Incoming full header:
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtTQ0w9Ng==
X-Message-Status: n:0
X-SID-PRA: Mr. Peter Phillip < [email protected] >
X-SID-Result: Fail
X-Message-Info: jXuon5/YRm68Ci7Ivfe0Hv/
KIFdVOY7XxLdfBnLCvCwn8JjE0pGP8W0ZNZ36B7/RyRDsMPlTFqG4/
uQV8yk1AMg7CiHXhUBi
Received: from mail.cyb.asp-p.jp ([164.46.139.108]) by col0-mc3f18.Col0.hotmail.com with Microsoft SMTPSVC(6.0.3790.3959);
Mon, 26 Jan 2009 10:48:49 -0800
Received: from User ([41.222.67.140])
(authenticated (0 bits))
by mail.cyb.asp-p.jp (8.12.11.20060829/8.11.3) with ESMTP id
n02DqpHu020392;
Fri, 2 Jan 2009 22:52:54 +0900
Message-Id: <[email protected]>
Reply-To:
From: "Technical Support Services"
Subject: System Password Reset
Date: Fri, 2 Jan 2009 14:53:22 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Bcc:
Return-Path: [email protected]
X-OriginalArrivalTime: 26 Jan 2009 18:48:49.0731 (UTC) FILETIME=
[BA0BC930:01C97FE6]
Some details are obvious without any further use of software tools. In a future article,
perhaps we will further analyze and decipher this code without software tools but for now let
us continue. Afterward to get more information about our hacker, our next step is to submit
the email header to an email header analysis tool such as http://www.iptrackeronline.com/
email-header-analysis.php. This site has a brief tutorial on how to extract and submit email
headers for analysis and it is completely free to use. We will simply follow these few steps
to investigate our hacker’s whereabouts. 1). Copy and paste our email header data and click
“submit header for analysis.”