Solved

I received an e-mail from 192.244.203.83?

Posted on 2012-04-09
7
3,058 Views
Last Modified: 2012-04-09
I received an e-mail in Outlook Inbox from USPS Service <status_item@usps.com> with the attachment Label_Parcel_USPS_13-114.zip

However, the ip address in the e-mail message header is 192.244.203.83

How can I find out "who is" or "what is" using 192.244.203.83 on our network?

Thanks for your help.
0
Comment
Question by:LessonsLearned
7 Comments
 

Author Comment

by:LessonsLearned
ID: 37825184
The header information is:

Received: from outlet-web.jp (192.244.203.83) by SD1.sd.local (192.168.1.253)
 with Microsoft SMTP Server id 14.1.218.12; Mon, 9 Apr 2012 12:39:03 -0700
Received: by outlet-web.jp (Postfix, from userid 2)      id DE98084436D; Tue, 10
 Apr 2012 04:38:17 +0900 (JST)
To: <jim@mmpph.com>
Subject: Postal notification
From: USPS Service <status_item@usps.com>
X-Mailer: mPOPWeb-Mail2.19
Reply-To: USPS Service <status_item@usps.com>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------13340002974F833AA9C4324"
Message-ID: <20120409193817.DE98084436D@outlet-web.jp>
Date: Tue, 10 Apr 2012 04:38:17 +0900
Return-Path: daemon@outlet-web.jp
X-MS-Exchange-Organization-AuthSource: SD1.sd.local
X-MS-Exchange-Organization-AuthAs: Anonymous
0
 
LVL 26

Accepted Solution

by:
pony10us earned 300 total points
ID: 37825194
0
 

Author Comment

by:LessonsLearned
ID: 37825200
Network Solutions Whois states 192.244.203.83 equates to outlet-web.jp

Domain Information:
[Domain Name]                   OUTLET-WEB.JP

[Registrant]                    STB,Inc.

[Name Server]                   01.dnsv.jp
[Name Server]                   02.dnsv.jp
[Signing Key]                  

[Created on]                    2007/06/04
[Expires on]                    2012/06/30
[Status]                        Active
[Last Updated]                  2011/07/01 01:05:05 (JST)

Contact Information:
[Name]                          STB,Inc.
[Email]                         kobayashi@stb-libman.jp
[Web Page]                      
[Postal code]                   441-8113
[Postal Address]                Toyohashi-shi
                                333 Nishimiyuki-cho Aza Hamaike
                                Sience Core 109
[Phone]                         0532-38-6595
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 3

Assisted Solution

by:tobyweston
tobyweston earned 100 total points
ID: 37825202
This is not an internal IP, it will be coming externally from one of the many spam bots around the world.

Doing an IP lookup will show you roughly where.
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 100 total points
ID: 37825205
The first "Received:" line tells you who it came from.  It is just spam.  They faked all the other email addresses.
0
 

Author Closing Comment

by:LessonsLearned
ID: 37825227
Thank you very much.  When I pinged 192.244.203.83, I got 4 replies.  I thought that because the IP address began with 192, that it was a computer or device located in my office, but "tobyweston" said it was not an internal IP.
0
 
LVL 26

Expert Comment

by:pony10us
ID: 37825271
tobyweston is correct.  Here are the private IP address ranges:

IANA-reserved private IPv4 network ranges Start End No. of addresses
24-bit block (/8 prefix, 1 × A) 10.0.0.0 10.255.255.255 16777216
20-bit block (/12 prefix, 16 × B) 172.16.0.0 172.31.255.255 1048576
16-bit block (/16 prefix, 256 × C) 192.168.0.0 192.168.255.255 65536
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
Resolve DNS query failed errors for Exchange
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now