Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1031
  • Last Modified:

Tracing an IP Address

Hi  I have a few IP addresses from the Philippines.  I have traced them using ip-address.com.  

202.69.178.197    This shows as Davo City

202.69.188.253    This also shows as Davo City

Can I be sure that this is where the Email was sent from?   Is there any possibility that a wireless network or other issues would cause this location to be wrong based on the IP address?

Thanks

0
service07
Asked:
service07
  • 2
1 Solution
 
johnny_the_knifeCommented:
You can be pretty sure the IP address of the sending mail server in the headers of your email is correct.  Whether the owner of that IP address / Server actually instigated the transmission of the emails is a different matter.

It's possible the mail server is operating in an Open Relay configuration or some software vulnerability, virus etc has been used to send the mail.
0
 
service07Author Commented:
Johnny....are you saying that I can be pretty sure that the IP addresses I listed above are a correct match to Davo City?  I am confident the sender of the Emails did not try to fake the IP address.   The sender of the Emails was NOT supposed to be in that area of the country.  So I want to be fairly sure that the IP address in the Email matches correctly to the Davo City before I begin to ask questions

Please reply back so I can give you your points

Thanks
0
 
RTh0037Commented:

The IP address info is correct based upon the IP address provided.  As you mentioned, this is in fact provided the IP address was not spoofed or the email was not relayed off another mail server.

IP Info on 202.69.178.197.


address location & IP address info:
IP address [?]: 202.69.178.197
IP address country:  Philippines  
IP address state: Davao City
IP address city: Pampanga
IP address latitude: 7.110000
IP address longitude: 125.648903
ISP of this IP [?]: ComClark Network & Technology Corp.
Organization: Comclark Digitel RAS
Local Time of this IP country: 2008-06-20 13:18



inetnum:      202.69.178.0 - 202.69.178.255
netname:      COMCLARK-DIGITEL-RAS
descr:        Comclark Digitel RAS
country:      PH
admin-c:      MM651-AP
admin-c:      PV32-AP
tech-c:       MM651-AP
tech-c:       PV32-AP
status:       ASSIGNED NON-PORTABLE
mnt-by:       MAINT-PH-COMCLARK
changed:      apnic@comclark.com 20060503
changed:      mcmagat@comclark.com 20060503
source:       APNIC

person:       Michael Magat
nic-hdl:      MM651-AP
e-mail:       mcmagat@comclark.com
address:      Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
phone:        +63-45-599-3777
fax-no:       +63-45-599-3777
country:      PH
changed:      mcmagat@comclark.com 20060425
mnt-by:       MAINT-NEW
source:       APNIC

person:       Philip Michael Vargas
nic-hdl:      PV32-AP
e-mail:       apnic@comclark.com
address:      Comclark Bldg. Pres. M.A. Roxas Hi-way, CSEZ Clarkfield, Pampanga
phone:        +63-45-599-3777
fax-no:       +63-45-599-3777
country:      PH
changed:      apnic@comclark.com 20060123
mnt-by:       MAINT-NEW
source:       APNIC
0
 
RTh0037Commented:
Not sure why points are not divided since he provided very little information
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now