Helping people with computers... one answer at a time.
People can tell very little from your IP address. For example, they cannot tell who or where you are. How much they can tell varies a great deal.
What exactly can someone tell from your IP address and what can they do with it? Can they find personal details or my precise geographical location?
It's typically very easy to find out your IP address or the IP address of someone with whom you are communicating somehow on the internet.
Unfortunately, many people believe that with an IP address, it's possible to find out all sorts of information about the person at that connected computer.
That's simply not the case.
Exactly how much it does expose about you specifically depends on your ISP and how their (and your) network is configured.
The very short answer? Not much.
Visit my article What's my IP address? and I'll show you your IP address and a few other bits of information that web servers get whenever you visit any web page on the internet.
Many (though not all) email services will include the IP address of the machine on which email originated in the normally hidden email header information. (As I said, not all, and even for those that do, it's often not on all messages. If it's not there, it's not there.)
If you make a point-to-point connection with an instant message program (typically during a file transfer), a peer-to-peer communications program (for example Skype, depending on how the connection is made), then your IP address is also available to the computer with which yours is communicating.
The very nature of how the internet works dictates that when two computers talk to each other, they must know each other's IP addresses.
But once you've received an IP address, what can you tell about it?
Some IP addresses are easy; they're static (unchanging) and have a DNS name associated with them. For example, in a Windows XP Command Shell, enter the following command:
That's my quick-and-easy way to do what's called a "reverse DNS lookup". Normally, DNS maps names (like "ask-leo.com") to IP addresses (like 184.108.40.206). In this case, it does the reverse and reports the official domain name associated with that IP address:
That's the official1 domain name of the server that today houses ask-leo.com.
Knowing the domain name, you can then do a "whois" lookup. One of my favorites is that provided by domaintools.com. For example,
Will tell you that ask-leo.com is owned by some guy named Leo Notenboom with a mailing address in Woodinville, Washington.2 You'll get the same information looking up pugetsoundsoftware.com as well – it's that same guy.
There also exist services, typically referred to as private registration, which essentially replace all the public registration information with that of a third party, so as to keep even the basic registration information hidden.
What if the ping doesn't work or doesn't return a domain name? Then, things get less precise.
The important thing to realize is that you do not own your IP address – your ISP or service provider does. Thus, all public information about that IP address will in all likelihood refer only to them.
We can use domaintools.com again to perform a "whois" lookup on an IP address we care about:
The information that results will tell you that the IP address in the example above is owned by LiquidWeb – the hosting provider I use for ask-leo.com.
If the IP address is owned by an overseas provider, the information may direct you to a whois provider specifically for the overseas region in which that provider is located.
There are services that will attempt to tell you where on the planet an IP address is located.
There are two extremely important things to know about these "geo-location" services:
They typically locate the endpoint of your ISP's distribution equipment. What that means is the closest that they often get is the location of your ISP's router – which could be next door, or it could be many miles away, depending on exactly how your ISP has configured their network, and where their equipment resides.
Geo-location services are notoriously inaccurate. Depending on which service is used, my home IP address has been located as "Woodinville" (the postal region which encompasses 18 square miles and some 10,000 residential addresses), Seattle (roughly 10 miles from my house), Portland, Oregon (150 miles) and even southern California (close to 1000 miles).
As you can see, occasionally geolocation of an IP address can get close – perhaps identifying the city in which an IP address might be located, but its accuracy is always seriously suspect.
Everything I've described above – reverse DNS, whois lookups, geolocation – is all based on public information or publicly available services.
And they are as far as you can go, at least without help.
Most notably missing from all the information above?
Your name and address.3
Other people cannot find your name and physical address from your IP address, and you can't find it from theirs.
Not without help.
We've seen that using a whois lookup on an IP address will tell you the ISP that owns it. It's that ISP that can then tell you who, exactly, that IP address is connected to.
Note that while they can tell you, that doesn't mean that they will. That information is typically regarded as private and ISPs are reluctant to divulge it, no matter how desperate your plea.
What they can and do respond to, however, are court orders.4 If your situation merits the involvement of law enforcement, if laws have been broken and it is worth their effort to look into it, then a properly issued warrant or order from the court will get the information.
And you know what? Even that may not be enough.
Chances are you have more than one computer at home. In fact, chances are you have a router that allows those several computers or other internet-connected devices to share your single connection to the internet.
They, in turn, share the single IP address you've been assigned on the internet.
The IP address alone cannot be used to specifically identify a specific device behind your router.
Now, in many cases, that may seem inconsequential. An IP address might lead to a home, and it doesn't matter which computer was used; you pretty much know at that point who owns the home and the computers therein.
There are two very important exceptions:
Sharing your connection, intentionally or otherwise. The classic case that you've probably heard of is an unsecured wireless access point being used – without permission – by a nearby neighbor. That neighbor's activity would appear coming from your IP address.
Businesses, large and small, often share a single or limited number of internet IP addresses among dozens (if not hundreds or thousands) of different computers on their internal network. In the extreme case, while the internet IP address might be seen as being located in a city housing, the company headquarters, or IT center, the network behind the internet-facing router could span many cities or even countries.
In cases such as these, you would need the assistance of the local network administrator to identify a specific machine, if that's even possible.
At home, where you're the network administrator, it's important to simply realize that the actions of all computers sharing your internet connection will be associated with your IP address.
I hear often from individuals who have an IP address and they desperately want to identify who is at that IP address.
As we've seen by now, it's not that simple and it's just not realistically possible.
Unless of course you have the assistance of law-enforcement.
As someone with an IP address that identifies our connection to the internet, that should reassure you (unless, of course, you're doing things you shouldn't).
If you're someone being harassed or otherwise wronged by someone whose IP address you were able to identify, it can be frustrating – but realize that the hoops you might have to jump through are the very same hoops that protect you as well.
(This is an update to an article originally published February 28, 2005.)
1: "Official" in the sense that it's the domain name that I chose to have associated with that IP address for reverse IP address look-ups. There's no requirement that there be one at all, and the choice of which domain to associate with an IP address like this is up to the network administrator for that IP address.
2: Note that I use a P.O.Box – the recent Mat Honan account hack used exactly this technique to learn his home address and thereby, the billing address of his credit card.
3: Unless you made that information public by registering a domain name with your name and physical address, and then pointing that domain to an IP address that is connected to your physical address.
4: First, I'm not a lawyer and this is in no way legal advice. Second, all of this assumes that your country has a court system. I'm speaking mostly of how I understand things to operate in the United States. The requirements (if any) in other countries may be very different.