How to find out the user's location, knowing only his email address

    The article describes a very simple and banal method that allows you to determine the IP address of the message recipient. As we all know, having an IP address will not be difficult to calculate the person hidden behind him, especially if you are an employee of the Ministry of Truth.

    The article will not reveal anything new for people who are familiar with the principle of work HTML, HTTPand email clients, but may show how this can be used from a different point of view. For “simple” users of software, mobile devices and e-mail, an article can show how important it is to maintain Internet hygiene and protect your personal data (which includes an email address) on the Internet.


    Everyone knows that in the modern world you can send a letter with a heading Content-Type: text/html;, which allows you to give the letter a “correct” appearance, to connect styles and pictures. Styles and pictures can be either nested or referring to external resources. If the sent message passes by the “spam” filter, the attached files will be downloaded automatically when the message is opened.

    Moreover, many email clients on PC, Mac and mobile devices load attachments in advance, that is, at the time of receipt of the letter and before it is actually opened and read by the user, for example, when connecting to Wi-Fi or 3G (depending on the email client and its settings).

    The fact is that when accessing the attached file, an HTTP request is made to the server where the file is physically located. With an incoming call, both hosts exchange information about themselves, including IP addresses, respectively - the mail client, after applying for a ccs-file or graphic image attached to the letter, instantly transmits the IP address of the message recipient.

    What to do with the received IP address

    For the Habrazhitel, this issue is not relevant, but nevertheless I will explain. Having an IP address it can be transferred to the Ministry of Truth, there they will figure it out themselves.

    Additionally, you can use the search by IP-addresses (whois) and find out who it belongs to, rarely, but it may turn out that the IP address we are looking for has been issued to an individual. Further, as with the domain - all appearances (name, address and other data) are indicated in the whois information. If the IP address belongs to the Internet provider (including the mobile operator), behind which our recipient of the letter is hidden, you can contact the operator directly or through the Ministry of Internal Affairs (in case of assistance in any investigation or its conduct).
    When accessing the Internet service provider, in addition to the IP address and the reason for the call, you must specify the exact time when this IP address was associated with the user.

    Having an IP address through whois you can always find out the city, and often the administrative district in which the recipient is located.

    How to draw up a letter and where to send it from

    To compose a letter, take any text that will look like “spam” for the recipient of the letter so that he does not pay attention to it. But at the same time, you should not take the text from the “spam” letters sent to your mail, and even more so into the “spam” folder to minimize the chances of the letter we sent to the field of view of the “spam” filter on the recipient's side.

    To send a letter, use any service that provides the ability to anonymously send letters. At the same time, I recommend accessing the Internet using various anonymizers, VPN, Tor and a browser inporn private mode (without saving cookies, localStorage, etc.), and with public Wi-Fi (in a cap, glasses and dark inconspicuous clothes)

    What is needed to save the REMOTE_ADDR header

    You need access to a publicly accessible server or hosting. It is advisable with an unnecessary IP address or domain name, which is not a pity to change or which does not apply to you in any way. You can use dynamic DNS, which will temporarily redirect all requests from a temporary IP address to your host.

    On the server, we have a certain route (route), which upon incoming HTTP request saves all the headers to a file or database, or somewhere else at your discretion. In the letter, I recommend inserting links to two files. One file in the header of the letter is a css file, the other on a graphic image in the body of the letter (in view of the different work of email clients).

    To reduce suspiciousness, we return real files with the correct headers andContent-Typecorresponding requested files (some mail clients and their browser versions check attached files for compliance).

    When sending letters to multiple addresses, you can attach a GETparameter to identify each recipient.

    When does it not work?

    • If the recipient of the letter uses any anonymizer, VPN or Tor;
    • Most browser versions of email clients cache attachments on their side - in this case, you will receive the IP address of the email service;
    • When a letter gets into spam.

    When does it work

    In 70% of cases, when the recipient uses the email client on a mobile device, the benefit is that the number of users of smartphones and mobile Internet is growing.

    Thanks. Observe Internet hygiene and trim your personal data.

    Also popular now: