Perform an online traceroute with the mtr
command line tool. MTR is an advanced traceroute
tool that uses multiple ICMP pings to test the connectivity to each hop across the Internet.
Valid Input: example.com 8.8.8.8 2001:4860:4860::8888
IPv4 IPv6
What is Traceroute?
Traceroute is a network testing term that is used to examine the hops that communication will follow across an IP network. It also is commonly referred to by the name of the tools used to perform the trace; typically traceroute on Linux based systems and tracert
on Windows operating systems. There are also variations on these such as tcptraceroute. The tools all perform a similar function but have different capabilities or methods for performing the trace.
Why would I run a Traceroute?
A popular reason one might perform a traceroute
is for simple curiosity. It is a great way to see the path your network connection is taking as it traverses the globe. However, the most common reason is its use by networking and computer professionals to diagnose problems in a network path. As the traceroute
can pin point routers with high response times, possibly indicating network congestion or other network issues.
What techniques are used to measure the IP Path?
Packets are sent across the network and something called a TTL (time to live) is measured, as the packets reach hops (router) in the network the TTL is incremented. The packets are usually ICMP or UDP packets; another version uses the TCP protocol. One advantage of using the different protocols is on some networks a router or firewall may block the packets, thereby giving you an incomplete path across the network. By using different protocols you may be able to get past some of the systems that are blocking the other types of packets. TCP Traceroute is popular as it can be used to trace a path to a TCP service that has to have an open port for that service to be operational. For example a web server on port 80
or a mail server on port 25
.
A key feature of the mtr
tool is its ability to test the network path of both IPv4 and IPv6 addresses. The tool automatically detects the targets IP protocol and will perform the trace. Of course the source host must have a working IPv6 address in place for this to be successful.
Map Traceroute with GeoIP Location
We have an online Traceroute tool hosted at traceroute-online.com where we attempt to map the network path around the Internet. This mapping is performed by looking up each responding router's IP address against GeoIP based services. These services are not always reliable; therefore always take the mapping data with a grain of salt and beware of strange results that bounce back and forth.
Host Name / IP Address
Responding hops are resolved in DNS, if the have a PTR record this is included in the table, those with no record will show the IP Address.
Packet Loss and Response Times
The key information that is gained from traceroute
is the Packet Loss and Response Times. The packet loss can show not only if packets are being dropped but also the network hop where the packet loss is occurring. The response time shows the latency to each hop, that can identify not only issues but also rough geographic distances between hops.
API access to MTR Traceroute
All of our IP Tools have an easy to use API that allows access to remote Traceroute by requesting a URL and receiving the results back in a simple plain text output. Access the API using curl
a browser or your scripting language of choice.
Traceroute API - Simple Text Response
curl "https://api.hackertarget.com/mtr/?q=8.8.8.8&apikey=**apikeyrequired**"
Traceroute API - JSON response
curl "https://api.hackertarget.com/mtr/?q=8.8.8.8&apikey=**apikeyrequired**&output=json" | jq
{
"report": {
"mtr": {
"src": "apitools4",
"dst": "8.8.8.8",
"tos": 0,
"tests": 2,
"psize": "64",
"bitpattern": "0x00"
},
"hubs": [
{
"count": 1,
"host": "10.204.3.49",
"Snt": 2,
"Last": 0.484,
"Avg": 0.434,
"Best": 0.385,
"Wrst": 0.484,
"StDev": 0.07,
"Loss": 0.0,
"asn": "",
"asn_r": "",
"asn_n": "",
"country": "",
"country_code": "",
"city": "",
"state": "",
"lat": "",
"lon": ""
},
{
"count": 9,
"host": "dns.google (8.8.8.8)",
"Snt": 2,
"Last": 0.822,
"Avg": 0.766,
"Best": 0.711,
"Wrst": 0.822,
"StDev": 0.078,
"Loss": 0.0,
"asn": "15169",
"asn_r": "8.8.8.0/24",
"asn_n": "GOOGLE, US",
"country": "United States",
"country_code": "US",
"city": "",
"state": "",
"lat": "37.751",
"lon": "-97.822"
}
]
}
}
In the example above you will notice the JSON
includes additional meta data with Geolocation and ASN information also included.
The API aims to be a quick reference tool; access to this API endpoint requires a membership and valid API key. Usage is calculated daily and depends on the level of Membership.
Vulnerability Scans and Network Intelligence
Use CasesEnumerate and Discover
Know the Network
28 vulnerability scanners and network tools
Membership