top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

How To Extract Cyber Data: IP Address, Bitcoin Address.

> Extract IP Data From Email Source: Email Service Provider IP Address typically repeats as noted.

   a. AOL : For received email on PC (not available on iPad), Click on "Action" then "View Message Source". Select All, Copy and Store to separate file or Word document. Items of Particular interest:

        Return-Path: <sender email address>; 

        Received: from ... [sender's Email Service Provider IP Address]

        ...

        X-Originating-IP: sender's Email Service Provider IP Address

        ...

   b. gmail: For received email on PC (not available on iPad), to right of sender, Click on "More" then "Show original". Select All, Copy and Store to separate file or Word document. Items of Particular interest:

      Delivered-To: receiver email address

      ...

      Return-Path: <sender email address>

      Received: from ... [sender's Email Service Provider IP Address])

      ...

      Received-SPF: pass ... sender email address ... designates sender's Email Service Provider IP Address ...

      ...

      X-Originating-IP: [sender's Email Service Provider IP Address]

      ...

   c. yahoo: For received email on PC (not available on iPad), to right of sender, Click on "More" then "View Raw Message". Select All, Copy and Store to separate file or Word document. Items of Particular interest:

       X-Apparently-To: receiver email address ...

       Return-Path: <sender email address>

       Received-SPF: ... sender's Email Service Provider IP Address ...

      ...

      X-Originating-IP: [sender's Email Service Provider IP Address]

      ...

> Extract IP Address From Bitcoin/Altcoin Exchange History: This IP Address is for the ISP that serves the accessing computer. It is not necessarily the same IP Address as the Email server.

   a. Coinbase: Log in, click on "Settings" at bottom of left column, then click on "Security" in top row. Scroll down to Active Sessions that includes three groups of data: Web Sessions (WS), Confirmed Devices (CD), Account Activity (AA). Look for Date and Time of interest, and record WS (Browser, IP Address), CD (Browser, IP Address, Near) and AA (Action, IP Address, Source, Location).

   b. Bitstamp: Log in, Click on "Account" in top row, then on "History" in left column. Three columns of History are included: Date and Time, IP Address, Action. Look for Date and Time for event of interest, and record IP Address and Action. To get a record of all History, click on "Download".

   c. Poloniex: Log in and there are three History's of interest. Under Settings "Login History," under Orders "My Trade History & Analysis," and under Balances "History." Look for Date and Time for event of interest under each. Record IP Address under Login History, seven data items under ... Analysis, and Address and Txid under Deposit History and Withdrawal History.

> Extract Bitcoin Address On Public Blockchain (And Follow The Bitcoin Money)

   a. Hacked Wallet Example: https://blockchain.info/address/3AtK2vX5TTNUEiGz4ga1eCe9k9sFCL9k84

   b. Hacker Wallet Example: https://blockchain.info/address/1HJNVFzSf8cWmq8SSQSp8V8F6evGAQ6Dh6

   c. Suspicious Wallet Example: https://blockchain.info/address/1HNHbYRZAZBpQW3agJt1jNeZSeWPagcTUv

   d. Big Suspicious: https://blockchain.info/address/13zCkHeBxuuPtzpUmb4Pe446Eymsf15Srd

bottom of page