Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

All Worked Up Over IP Tracing

One of the more common classes of questions I get on Ask Leo! relates to IP addresses and IP address tracing.

Just how far can people really get with an IP address?

It depends on who’s looking, but in general it’s not as far as you might think.

Become a Patron of Ask Leo! and go ad-free!

Finding and hiding

IP Address SearchIt get these questions from both sides.

On one hand, I hear from people who are concerned someone can track them down physically — perhaps finding their home address — based on their IP address.

On the other hand, I also hear from people who want to find out who’s at some IP address, because they’re being contacted in some form, and that’s the only bit of information they have to grab on to.

It goes as far as the ISP

Publicly available information about an IP address can typically only be traced as far as the ISP (Internet Service Provider) that owns it. ISPs assign IP addresses to individual devices connected to the internet. Providing the internet to your home, for example, your ISP assigns an IP address to your router.

A good ISP will not reveal to whom they’ve allocated the assigned IP addresses — at least not to just anyone.

My belief is that legal action and possibly even law enforcement of some sort would be required for an ISP to release the information.

It’s often obscure

In many cases, the information can be quite obscure.

Instant Messaging conversations typically do not include the IP address of the participants; your computer connects to the IM service’s server, and that’s the only IP address you’d be able to see. If you’re attempting to track down who is messagnig you, you’ll need the help of the service provider such as Facebook, Microsoft, or one of the others.

The same is true for most web-based email providers and messages — not all contain the IP address of the actual originator, so you’ll need the provider’s help to track it down.

In any case these service providers are unlikely to provide any information at all without legal action.

It’s good news, really

I consider all this great news. While it’s important information be made available when it’s appropriate, we all want our privacy too.

The ISPs and service providers we use are important gatekeepers of that privacy.

Bottom line don’t go expecting to find a lot of information based on an IP address alone, unless you’ve got a valid and defensible reason. And conversely, while technically it is possible to track down an IP address to a specific machine and location, it’s not easy, and it’s not something that the general public can do.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

69 comments on “All Worked Up Over IP Tracing”

  1. While your synopsis of tracing an IP address is correct; I would simply like to point out some things that were not addressed in either your article or podcast.

    While the general public may not have the knowledge or desire to hunt down individual ip addresses; it’s not very difficult for someone like myself to utilize a degree of social engineering which doesn’t require technical knowledge of a computer or even how networks operate.

    I would just like to state that worries can be eliminated by simply utilizing what are known as proxy servers that will mask the originating IP address so that there is zero opportunity for anyone to be able to pin point an actual geographical location. Of course I am sure you know the routine, I was just shocked that it wasn’t mentioned and a preventive measure.

    Reply
  2. I just received a message stating that someone with I.P. address 149.225.126.87 has tried three times to access my pay pal account. I googled the I.P. and it gave me a persons name, address, and e-mail. Then all the messages that he has written. It shows up from Romania? But the address is on the East Coast?

    Reply
  3. proxy servers that will mask the originating IP address so that there is zero opportunity for anyone to be able to pin point an actual geographical location.

    Is that tru that taher is zero chance to get location?!?

    Reply
  4. I wouldn’t call it zero. The owner of the proxy server could be tracing or logging where things come from and go to. You’re kinda trusting that they won’t reveal that information.

    Reply
  5. i am part of a pregnancy forum and i have made many friends there but there are some people coming on and taking our pics and our baby pics and photoshopping them to look horrible and they are some how getting our personal info like home addresses and phone numbers we think it may be someone that was or is part or the forum but no one will admit it is there anyway to get thier ip address so that we can figure out if it is someone that we know that way we dont give them anymore personal info

    Reply
  6. I have a problem with someone harassing my daughter online with AIM. How do i find out who it is and report it to the police. The person has made threatning remarks.

    Reply
  7. I’m part of an internet forum where a moderator got in a small fight with a user and the mod went and did an IP trace and from that info, he posted the user’s state in the public thread. Is this legal?

    Reply
  8. Today I got an email from PayPal (eBAY) that someone with the IP adress 149.225.126.87 tried to access my account. Then it asked to verify my account when I signed in, asking for information down to my ATM number. Obviously, PayPal had no interest in that number since it is not used in transactions. The PayPal inquiry was undoubtedly a fake. Do not respond to PayPal or any credit card company through the email itself, but go to the source and reinforce your security up to and including cancelling your account or credit card.

    Reply
  9. Someone used spyware to check my IP address. They claimed all they needed was the screename I was using in the forum we were in. I know exactly who the person is and what country they live in. The person was actually bragging about doing this. In the process they totally ruined my computer. I’m pretty sure it has a few dozen viruses by now. The night it happened I ran Ad-Aware, and over 300 things were on the report, so I know it was from this person and their little spyware crap.

    Is there any way to get them in trouble for this? For using spyware and wrecking my puter? Or atleast using the spyware on them to show them how it feels?

    Reply
  10. I also got 4 of the same messages from paypal Someone with ip address 149.225.126.87 tried to access your personal account! I canceled my account ,

    Reply
  11. Hello
    Can I identify a persons ip address and view every or some of the websites they have visited?
    I would be very pleased if you could answer my question it’s very important.

    Reply
  12. Hi I was wondering if I text messaged someone through yahoo messenger will they be able to find out where I live? Thank you

    Reply
  13. Not scary at all, because as I’ve been saying ALL ALONG it shows the location of the ISP, NOT YOU.

    Verified myself – I have a static IP that resolves to the DSL line to my house – and yet, the site is WAY WAY off. Didn’t even get the city right.

    Again, you CAN NOT identify the physical location of an IP address without the help of the ISP.

    Reply
  14. Leo,

    It shows a map. It shows a dot on that map that is exactly where my residence is. It shows my exact latitude and longitude which they calculate to be with 99% accuracy (some come up with less accuracy).

    No, it’s not my actual physical address, but it shows city and area, and with the ability to determine longitude and latitude (say a GPS system), it’s within feet! Why don’t you get this? Why do you want people to feel safe when they are not?

    E.g., say a woman is hiding from an abuser who thinks she’s moved to Montana but she’s actually still in New York or wherever, her IP address will reveal all.

    Reply
  15. Addition to above … It appears that you did not go to the link given in first email. Because your reply ignores all the facts of an actual visit to the site.

    Reply
  16. I did in fact use the link you provided, and the locator on the map and the lat/long was nowhere near my home. IT WAS WRONG – in a very predictable way. (My IP shows at my ISP’s node in Redmond WA. While that’s quite expected, that’s not where I live.)

    Knowing how IP addressing and internet providers work, my statement stands.

    General area? Sure. But what I’m talking about is accurate location – something that would allow someone to physically find you or your home. An IP address cannot do that without the help of the ISP.

    Reply
  17. You are no longer relating to the facts, but rather intransigently defending an erroneous position. Try the IP addresses of 20 different people from around the country and around the world at that site (note the stated percentage of accuracy for each), to see how it works. Beyond that I give up, because facts and reason are not getting through.

    An example to help you “get” this: E.g., if a woman is running from an abuser, and the stalker is able to obtain the IP address he is now in the neighborhood. Do I have to explain this any further? Do you give a hoot? It does not appear that you do. You are stubbornly stuck in a denial of danger that does a disservice to your readers.

    Reply
  18. I can see the point of an abusive women who may not want someone to even know the city that they are located. But is it not also reasonable that this can be used to someone’s advantage by having a friend or even a service send e-mails from another city for these women, maybe people who are really concerned could come up with an idea for free for these women and forward e-mails on their behave to confuse or throw these people off by using IP addresses that are not within their actual city.
    Maybe ISP’s can have special IP addresses assigned to them that would not be connected to any city but just by country or something for people who have a legal right to hide their location, such as abused women’s shelters or other such agencies.

    Reply
  19. Yes. IP addresses are actually assigned to network cards, so if you have more than one network card, you can have more than one IP address. There are probably other approaches as well.

    Reply
  20. Emersonian….I doubt you have researched the way that you suggested Leo did because he’s right. My location on the map is NO WHERE NEAR where I live, not even in the same city, nor a nearby one PERIOD. So I did what you suggested and ran 5 different IP’s of people that I know and know where they live. ALL OFF by more than 20 miles each.

    Geocities has the same program and while it’s fun to know the general area, it is in no way anywhere near ANY of the IP’s I checked out and YES I went down to the street level. So calm down and worry not.

    Reply
  21. by using a program called neotrace, i am able to get a reletive distance from a set point. I am currently attempting to trace the address of a person who is scamming my company by selling merchandise under the table. I basically can take a set point (in this case the lat long combo of 32.783N, 96.800W , which is dallas city center. the program uses pinging to acquire a reletive distance, and while not stating this distance or the EXACT direction, it does give a line in a reletive direction (for example, a line 1 inch long at max zoom from the point in a SW direction). i can then use the map to find the distance to another known point, say it be my house. i compare the 2 lines to find a scale for the map, be nice if it was included but meh w/e… i can then apply trig and geometry to find a general circle that the location lies upon. i know what you are thinking, its not the person, simply the ISP, this is NOT true, for i have 2 people that we are “looking into” both with the same ISP using different ports, on different ip addresses. the location is the same on each trace up until the last, where it goes from ISP to location. the end location is different per person, and shows up accurately for my own, even tho my ISP is in forney, not dallas, nearly 50 miles away. I can then take this circle, apply to a map, and note any houses in lets say a 1 mile distance from any point on the reletive circle in about the right direction… apply known addresses of employees, and it has been narrowed down, possibly pinpointed. theft stopped. it is possible to do this, and i am working on the math at the current time. difficult, YES, impossible, no… i have been working near 6 hours on this, and am finally getting to the point where i can apply the map and find houses that match the general location of the perpetrator (who has intelligently changed his IP address). easy from here out…

    btw, for all of you wanting to change your ip address, follow the following.

    1. go to run
    2. type “command”
    3. in the DOS prompt, type ipconfig /renew
    4. type exit to return to windows.

    takes no more than 30 seconds, problem solved for anybody wanting to get away from a stalker… gg dawg gg.

    Reply
  22. caught the person using IP, he confessed to it and has been released from the company. Just proof that it IS possible to pinpoint things through with IP addresses, just really freakin difficult. Took me nearly 8 hours last night to figure out the math, especially when i came to what exact angle the line went in, had to use other known points to figure it out using trig… ug pain, anyways, it IS possible, just difficult.

    Reply
  23. well cool i tried it but my dos says bad command, can get away with that
    thanks for hooking with g-mail u r a star

    Reply
  24. AT Bkls: i have try to change my IP as you show above but it not work ?It will chang automatiquely or I have to type any thing to change it ?

    Reply
  25. There was this one time where ppl were ‘hacking’ onto my comp. Lol, I traced them all, one guy was in Australia! Lol.

    Reply
  26. what about services like abika, that if you pay a certain amount, offer to track down the exact location of an ip address for you? can people abuse that and does it actually work?

    Reply
  27. so if u wanted to block somone from reading ur IP like maybe useing zonealarm to block one from reaidng it say u have more then 1 acc. used to cheat on a site and they can tell hpw many acc u have by ur IP if they cant get ur IP then they cant tell pls help

    Reply
  28. i would like to only know that how can we trace the persons if we have a ip address of tham.
    is there is any software to do that ,and if not than please tell me guys that how can i trace him and exploit him by ip address.please please

    Reply
  29. i was recently playing a game of warcraft, and the host of the server, found my IP adress, my internet provider as well. At the end of the game he quoote, “NO MORE INTERNET FOR YOU!” so i was thinking, is this really possilbe , if someone was to obtained my IP adress and they were to cancel my dsl account?

    Reply
  30. i was on a game and they bansihed me for no reason and when i try 2log back on the game it says ip banshed so is there any way i can change my ip so i cna go back on the game and the 1 at the top didnt work for me

    Reply
  31. Hi I was wondering if you can tell me something…. can I be blocked from someones web site if they have my ip? and how do they get it? and how much damage can they do with it? can I change it so I can go back on to their site and say HAHAHAHAHAHA… ? thank you

    Reply
  32. Sir,
    I am a private investigator and am currently working on a case involving identity theft. Someone at my client’s workplace obtained her flash drive with her personal information and created a MySpace profile defaming her on that site. I need the IP from this individual’s computer in order for the authorities to get involved. What would be the best way to go about getting that IP? My agency is Watchdog Investigations LLC. AZ Lic#1557059.
    -Richard Mathewson

    Reply
  33. I believe it probably needs to be the other way around: I think you’ll need the authorities to be involved before MySpace will give you the IP. Ultimately MySpace would be the place to get the information. Not being a lawyer, I can’t speculate on what the requirements for that disclosure would actually be.

    Reply
  34. Hi:
    I would like to know if someone can know your physical computer name while chating on gmail? I was chatting with a guy who identified my computer name which took me by surprise. So does that mean he hacked into my computer? And if he could tell the computer name, what other information could he have acquired? Could he have hacked in my gmail as well? This guys physical location was out of US somewhere in asia. Please kindly explain me all this. I would greatly appreciate your help.

    Sincerely, kritins

    Reply
  35. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    Depending on what email program you use, and probably a few other
    things, your machine name may be included in email headers on the email
    you send. Doing so is totally benign, and does not indicate a hack.

    However, if you are not up to date with latest patches, if you are not
    behind a firewall, and if you have other settings set improperly, of
    course this same information could be the result of a hack. Make sure
    you’re configured properly for security. In this scenario being behind a
    firewall is probably the most important.

    This is also well worth reading:
    http://ask-leo.com/internet_safety_how_do_i_keep_my_computer_safe_on_the_internet.html

    Leo
    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.6 (MingW32)

    iD4DBQFF8z0gCMEe9B/8oqERAl/RAJ44j1pzdO0IXuiDnll++TlX00ObxQCXZWbd
    IcXvc6lDVBE8oqmPTA8pDw==
    =xGJA
    —–END PGP SIGNATURE—–

    Reply
  36. Is it possible to track someone with just their IP address, and not have access to their computer? I was just informed that someone is aware of my online activity (nothing illegal, but certainly embarassing for some) but I have no idea how this information could have been obtained. This person has no idea where I live, much less have access to my computer. I thought maybe if they know what my IP address is, they could search to see what websites and such I have visited thru that IP address. Possible??

    Reply
  37. Leo,

    In some cases, ISP’s tend to be a bit sloppy when assigning dynamic customer IP’s. I have, on occasion, pinpointed someone’s location within 4 or 5 city blocks… simply because the second last octet of their IP was “53” (for example)… and I’ve known that 53.x IP’s serviced no other neighbourhood but.

    You can also gain much greater accuracy, by going back through the hops, and looking up the location of whatever that particular user is connected to.

    Now let’s just say for example, that you’ve already determined that the user of that IP is a DSL-subscriber (easy thing to determine)… and you’ve pinpointed the exact location of their C/O… it’s often a very safe bet, that the machine you are tracing, is located within 3.7 line-miles of that position.

    It still may not put you on that person’s doorstep, but it is indeed, a bit too close for comfort. With information as such, you may also be able to determine where that person is most likely to shop, go to school, buy their gas… etc.

    Now, I’m not saying that it’s always going to be so ‘cut and dry’ easy… but there are cases when IP tracing can get EXTREMELY close to home.

    What else might the tracer know about you, that can help snap together the remainder of the puzzle? What information might your neighbours give up innocently, if the tracer casually walked down your street posing as an old friend?

    It’s indeed something to think about.

    Those serviced by long-range wireless or satellite connections are probably about the safest surfers on the net (as far as IP tracing is concerned).

    Reply
  38. so tell me how can i stop a website from getting my ip when i log onto the site there must be some kinda scrambler or something ?

    Reply
  39. It’s fun or usefull when you track IP addresses, because you can make an idea about the person, country, maybe state, or if it is from an organization or big company. http://www.ipgp.net gives accurate information and map.

    Reply
  40. how anyone can know the ip address of the other person he is chatting with over the yahoo messenger or on mail id? pls tell me this is highly required information.

    Reply
  41. Recently my company emails were hacked into and a false and nasty message was sent to most of our clients. I have the IP from the email and want to trace it . I’m virtually certain we know who the offender is . How do i it ?

    Reply
  42. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    No way to know. It depends on the ISP.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.6 (MingW32)

    iD8DBQFGiIdpCMEe9B/8oqERAsIzAJ9YdVyLlR3W5B8KernP4HXCYXtw6QCfbEZ6
    BXFXjGo7iIpwaq8fFXbjxVA=
    =9wXz
    —–END PGP SIGNATURE—–

    Reply
  43. WHile it is possible to find an approximate location from an IP address in an email header, email originating from AOL accounts only seems to trace back as far as the AOL server.

    Is there a way to find an approximate location of the specific computer used to send the mail?

    Reply
  44. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    As stated in this and several articles on this site:

    – – if you’re an average user: no
    – – if you’re the ISP that owns the IP address: probably

    So normal people typically need to get law enforcement involved and court
    orders to trace an IP to a computer.

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.6 (MingW32)

    iD8DBQFGl+mACMEe9B/8oqERAlThAJ9mo2/eya7TsKpJ7GLRhJOEkbnivACeJwm/
    VnGQZbLMG43hJBqWbhERvZg=
    =AIPo
    —–END PGP SIGNATURE—–

    Reply
  45. how could i know the ip address of the person ,whom i am chating in yahoo messanger pliz tell me i need this information

    Reply
  46. What does law enforcement typically need in order to get a court order to provide the ISP provider? I have a handful of gmail accounts (blocked of course through Google without a court order) that were intentionally created to slander and defame me and my wife… I know it is a specific person, I know, through our ISp provider that it occured in the “general vicinity” of the offender, but I have not the proof to show it is this person – otherwise he would sign his name, right? I want to provide law enforcement with enough information to “suspect” or “assume” or more of a “coincidence” to get that court order to seize this person’s computer to verify the gmail accounts in this person’ name… any thoughts or suggestions? I do not wish to spend thousands of dollars to retain an attorney to figure this out – I should be able to fight this myself no?

    Unfortunately the system is generally difficult – in part to prevent people from abusing it. So I’m not sure just how realistic it is to “go it alone”. I’m no lawyer, and I’m not in law enforcement, but I would speculate that what law enforcement wants is simply proof that a crime has been committed, and that it’s serious enough to warrant diverting their already thinly-spread energies to investigate it. But ultimately only they can tell you what they need with any specificity.

    Leo
    03-Oct-2009
    Reply
  47. i have received threatening mails from a hotmail account where the sender’s IP shows location as UK.I am positive it is sent from within India.Can the law enforcement agencies find the real sender.Is it possible for anyone to doctor the IP number and send a mail?

    Reply
  48. Rajesh, It is possible for someone to be using a proxy(Masking their IP with another which is real – but it isn’t his) or they could be using other types of methods which basically means he can control what is sent when he sends his email and can doctor the IP as you said.

    Reply
  49. My uncle’s email was hacked all his business transactions are in that and people’s e mails.I somehow found out the ip adress for the email, but can’t find the location where the e
    mail is being used from, coz the person who hacked it sent me an e mail in responce to my e mail thati thought I m sending to my uncle, I used the location finders and ran the ip adress 98.139.54.60 but it tells me my uncles location , how correct the location can be with the ip adress, I m very worried I need to know where the e mail is being used fro
    bthen I will figur out who is using it, please help

    Reply
  50. Can you see if someone is tracking your Ip?

    No. (Besides, “tracking your IP” doesn’t have any meaning – but whatever you’re thinking it means, no.)

    Leo
    16-Mar-2011

    Reply
  51. You have stated that a “gmail” wouldn’t be able to be traced back to me, without “legal” action? What are my rights to privacy, if the post on twitter or emails were not illegal?

    I’m afraid that’s a legal question I can’t answer. I’m sure that it really depend on the specifics of the situation you’re looking at.

    Leo
    12-Feb-2012
    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.