How accurate is tracing IP location from a email header?

Shraddha Singhvi

Newbie
[OP]
Nov 2, 2011
6
0
Hi, I need a little help. I have been speaking to a guy over the internet and he claims to be in Philippines right now. I decided to do a little check myself and with the help of a website I traced his IP location from his email header. It turns out that the IP location is Ludhiana, Punjab. I was wondering if someone could help me out here and tell me how accurate this is? Is it reliable?I will much appreciate all the help here.Thanks :)
 

Shraddha Singhvi

Newbie
[OP]
Nov 2, 2011
6
0
x-store-info:SmXCjkY1Un5L3qlTmewTw2528Vzv4BD3Vwaibh6VsG3caMLztb1eY5yv2Z5QnHtpnzJ20NsZJ9+Bqx6pZ6L86Z+Pq+2DsUezi/TOxIE8SXUyjWTbXmXXqg==

Authentication-Results: hotmail.com; sender-id=pass (sender IP is 65.55.90.205); dkim=neutral header.d=hotmail.com; x-hmca=pass

X-Message-Status: n:0:n

X-SID-PRA: sdasd sadsa

X-SID-Result: Pass

X-AUTH-Result: PASS

X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0xO0Q9MDtHRD0wO1NDTD0w

X-Message-Info: AuEzbeVr9u6ITJ84TuOjIl7cWsXDRdxtNWQ1az1K/5X2SYFkf+G1cqHBf3JvruAcNC0ADJrHeYckjuTbOMSv1kTKbMhPqZTgXL8VAm8HWqUTIJ3sOtbrb0B20YxHwXfSKZh3LHETdyo=

Received: from snt0-omc4-s2.snt0.hotmail.com ([65.55.90.205]) by SNT0-HMMC2-F2.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);

Sun, 30 Oct 2011 04:54:20 -0700

Received: from SNT101-W18 ([65.55.90.200]) by snt0-omc4-s2.snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4675);

Sun, 30 Oct 2011 04:54:20 -0700

Message-ID:

Return-Path:

Content-Type: multipart/alternative;

boundary="_94decaf0-6231-48e3-b822-857b004dedb8_"

X-Originating-IP: [59.94.210.99]

From: sdasd sadsa

To:

Subject: RE: there u go..

Date: Sun, 30 Oct 2011 08:54:20 -0300

Importance: Normal

In-Reply-To:

References:

MIME-Version: 1.0

X-OriginalArrivalTime: 30 Oct 2011 11:54:20.0517 (UTC) FILETIME=[A8D12150:01CC96FA]



--_94decaf0-6231-48e3-b822-857b004dedb8_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable







> From:

> To:

> Date: Sun=2C 30 Oct 2011 11:49:00 +0000

> Subject: Re: there u go..

>=20

> Sent from everywhere!

>=20

> -----Original Message-----

> From: sdasd sadsa

> Date: Sun=2C 30 Oct 2011 09:57:06=20

> To:

> Subject: there u go..

>=20

=



--_94decaf0-6231-48e3-b822-857b004dedb8_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable













i got ur emaill.. but u dont seem to be getting my msgs.. i cant believe th=

is is happening to me again&nbsp=3B&gt=3B From: shraddhu_1=

6@hotmail.com&gt=3B To: jameshavingfun@hotmail.com&gt=3B Date: Sun=

=2C 30 Oct 2011 11:49:00 +0000&gt=3B Subject: Re: there u go..&gt=

=3B &gt=3B Sent from everywhere!&gt=3B &gt=3B -----Original Mes=

sage-----&gt=3B From: sdasd sadsa &lt=3Bjameshavingfun@hotmail.com&gt=

=3B&gt=3B Date: Sun=2C 30 Oct 2011 09:57:06 &gt=3B To: &lt=3Bshradd=

hu@hotmail.com&gt=3B&gt=3B Subject: there u go..&gt=3B


=



--_94decaf0-6231-48e3-b822-857b004dedb8_--
 


Shraddha Singhvi

Newbie
[OP]
Nov 2, 2011
6
0
the post need to be approved by a moderator, it wont be viewable unless that is done. I have posted the header, do you know how long this can take?

----------

*needs
 

Sushubh

Administrator
Oct 29, 2004
418,242
13,006
Gurugram
i thought services like gmail would not even show the real IP address of the sender just because the entire process is done online in a web browser.
 

amish

Star gazer
Regulars
Jul 3, 2006
24,710
1,070
Mumbai
X-Originating-IP: [59.94.210.99]If you have posted correct headers.. that is the originating IP.Based on whois, it appears to be from banglore
 


Shraddha Singhvi

Newbie
[OP]
Nov 2, 2011
6
0
It is a hotmail header. Gmail doesn't share the senders id, you are right. Any help with this though? How accurate is this? Can I sufficiently conclude that the sender is located in Ludhiana, Punjab?
 

amish

Star gazer
Regulars
Jul 3, 2006
24,710
1,070
Mumbai
Hotmail always add X-Originating-IP... so if u can trust that.. then its bangloreDont know from where u got Ludhiana
 

Shraddha Singhvi

Newbie
[OP]
Nov 2, 2011
6
0
can you tell me where you have traced the location from? i used this site - ip-address.com and it still says the same thing. I am not very thorough with such details, apologies if it sounds newbie-ish!
 

Sushubh

Administrator
Oct 29, 2004
418,242
13,006
Gurugram
you have to face the realities. people can use proxies. people can use VPNs. people can use cyber cafes. people can use a remotely accessed machine. there is no definite way to prove that the sender of an email is from city X. period.