Does nslookup show hacker's location?

Discussion in 'Linux Networking' started by no.top.post, Sep 29, 2012.

  1. no.top.post

    no.top.post Guest

    I've got some false <email warnings from my bank> that I should <klik>
    http://capeziodance.com.ve/contacto/use/web/form1.html
    http://capeziodance.com.ve/contacto/use/file/form1.html

    And `nslookup capeziodance.com.ve` ==
    Formatting page, please wait...
    [email protected]:~# nslookup capeziodance.com.ve
    Server: 41.160.0.36
    Address: 41.160.0.36#53

    Non-authoritative answer:
    Name: capeziodance.com.ve
    Address: 63.246.145.80
    -------------------

    Does '63.246' indicate the country?

    Part of the mail header looks like:----
    To: undisclosed-recipients:;
    From:
    Subject: FINAL WARNING
    Reply-To:
    Organization: Your Email Account Will Be Terminated
    Message-ID: <>
    Date: Sat, 29 Sep 2012 10:42:13 +0200
    X-Mailer: Kerio Connect 7.4.2 WebMail
    X-User-Agent: Opera/9.80 (Windows NT 5.1; U; Edition Next; en) Presto/2.8.131
     
    no.top.post, Sep 29, 2012
    #1
    1. Advertisements

  2. no.top.post

    Bit Twister Guest

    Not always. If you want country, try

    whois capeziodance.com.ve

    That assumes you have whois installed.
     
    Bit Twister, Sep 29, 2012
    #2
    1. Advertisements

  3. no.top.post

    unruh Guest

    ..ve is the country.

    And "whois" will give you information about the web address and who owns
    it.
    But phishing operators make use of machines around the world which have
    been hijacked. Ie, there is no reason to expect that the cracker is at
    any of the addresses listed. You could let them know that their machines
    hae been hijacked if you wished.

    That is not the full header. Try Looking at the ReceivedFrom lines.
     
    unruh, Sep 29, 2012
    #3
  4. news.admin.net-abuse.email
     
    Allodoxaphobia, Sep 30, 2012
    #4
  5. no.top.post

    no.top.post Guest

    Thanks; it gives a big story about Venezuella.
    But can you belive any thing?

    My ISP2's pop & smtp and my ISP1's smtp failed
    about 2 months ago. As if MicroSoft had made a
    new change, which my old software doesn't satisfy.

    Or is there something bad with email GLOBALLY
    recently? Since the phone enquiries don't reply,
    as if they're attenting to a crisis on their server.
     
    no.top.post, Sep 30, 2012
    #5
  6. no.top.post

    Bit Twister Guest

     
    Bit Twister, Sep 30, 2012
    #6
  7. no.top.post

    Rick Jones Guest

    Well, it is the two character country code used for the domain in DNS.
    However, it would be up to the folks running com.ve (or just .ve) as
    to whether or not all names registered therein must actually reside in
    that country. For example, I suspect that by far most of the names
    registered in ".tv" are not for systems actually residing in Tuvalu.
    Agreed.

    rick jones
     
    Rick Jones, Oct 2, 2012
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.