Geolocation & Chronolocation challenge #1: A trip to Cologne
For my first post I decided to write about a geolocation challenge. The challenge was set by Julia Bayer and was part of the quiz time initiative on Twitter, where OSINT experts challenge others to geolocate the exact place and time a photo was taken. This particular challenge can be found here. Although the geolocation challenge is a week old, I believe what’s important is showing the way you can simply geolocate and chronolocate a photo.
The challenge:So the challenge was as shown below:
πWhere was this photo taken?
π When was this photo taken? (timeframe)
Bonus: At what time?
Answering the “where” question:
When trying to geolocate a photo, you should always focus on all unique elements inside it. Unique elements are those that can provide crucial information that cannot be found anywhere but in a very specific place/area. The unique elements for this photo are the posters found on this column, a sign with the logo “Castrol” and some blurred boards containing letters and possibly useful information.
So taking these elements as leads and searching them one-by-one is the easy way to go here. There are more ways to do this, but I always believe that taking the shortest route available to solve a problem is the best option. If you don’t solve your problem, then you can try alternative ways to do so.
Poster 1:
When trying to geolocate a photo, you should always focus on all unique elements inside it. Unique elements are those that can provide crucial information that cannot be found anywhere but in a very specific place/area. The unique elements for this photo are the posters found on this column, a sign with the logo “Castrol” and some blurred boards containing letters and possibly useful information.
So taking these elements as leads and searching them one-by-one is the easy way to go here. There are more ways to do this, but I always believe that taking the shortest route available to solve a problem is the best option. If you don’t solve your problem, then you can try alternative ways to do so.
Poster 1:
Looking at the biggest poster it clearly says “KIRCHE SEHEN”, “EVANGELISCH LEBEN IN KOELN UND REGION” and “kirche-koeln.de”. Just by looking at the the .de domain we know we are somewhere in Germany (otherwise Deutchland). Googling any of the last two of the above visible info will show exactly where this poster is reffering to. I chose to google the second one but you can have the same results by googling the site (which would be more straight-forward).
So googling “evangelisch leben in koeln und region” brings up the following results:
So googling “evangelisch leben in koeln und region” brings up the following results:
Clicking in the second link and google translating the page, we learn that this poster belongs to "Evangelical living in Cologne and the region" (well we pretty much knew it from the description below the second result but its always nice to double-check). So we now know that this photo was probably taken around the city of Cologne in Germany, since it’s the most logical explanation for a religion-related organization to advertise itself in the area it is based.
Poster 2:
Looking at the smaller poster on the column we see that it clearly reads “MAX BECKMANN DAY AND DREAM”. Google searching that brings up the first result to redirect here, showing that Max Beckmann (1884–1950) was a German expressionist artist, who has created a work named “Day and Dream”.
Since we have a clue that our area is probably the Cologne City in Germany and that its most probably an advertisement for an exhibition, we try googling “max beckmann day and dream exhibition cologne” and first result redirects here, showing an exhibition of Max Beckmann in the “Max Ernst Museum Bruhl” which is based in the German city of Bruhl just a little southern from the city of Cologne. The site of the museum even “advertises” the exhibition using the exact same picture in its site as the one shown in the column of our photo!
Poster 2:
Looking at the smaller poster on the column we see that it clearly reads “MAX BECKMANN DAY AND DREAM”. Google searching that brings up the first result to redirect here, showing that Max Beckmann (1884–1950) was a German expressionist artist, who has created a work named “Day and Dream”.
Since we have a clue that our area is probably the Cologne City in Germany and that its most probably an advertisement for an exhibition, we try googling “max beckmann day and dream exhibition cologne” and first result redirects here, showing an exhibition of Max Beckmann in the “Max Ernst Museum Bruhl” which is based in the German city of Bruhl just a little southern from the city of Cologne. The site of the museum even “advertises” the exhibition using the exact same picture in its site as the one shown in the column of our photo!
With that, we are now certain that the photo was taken somewhere between of or around the cities of Cologne or Bruhl in Germany. We also know that the exhibition will start September 27, 2020 (it will later help us in chronolocation).
“Castrol” sign:
Googling “Castrol” we find out that it’s a company describing itself as following: “Castrol provides all the motor oils, fluids and lubricants the world needs, for every driver, every rider and every industry.”. Thinking of where could we possibly find such products to buy in the street two things come to mind: gas stations and car service stations.
We open google maps and search “Cologne, Germany”. While the results are visible we search for the words “gas station”. The map now shows multiple gas stations in the cologne area. Clicking around the many different gas stations coming up in the search, we find none with external appearance close to our picture. We also find none having a Castrol sign next or close to it. We repeat the same process for the city of Bruhl, but we get the same negative outcome. This was just to demonstrate we might not always find what we are searching for immediately but that’s alright. We just need to try a different path.
This time we repeat the same process on google maps but we search for the words “service car station”. We find nothing but a bunch of found results are using the words “garage”, so we switch our search to that. While clicking around, we find no service station matching the external appearance or whereabouts shown in the target photo. But we find a ”garage Rudolf”, having a castrol sign (here). The sign is just like this in our picture. We are looking at the right direction. We just need to be more thorough.
There are many ways a company might be registered in google maps: translating “service car station” to german or finding how the locals are used to call such a service might help us. But we don't need to, because this is where the last lead comes in.
Blurred boards containing letters:
Zooming our photo in the blurred board next to the car station we are looking for, we can see that some letters-words seem to form.
“Castrol” sign:
Googling “Castrol” we find out that it’s a company describing itself as following: “Castrol provides all the motor oils, fluids and lubricants the world needs, for every driver, every rider and every industry.”. Thinking of where could we possibly find such products to buy in the street two things come to mind: gas stations and car service stations.
We open google maps and search “Cologne, Germany”. While the results are visible we search for the words “gas station”. The map now shows multiple gas stations in the cologne area. Clicking around the many different gas stations coming up in the search, we find none with external appearance close to our picture. We also find none having a Castrol sign next or close to it. We repeat the same process for the city of Bruhl, but we get the same negative outcome. This was just to demonstrate we might not always find what we are searching for immediately but that’s alright. We just need to try a different path.
This time we repeat the same process on google maps but we search for the words “service car station”. We find nothing but a bunch of found results are using the words “garage”, so we switch our search to that. While clicking around, we find no service station matching the external appearance or whereabouts shown in the target photo. But we find a ”garage Rudolf”, having a castrol sign (here). The sign is just like this in our picture. We are looking at the right direction. We just need to be more thorough.
There are many ways a company might be registered in google maps: translating “service car station” to german or finding how the locals are used to call such a service might help us. But we don't need to, because this is where the last lead comes in.
Blurred boards containing letters:
Zooming our photo in the blurred board next to the car station we are looking for, we can see that some letters-words seem to form.
In the first two words we can see (although blurred) the description “P Wolff & Ch.”. Repeating the google maps search of “Cologne, Germany” and while the results are visible, we search for these exact words “P Wolff & Ch.”. One of the results is “Peter Wolff” which is a car service station! Clicking this reveals it’s the place we have been looking for to geolocate (here).
Clicking the streets around, we find the exact position the photographer was standing.
P.S. We could manually search around google maps anyway (after zooming in a little bit so that we can see description/details of buildings in map), scanning the area from the most northern part of Cologne to the most southern part of Bruhl, for any service car stations. We would still find what we were looking for without having to use this last lead, but it would require a considerable amount of effort. Remember we said its better using everything to your advantage to decrease the time spent in an investigation. In case you start manually searching for a place, remember to always have in mind the surroundings of this place as shown in the photo. It will save you a lot of time as you can eliminate immediately some areas, where the territory (grass, trees, type of roads etc) or surrounding buildings don’t match your photo.
Answering the “when” (timeframe) question:
When trying to chronolocate a photo in a timeframe, you should always pay attention to anything that can “betray” leads. In this picture, we can look at the following things that will give us leads as to when this photo was taken: the museum poster, the trees, the leaves on the ground and the clothes of two people seen in the picture. Let’s take look at them one by one:
The museum poster:
We have seen that the poster “advertises” an exhibition that according to the museum’s site will open after September 27, 2020. Conducting a search on the Wayback Machine we see that the home page of the museum’s site has been saved three times from August 03, 2020 to November 12, 2020. We look at the archives of the museum on August 03, 2020 and see that the advertisement is there. Since there is an advertisement in the museum’s site, it would make sense that the poster could be there also at that point in time.
The surrounding trees:
Taking a closer look at the trees in the photo we can see the following characteristics:
Clicking the streets around, we find the exact position the photographer was standing.
P.S. We could manually search around google maps anyway (after zooming in a little bit so that we can see description/details of buildings in map), scanning the area from the most northern part of Cologne to the most southern part of Bruhl, for any service car stations. We would still find what we were looking for without having to use this last lead, but it would require a considerable amount of effort. Remember we said its better using everything to your advantage to decrease the time spent in an investigation. In case you start manually searching for a place, remember to always have in mind the surroundings of this place as shown in the photo. It will save you a lot of time as you can eliminate immediately some areas, where the territory (grass, trees, type of roads etc) or surrounding buildings don’t match your photo.
Answering the “when” (timeframe) question:
When trying to chronolocate a photo in a timeframe, you should always pay attention to anything that can “betray” leads. In this picture, we can look at the following things that will give us leads as to when this photo was taken: the museum poster, the trees, the leaves on the ground and the clothes of two people seen in the picture. Let’s take look at them one by one:
The museum poster:
We have seen that the poster “advertises” an exhibition that according to the museum’s site will open after September 27, 2020. Conducting a search on the Wayback Machine we see that the home page of the museum’s site has been saved three times from August 03, 2020 to November 12, 2020. We look at the archives of the museum on August 03, 2020 and see that the advertisement is there. Since there is an advertisement in the museum’s site, it would make sense that the poster could be there also at that point in time.
The surrounding trees:
Taking a closer look at the trees in the photo we can see the following characteristics:
Googling “Trees in Gologne” brings up (surprisingly!) some results about trees located in Cologne. We follow a Wikipedia link and find that out of a total of 87 trees, only two seem to match the description of our photo’s trees: a tree named in German as “Bergahorn” (aka sycamore maple - Acer pseudoplatanus) and a tree named “Ginkgo” (aka Ginkgo biloba).
The leaves on the ground:
Let’s take a closer look at the leaves on the ground in the photo and compare them with the two types of trees we found.
The leaves on the ground:
Let’s take a closer look at the leaves on the ground in the photo and compare them with the two types of trees we found.
The results are obvious: our tree is the Sycamore Maple. Even if somehow we made a mistake (which we didn’t), it surely comes from the plane family trees, which have similarly shaped leaves.
Googling “when do sycamores drop their leaves” we find that “Because it's a deciduous tree, it's natural for your sycamore to drop its leaves each fall.” It should be noted that fall/Autumn is the period between September 22, 2020 and December 21, 2020. We also find the following really useful pdf file, mentioning (among others) the following interesting info about sycamores: “……As autumn progresses, both trees undergo a color change. Ash leaves turn a brilliant yellow; whereas, sycamore leaves turn shades of brown…sycamore trees are notorious for dropping their leaves all winter long and are not fully void of leaves until the new leaves emerge the following spring… A tree planted close to a busy street may lose its leaves earlier than a tree of the same type growing in a park a few blocks away…”
I could go on but I think that you have already got my point so far. All the underlined info in the paragraph above are true in our case so we can say that our photo was taken mid-Autumn (volume of leaves on the ground and rate of sycamore leaves falling in a relatively quiet park).
Clothes of two people seen in the picture:
Finally, there are two people in the picture: a man and a woman as shown below:
Googling “when do sycamores drop their leaves” we find that “Because it's a deciduous tree, it's natural for your sycamore to drop its leaves each fall.” It should be noted that fall/Autumn is the period between September 22, 2020 and December 21, 2020. We also find the following really useful pdf file, mentioning (among others) the following interesting info about sycamores: “……As autumn progresses, both trees undergo a color change. Ash leaves turn a brilliant yellow; whereas, sycamore leaves turn shades of brown…sycamore trees are notorious for dropping their leaves all winter long and are not fully void of leaves until the new leaves emerge the following spring… A tree planted close to a busy street may lose its leaves earlier than a tree of the same type growing in a park a few blocks away…”
I could go on but I think that you have already got my point so far. All the underlined info in the paragraph above are true in our case so we can say that our photo was taken mid-Autumn (volume of leaves on the ground and rate of sycamore leaves falling in a relatively quiet park).
Clothes of two people seen in the picture:
Finally, there are two people in the picture: a man and a woman as shown below:
As we can see both the woman and the man, wear long warm clothes (green jacket and blue long-sleeved and neck-protected sweater. So, we can assume the weather is cold. It’s also a lead showing we are in mid-Autumn period.
We can now, pretty certainly say, that the timeframe the picture was taken is between October, 2020 and December, 2020 and most probably mid-Autumn!
We can now, pretty certainly say, that the timeframe the picture was taken is between October, 2020 and December, 2020 and most probably mid-Autumn!
Answering the bonus “when” (time taken) question:
The only way to know what time approximately this photo was taken, is to examine the shadows on the ground, which the trees are forming. Let’s take a closer (magnified) view at the upper-left side of the photo. We can clearly see the direction of the shadows:
The only way to know what time approximately this photo was taken, is to examine the shadows on the ground, which the trees are forming. Let’s take a closer (magnified) view at the upper-left side of the photo. We can clearly see the direction of the shadows:
Now let’s go back to where we left in google maps and switch to satellite view. We can see that the arrows that follow the shadows directions can be extended as follows:
The shadows direction is now more visible, as the arrows are pointing towards a north-west direction.
We now have an exact location, the potential month(s) this capture was made and strong visible clues to line up the direction of the sun. We can use Suncalc to line up the sun as close as possible, but sometimes this can be somewhat difficult in certain situations, since we need to zoom out considerably to be able to do that.
Since the Suncalc tool requires specific day, we choose a day near the mid-Autumn, let’s say November 10, 2020. Then we keep changing the time until the sun direction lines up just like we saw shadows line up in the photo.
We now have an exact location, the potential month(s) this capture was made and strong visible clues to line up the direction of the sun. We can use Suncalc to line up the sun as close as possible, but sometimes this can be somewhat difficult in certain situations, since we need to zoom out considerably to be able to do that.
Since the Suncalc tool requires specific day, we choose a day near the mid-Autumn, let’s say November 10, 2020. Then we keep changing the time until the sun direction lines up just like we saw shadows line up in the photo.
We can see that the time the photo was approximately taken is 09:30 (UTC+1)!
P.S.1 There could be a deviation of 30 minutes because we didn’t know the exact day but only a 3-month period this photo was taken.
P.S.2 A big thank you to @sector035 for showing this last technique on his post
Conclusion
When you are trying to geolocate a photo, try spotting the most unique elements in it. Use google searching to find how these elements can help you narrow down the location. Tools like google maps/earth can then help you find what you are looking for. When trying to chronolocate a photo, try spotting elements that change (or have changed) over the course of time. The more accurately you can prove the day a photo was taken, the better since Suncalc results need accuracy in the date field.
I hope you liked my walkthrough. Until next time, stay healthy!
Do you have a question/comment regarding this methodology? Please e-mail me at theinspector32@protonmail.com,or send me a message on twitter.
P.S.1 There could be a deviation of 30 minutes because we didn’t know the exact day but only a 3-month period this photo was taken.
P.S.2 A big thank you to @sector035 for showing this last technique on his post
Conclusion
When you are trying to geolocate a photo, try spotting the most unique elements in it. Use google searching to find how these elements can help you narrow down the location. Tools like google maps/earth can then help you find what you are looking for. When trying to chronolocate a photo, try spotting elements that change (or have changed) over the course of time. The more accurately you can prove the day a photo was taken, the better since Suncalc results need accuracy in the date field.
I hope you liked my walkthrough. Until next time, stay healthy!
Do you have a question/comment regarding this methodology? Please e-mail me at theinspector32@protonmail.com,or send me a message on twitter.
Comments
Post a Comment