MailScanner: Found to be clean
    X--MailScanner-From: treena_star@yahoo.com
    X-Spam-Status: No

    Message Header-2:

    Return-Path: <treena_star@yahoo.com>
    Delivered-To: zulfiqar_ahmed@unitrendbd.com
    Received: (qmail 30382 invoked by uid 511); 4 Oct 2009 11:48:19 +0600
    Received: from 117.58.240.37 by mail.unitrendbd.com (envelope-from <treena_star@yahoo.com>, uid 509) with qmail-scanner-1.25-st-qms
    *(clamdscan: 0.93.3/7844. spamassassin: 3.0.2. perlscan: 1.25-st-qms.*
    *Clear:RC:1(117.58.240.37):.
    *Processed in 0.018538 secs); 04 Oct 2009 05:48:19 -0000
    X-Antivirus-AONBD-Mail-From: treena_star@yahoo.com via mail.unitrendbd.com
    X-Antivirus-AONBD: 1.25-st-qms (Clear:RC:1(117.58.240.37):. Processed in 0.018538 secs Process 30375)
    Received: from aonb-filter.aonbd.net (117.58.240.37)
    * by mail.unitrendbd.com with SMTP; 4 Oct 2009 11:48:19 +0600
    X-Greylist: delayed 133 seconds by postgrey-1.31 at aonb-filter.aonbd.net; Sun, 04 Oct 2009 11:57:05 BDT
    Received: from n3-vm0.bullet.mail.gq1.yahoo.com (n3-vm0.bullet.mail.gq1.yahoo.com [67.195.23.156])
    ************* by aonb-filter.aonbd.net (Postfix) with SMTP id E9E224B1D5
    ************* for <zulfiqar_ahmed@unitrendbd.com>; Sun,* 4 Oct 2009 11:57:05 +0600 (BDT)
    Received: from [67.195.9.82] by n3.bullet.mail.gq1.yahoo.com with NNFMP; 04 Oct 2009 04:58:28 -0000
    Received: from [98.137.27.211] by t2.bullet.mail.gq1.yahoo.com with NNFMP; 04 Oct 2009 04:58:28 -0000
    Received: from [127.0.0.1] by omp121.mail.gq1.yahoo.com with NNFMP; 04 Oct 2009 04:58:28 -0000
    X-Yahoo-Newman-Property: ymail-3
    X-Yahoo-Newman-Id: 640437.4260.bm@omp121.mail.gq1.yahoo.com
    Received: (qmail 3355 invoked by uid 60001); 4 Oct 2009 04:58:28 -0000
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1254632308; bh=eQ6DQwK3MyNPF8wmzNe6qG7I5spU+HhxrxaMScr4za0=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:To:MIME-Version:Content-Type; b=KlhNUXj69DeNLNEePckVOzXYHH+78tuuXvRezfleHC4TXE3dVgXGUOqf4OYauUMVPtVOx/szC7hVMaq4zJ6bhgrTGBgUIsJ3dk9u/1QX2Go2p8YsgOKfaCSTVr9LK6EZREfe6RkcRYdLjz0Vw2YS//3ecWJLVkrD/fQPWUeNncY=
    DomainKey-Signature:a=rsa-sha1; q=dns; c=nofws;
    * s=s1024; d=yahoo.com;
    * h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:To:MIME-Version:Content-Type;
    * b=yEYCf1YdNTwyDqa2qxrk6isbFXI/Tk7RttrOMgm2qO3rj15HuMTSTDztrgnd/KilN9oGMU+/IlrB+uWkvNkLofFXycf6XcCsWzJkpHoN2LkTJ5/JzVDiMCuaFEBlFlGXsbABTg/TzS33z7TV404dfms4m1+YXvoTPw2wRNjsdo8=;
    Message-ID: <471067.443.qm@web113006.mail.gq1.yahoo.com>
    X-YMail-OSG: CXPLbNgVM1m7Dk6jYcyYRp3iiYGdUVI_gnYN0yqTQY0x9PLAYd_gNOzF67uw0SQt7O3STwyVKPvTHO8vZ4RAxCreyfw4zNUjM4fF4471Gj2vg.RKzTGGi.9TaXcGbtXpVq9mRkP5K4ahlJPuhlQ7zrXHNCpYH5rVSWLB7SArBTxGTi3NVy.NbHAaaRG6m.Y5YNLZMUBr8l1FwNhQO3El8Vd_ChESq83x5eHerY9LcYKQorcpRB6pgMhLBOISe8duR5sUWVJdtceiHrkHokpsEi.gS9OY1w--
    Received: from [64.255.180.40] by web113006.mail.gq1.yahoo.com via HTTP; Sat, 03 Oct 2009 21:58:28 PDT
    X-Mailer: YahooMailClassic/7.0.14 YahooMailWebService/0.7.347.3
    Date: Sat, 3 Oct 2009 21:58:28 -0700 (PDT)
    From: Treena Akhond <treena_star@yahoo.com>
    To: zulfiqar_ahmed@unitrendbd.com
    MIME-Version: 1.0
    Content-Type: text/plain; charset=us-ascii
    X--MailScanner-Information: Please contact the ISP for more information
    X--MailScanner-ID: E9E224B1D5.A6FB8
    X--MailScanner: Found to be clean
    X--MailScanner-From: treena_star@yahoo.com
    X-Spam-Status: No

    Thanks
    Rashed
     


  2. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,983
    Likes Received:
    120
    Hi Rashed,

    Message 1 was sent from 120.50.26.58.

    Message 2 was sent from 64.255.180.40.

    Both IP addresses belong to the same ISP.

    Here is the contact information for the ISP :

    role: Telnet Network Operation Center
    address: Telnet Communication Limited (TCL)
    House # 4 Level - 2, Road # 16 [Old #27]
    Shek Kamal Shorini, Dhanmondi
    Dhaka - 1209, Bangladesh
    country: BD
    phone: +880-2-8113999
    phone: +880-2-9141810
    e-mail: hostmaster@telnet-bd.com
    e-mail: hostmaster@telnet.com.bd
    admin-c: NA165-AP
    admin-c: TH490-AP
    tech-c: NA165-AP
    tech-c: TH490-AP
    nic-hdl: TNOC1-AP
    mnt-by: MAINT-BD-TELNET
    changed: hostmaster@telnet-bd.com 20080410
    source: APNIC

    If you are getting spam contacting that ISP is the best way to get the spam stopped.

    If you are being threatened with violence or feel you are in any danger please contact the police.

    -Raymond
     

  3. Rashed

    Rashed New Email

    Joined:
    Oct 30, 2009
    Messages:
    2
    Likes Received:
    0
    Dear Raymond
    Thanks for your reply.
    Please tell me how you find out same ISP from 2nd header. when I trace I received Opera mini belongs that IP. How can I trace that?

    Thanks

    Rashed
     
  4. popowich

    popowich EQ Forum Admin Staff Member

    Joined:
    Aug 12, 2008
    Messages:
    8,983
    Likes Received:
    120
    Now when I do a whois on the second IP I see Opera. Strange.

    Jupiter Hosting Corporation JHC-SC-1 (NET-64-255-160-0-1)
    64.255.160.0 - 64.255.191.255
    Opera Software ASA NAVISITE-CUSTOMER-OPERA-SOFTWARE-ASA (NET-64-255-180-0-1)
    64.255.180.0 - 64.255.180.255
     

Want to reply or ask your own question?

It only takes a minute to sign up (and it's free!). Click the orange sign up button to choose a username and then you can ask your own questions on the forum.
Loading...