I received an anonymous e-mail message that contained an attachment that no one should have seen but a small group of people. The e-mail was addressed to me directly and came from a generic g-mail account.
When I first started parsing the message headers, I noticed that the time zones indicated that the first couple of hops happened in the Pacific Standard Time zone and then one or two hops in the Mountain Standard Time zone, followed by several hops in the Eastern Standard Time zone.
I used Geobytes to locate the original IP address and it said that it was just outside of Los Angeles.
The problem is that the DNS entry would seem to indicate that original IP address came from Floriday. (for example: 2933-334.hsd1.fl.bombastic.net, where the "fl" indicates florida")
So, how do I find out where the real original IP address is located? I know the IP Address, but is it Florida or California?
If I normally connect to the internet in florida, send mail from my laptop in florida, etc., and then I take my laptop to the east coast, how does that affect the timezone listing in my e-mail headers?
Any advice or inmput would be greatly appreciated.
Could I be