Help catching Spammer

vbimport

#1

Hello,

I am trying to figure out the IP of the sender so I can send to the abuse department of their ISP . Is it originating from 209.115.59.111 or 66.218.66.218 ?

Thanks

Received: from [66.218.67.198] by n40.grp.scd.yahoo.com with NNFMP; 16 Jul 2002 14:20:08 -0000
X-Sender: cen14usm3@yahoo.com
X-Apparently-To: xx@xx.com
Received: (EGP: mail-8_0_7_4); 16 Jul 2002 14:20:03 -0000
Received: (qmail 73643 invoked from network); 16 Jul 2002 14:20:03 -0000
Received: from unknown (66.218.66.218)
by m5.grp.scd.yahoo.com with QMQP; 16 Jul 2002 14:20:03 -0000
Received: from unknown (HELO yahoo.com) (209.115.59.111)
by mta3.grp.scd.yahoo.com with SMTP; 16 Jul 2002 14:20:01 -0000
To: <xx@xx.com>
Sender: "cen14usm3" <cen14usm3@yahoo.com>
From: "cen14usm3" <cen14usm3@yahoo.com>

err UPDATE i see that 209.115.59.111 is a yahoo mail server or something. So I take it that 66.218.66.218 is the originating IP?


#2

Search results for: 209.115.59.111

Fiber Network Solutions, Inc. (NETBLK-NETBLK-FIBERNET-CBLK3) NETBLK-FIBERNET-CBLK3
209.115.0.0 - 209.115.127.255
Electronic Country Road (NETBLK-F-209-115-59-0-M24) F-209-115-59-0-M24
209.115.59.0 - 209.115.59.255

Search results for: 66.218.66.218

Yahoo! (NETBLK-A-YAHOO-U23)
701 First Avenue
Sunnyvale, California 94089
US

Netname: A-YAHOO-U23
Netblock: 66.218.64.0 - 66.218.95.255
Maintainer: YAOO


#3

@ Mr. Belvedere

How did you get the adres by checking the IP?? :confused:
Neotrace?

Grtz


#4

I was able to figure out who owned the IP but I didnt know which one was the IP of the sender. After looking at the message source I am wondering if the 209 IP is the originating one

209.115.59.111


#5

Originally posted by BurnFre@k
[B]@ Mr. Belvedere

How did you get the adres by checking the IP?? :confused:
Neotrace?

Grtz [/B]

I believe ZoneAlarm Pro has this option. Now that you mention it, never really looked into making an active search with it…


#6

I Have ZoneAlarm installed en well…so lets check it out :bigsmile:


#7

(sigh)

www.arin.net

etc… etc…