Does nslookup show hacker's location?

Discussion in 'Linux Networking' started by, Sep 29, 2012.

  1. Guest

    I've got some false <email warnings from my bank> that I should <klik>

    And `nslookup` ==
    Formatting page, please wait...
    [email protected]:~# nslookup

    Non-authoritative answer:

    Does '63.246' indicate the country?

    Part of the mail header looks like:----
    To: undisclosed-recipients:;
    Subject: FINAL WARNING
    Organization: Your Email Account Will Be Terminated
    Message-ID: <>
    Date: Sat, 29 Sep 2012 10:42:13 +0200
    X-Mailer: Kerio Connect 7.4.2 WebMail
    X-User-Agent: Opera/9.80 (Windows NT 5.1; U; Edition Next; en) Presto/2.8.131
, Sep 29, 2012
    1. Advertisements


    Bit Twister Guest

    Not always. If you want country, try


    That assumes you have whois installed.
    Bit Twister, Sep 29, 2012
    1. Advertisements


    unruh Guest is the country.

    And "whois" will give you information about the web address and who owns
    But phishing operators make use of machines around the world which have
    been hijacked. Ie, there is no reason to expect that the cracker is at
    any of the addresses listed. You could let them know that their machines
    hae been hijacked if you wished.

    That is not the full header. Try Looking at the ReceivedFrom lines.
    unruh, Sep 29, 2012
    Allodoxaphobia, Sep 30, 2012
  5. Guest

    Thanks; it gives a big story about Venezuella.
    But can you belive any thing?

    My ISP2's pop & smtp and my ISP1's smtp failed
    about 2 months ago. As if MicroSoft had made a
    new change, which my old software doesn't satisfy.

    Or is there something bad with email GLOBALLY
    recently? Since the phone enquiries don't reply,
    as if they're attenting to a crisis on their server.
, Sep 30, 2012

    Bit Twister Guest

    Bit Twister, Sep 30, 2012

    Rick Jones Guest

    Well, it is the two character country code used for the domain in DNS.
    However, it would be up to the folks running (or just .ve) as
    to whether or not all names registered therein must actually reside in
    that country. For example, I suspect that by far most of the names
    registered in ".tv" are not for systems actually residing in Tuvalu.

    rick jones
    Rick Jones, Oct 2, 2012
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.