more info on source IP (google-registered)

Post your questions about tracing the source IP address of an email here.
Locked
grim_gr
New Member
Posts: 1
Joined: Wed Feb 25, 2015 12:17 am

more info on source IP (google-registered)

Post by grim_gr » Wed Feb 25, 2015 12:24 am

Hello to all!

Can I retrieve any more info regarding this header? Tracerouting to mail-wi0-f193.google.com [209.85.212.193] is taking me up to 216.239.51.151
Is there a way to locate the server of the first hop of the sender email address?

Thank you!

Return-Path: <almicrew.safety@gmail.com>
Received: from mail-wi0-f193.google.com (mail-wi0-f193.google.com [209.85.212.193]) by mail.almitankers.gr (8.14.4/8.14.4) with ESMTP id t1P2snen025747; Wed, 25 Feb 2015 04:54:49 +0200
Received: by mail-wi0-f193.google.com with SMTP id r20so625741wiv.0; Tue, 24 Feb 2015 18:54:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=P1ZKw9h0aXB7h8uAdJAVrm5a9+9X1RC4u5X00I8GgEs=; b=XCantUExcGey4IKQoeX1QKjhwu0okcLpp0O8IfYxCFxbHqRWO4P5JsI+fsXEhOYx3o w6JoZ+x4NocG2k6hmPpdpqV5HqOY4V5HESrh4rypFzK4MVKLqdeMm5XSHHkhZTY8uMbI 3JpYS3Emv5cgziQWDMT+05GPe8y8xPv3BAnYvvvsSkps9tqyETO0jKqmIxq9XGdvG453 ugjzqxpHrV8pAHU74GevMtSy69oaXJYb1rTiImz2gUAmZvNgNGsOEhUJK7qMBOdH6ypt 157wyvtwrnS97gU3Ym8k5nZ5E4UIMqMk6cu2139Se4LGV6teR4vNcn0pZbq38JNaz5jS 7xeA==
MIME-Version: 1.0
X-Received: by 10.180.19.228 with SMTP id i4mr2283341wie.13.1424832889141; Tue, 24 Feb 2015 18:54:49 -0800 (PST)
Received: by 10.28.52.66 with HTTP; Tue, 24 Feb 2015 18:54:49 -0800 (PST)
Date: Wed, 25 Feb 2015 10:54:49 +0800
Message-ID: <CAFJ1r1d5xEzka71u7JsygTOEoVYUXeDpDpNrT2MFew1JCn5AvA@mail.gmail.com>
Subject: make an investigation to know the real status on your ships
From: almi crew <almicrew.safety@gmail.com>
To: almi@almitankers.gr, crew@almitankers.gr, dpa@almitankers.gr
Content-Type: multipart/alternative; boundary=bcaec53d550738bfd8050fe0c2a6
X-WatchGuard-Spam-ID: str=0001.0A0B0204.54ED397A.002A,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
X-WatchGuard-Spam-Score: 0, clean; 0, no virus
X-WatchGuard-Mail-Client-IP: 209.85.212.193
X-WatchGuard-Mail-From: almicrew.safety@gmail.com.
X-WatchGuard-Mail-Recipients: dpa@almitankers.gr;crew@almitankers.gr;almi@almitankers.gr
X-EsetId: A8A4183F1D164CA1FCE241

TO:almi@almitankers.gr, crew@almitankers.gr, dpa@almitankers.gr

User avatar
Chrispcritters
Forum Administrator
Posts: 2464
Joined: Tue Mar 02, 2010 5:41 pm
Location: 127.0.0.1 | ::1
Contact:

Re: more info on source IP (google-registered)

Post by Chrispcritters » Wed Feb 25, 2015 7:03 am

Emails from Google no longer include the source IP address in the headers.
Founder & CEO of WhatIsMyIPAddress.com.
You can follow me on Twitter and Facebook for some behind the scenes info.

Voodoo
Active Member
Posts: 572
Joined: Fri Mar 11, 2011 10:17 am

Re: more info on source IP (google-registered)

Post by Voodoo » Wed Feb 25, 2015 9:51 am

Well, it's a bit tricky...and I hope you may follow my description:
1) look at the line
Received: from mail-wi0-f193.google.com (mail-wi0-f193.google.com [209.85.212.193]) by mail.almitankers.gr (8.14.4/8.14.4) with ESMTP id t1P2snen025747; Wed, 25 Feb 2015 04:54:49 +0200
you see mail.almitankers.gr
2) start on another browser tab: http://mxtoolbox.com/
3) insert the domain name mail.almitankers.gr and press ENTER or hit the BUTTON MX Lookup
4) you may see something like this
No Records Exist....
5) click the blue entry dns lookup
6) there you go:
Type Domain Name IP Address TTL
A mail.almigas.gr 194.30.250.109 30 min
==> Sender IP is 194.30.250.109 from gr for Greece

Locked

Who is online

Users browsing this forum: No registered users and 4 guests