This utility can be very useful for finding the origin of unsolicited mail. You can simply copy the message headers from your email software and paste them into IPNetInfo utility. IPNetInfo automatically extracts all IP addresses from the message headers, and displays the information about these IP addresses.
Using IPNetInfo
IPNetInfo is standalone program, so it doesn't require any installation process or additional DLLs. In order to start using it, simply copy the executable file (ipnetinfo.exe) to any folder you like, and run it.
When you run IPNetInfo, the "Choose IP Addresses" window appears. You have to type one or more IP addresses separated by comma, space, or CRLF characters. If you want to find the origin of email message that you received, copy the entire message header to the clipboard, and then click the "Paste" button.
You can also use the following advanced options:
- Resolve IP addresses: If you select this option, all IP addresses are converted back to the host name. The resolved host name is displayed in 'Resolved Name' column.
- Convert host names to IP addresses: If you select this option, all host names that you type will be converted to IP addresses. You can use this option if you want to know who owns the IP address of specific Web site (For example: If you type 'www.yahoo.com', you'll get the information about the IP address of Yahoo Web site)
- You should not select this option for message headers.
- Load only the last IP address: In most email messages, the last IP address in the message headers is the address of the computer that sent the message. So if you select this option for message headers, you'll get the desired IP address in most cases (but not in all of them !). However, for finding the origin of unsolicited mail, it's not recommended to use this option, because many spammers add fake headers and IP addresses in order to deceive the user who tries to trace them. When you try to trace the origin of unsolicited mail, you should examine all IP addresses that appears in the message headers.
After the data is retrieved, the upper pane displays a nice summary of all IP addresses that you requested, including the owner name, country, network name, IP addresses range, contact information, and more. You can view this summary in your browser as HTML report, copy it to the clipboard, or save it as text/HTML/XML file.
When you click a particular item in the upper pane, the lower pane displays the original WHOIS record. You can copy the original WHOIS records to the clipboard, or save them to text file by using "Save Whois Records" option.
Notice: The IP addresses summary in the upper pane displays only partial information, If you want to contact the owner of IP address for reporting about spam/abuse problems, you should also look at the full Whois record in the lower pane.
Author's website: http://www.nirsoft.net/utils/ipnetinfo.html
Download link: http://www.nirsoft.net/utils/ipnetinfo_setup.exe
Download size: 115.43 KB
No comments:
Post a Comment