Unfortunately there is no certain way of finding out the location of a machine, but here are some things you can try:
First and simplest, the machine's name can be found out using nslookup:
| | | $ nslookup 64.12.101.166
Server: ns.kolumbus.fi
Address: 193.229.0.40
Name: spider-mtc-ti041.proxy.aol.com
Address: 64.12.101.166 |
So we know it's one of AOL's proxies or maybe a webspider.
You can find out who owns the IP block of the address using whois:
| | | $ whois 64.12.101.166
OrgName: America Online, Inc.
OrgID: AMERIC-158
NetRange: 64.12.0.0 - 64.12.255.255
CIDR: 64.12.0.0/16
NetName: AOL-MTC
NetHandle: NET-64-12-0-0-1
Parent: NET-64-0-0-0-0
NetType: Direct Assignment
NameServer: DNS-01.NS.AOL.COM
NameServer: DNS-02.NS.AOL.COM
Comment:
RegDate: 1999-12-13
Updated: 1999-12-16
TechHandle: AOL-NOC-ARIN
TechName: America Online, Inc.
TechPhone: +1-703-265-4670
TechEmail: domains@aol.net...
# ARIN Whois database, last updated 2002-12-23 20:00
# Enter ? for additional hints on searching ARIN's Whois database. |
Each whois database entry must have an administrative contact entry, from where you might deduce the location of the domain's administrators but that might not be where the actual machine is located. You can also try traceroute and try to deduce geographic information based on the route, figuring out where the machines on the way are located. It helps if you can try from several locations, using different ISPs.
Many ISPs also give their machines names based on location, but this seems not to be the case here. If you're serious about tracking someone down, anti-spammer webpages might help you. If you're actually hunting a spammer, asking the anti-spammers directly (eg. on news.admin.net-abuse.email) might do the trick. |
