# 8. Email Footprinting

{% embed url="<https://youtu.be/Im7NE4qPosk>" %}
Email Footprinting
{% endembed %}

## 1. Gather Information about a Target by Tracing Emails using eMailTrackerPro

Windows tool to analyze headers also provide other options like when email was opened by recipient.

{% embed url="<https://emailtracker.website/pro>" %}

1. To trace email headers, click the **My Trace Reports** icon from the **View** section. (here, you will see the output report of the traced email header).
2. Click the **Trace Headers** icon from the **New Email Trace** section to start the trace.

   ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168795/screens/bl0xi20v.jpg)
3. A pop-up window will appear; select **Trace an email I have received**. Copy the email header from the suspicious email you wish to trace and paste it in the **Email headers**: field under **Enter Details** section.

   ![Screenshot](https://labondemand.blob.core.windows.net/content/lab168795/screens/aho4lfnd.jpg)
4. For finding email headers, open any web browser and log in to any email account of your choice; from the email inbox, open the message you would like to view headers for.

   > In **Gmail**, find the email header by following the steps:
   >
   > * Open an email; click the dots (**More**) icon arrow next to the **Reply** icon at the top-right corner of the message pane.
   > * Select **Show original** from the list.
   > * The **Original Message** window appears in a new browser tab with all the details about the email, including the email header

   ![st10.jpg](https://labondemand.blob.core.windows.net/content/lab168795/instructions255472/st10.jpg)

   > In **Outlook**, find the email header by following the steps:
   >
   > * Double-click the email to open it in a new window
   > * Click the **… (More actions)** icon present at the right of the message-pane to open message options
   > * From the options, click **View**
   > * The **view message source** window appears with all the details about the email, including the email header

   ![mail2.jpg](https://labondemand.blob.core.windows.net/content/lab168795/instructions255472/mail2.jpg)
5. Copy the entire email header text and paste it into the **Email headers**: field of eMailTrackerPro, and click **Trace**.

   > Here, we are analyzing the email header from gmail account. However, you can also analyze the email header from outlook account.

   ![mail3.jpg](https://labondemand.blob.core.windows.net/content/lab168795/instructions255472/mail3.jpg)
6. The **My Trace Reports** window opens.
7. The email location will be traced in a **Map** (world map GUI). You can also view the summary by selecting **Email Summary** on the right-hand side of the window. The **Table** section right below the Map shows the entire hop in the route, with the **IP** and suspected locations for each hop.

   ![13.jpg](https://labondemand.blob.core.windows.net/content/lab168795/instructions255472/13.jpg)
8. To examine the Network Whois data, click the **Network Whois** button below **Email Summary** to view the Network Whois data.

   ![st14.jpg](https://labondemand.blob.core.windows.net/content/lab168795/instructions255472/st14.jpg)

## <mark style="color:red;">Track an email or a message.</mark>

{% embed url="<https://grabify.link/>" %}

Whenever someone clicks the link, we get the data about the target.

## <mark style="color:red;">Track your email and know when it gets opened</mark>

{% embed url="<https://mailtrack.io/en/>" %}

## **Other Email Tracking tools**

{% embed url="<https://github.com/m4ll0k/Infoga>" %}

{% embed url="<https://mxtoolbox.com/>" %}

{% embed url="<https://socialcatfish.com/>" %}

{% embed url="<https://www.ip2location.com/>" %}

### Best CEH Practical Course

{% embed url="<https://www.udemy.com/course/ethical-hacker-practical/?referralCode=289CF01CF51246BCAD6C>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ceh-practical.cavementech.com/module-2.-footprinting-and-reconnaissance/8.-email-footprinting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.