What Can People Tell from My IP Address?

The Best of Ask Leo!

What exactly can someone tell from your IP address and what can they do with it? Can they find personal details or my precise geographical location?

It’s typically easy to find out your IP address or the IP address of someone with whom you are communicating on the internet.

Unfortunately, many people believe it’s possible to find out all sorts of information about the person at the computer connected with that IP address.

That’s simply not the case.

Exactly how much it does expose about you specifically depends on your ISP and how their (and your) network is configured.

The short answer? Not much.

  • A “whois” service can resolve some IP addresses to domain names, like askleo.com, which identifies the server and possibly owner.
  • “Whois” can also identify the ISP that owns and allocates an IP address.
  • Geolocating services will try to tell you where an IP address is located, but they are notoriously inaccurate.
  • An IP address is not “a” computer, but typically a router connected to the internet behind which there can be many computers.
  • If warranted, law enforcement may be able to get more granular information from the services and providers involved.

 

Finding an IP address

Visit my article What’s my IP address? and I’ll show you your IP address and a few other bits of information that web servers get when you visit any webpage on the internet.

Many (though not all) email services include the IP address of the machine on which email originated in the normally hidden email header information. (As I said, not all, and even for those that do, it’s often not on all messages. If it’s not there, it’s not there.)

If you make a point-to-point connection with an instant message program (typically during a file transfer) or a peer-to-peer communications program (for example, Skype, depending on how the connection is made), then your IP address is available to that device.

When two computers talk to each other, they must know each other’s IP addresses; that’s how the internet works.

But once you’ve discovered an IP address, what can you tell about it?

Domains and reverse DNS

Some IP addresses are easy; they’re static (unchanging) and have a DNS name associated with them. For example, in a Windows Command Shell, enter the following command:

ping -a 67.227.211.203

That’s my quick-and-easy way to do what’s called a “reverse DNS lookup”. Normally, DNS maps names (like “askleo.com”) to IP addresses (like 67.225.235.59). In this case, it does the reverse, and reports the official domain name associated with that IP address.

Pinging askleo.com [67.227.211.203] with 32 bytes of data: Reply from 67.227.211.203: bytes=32 time=77ms TTL=52

Knowing the domain name, you can then do a “whois” lookup. One of my favorite sources for this is domaintools.com. For example,

http://whois.domaintools.com/askleo.com

will tell you that askleo.com is owned by some guy named Leo Notenboom with a mailing address in Woodinville, Washington.1

There are services — typically referred to as private registration — that essentially replace all the public registration information with that of a third party, so as to keep even the basic registration information hidden.

What if the ping doesn’t work, or doesn’t return a domain name? Then things get less precise.

IP address ownership

The important thing to realize is that you do not own your IP address — your ISP or service provider does. All public information about that IP address will, in all likelihood, refer only to them.

We can use domaintools.com again to perform a “whois” lookup on an IP address we care about.

http://whois.domaintools.com/67.227.211.203

The result tells you that the IP address in the example above is owned by LiquidWeb, the hosting provider I use for askleo.com.

If the IP address is owned by an overseas provider, the information may direct you to a whois provider for the overseas region in which that provider is located.

Geolocating

There are services that attempt to tell you where on the planet an IP address is located.

There are two extremely important things to know about these “geo-location” services:

  • They typically locate the endpoint of your ISP’s distribution equipment. What that means is the closest that they often get is the location of your ISP’s router ‘ which could be next door or could be many miles away, depending on how your ISP has configured their network and where their equipment resides.
  • Geo-location services are notoriously inaccurate. Depending on which service is used, my home IP address has been located as “Woodinville” (the postal region which encompasses 18 square miles and some 10,000 residential addresses), Seattle (roughly 10 miles from my house), Portland, Oregon (150 miles) and even southern California (close to 1000 miles).

As you can see, geolocation of an IP address can get close ‘ perhaps identifying the city in which an IP address might be located — but its accuracy is seriously suspect.

Getting more details

Everything I’ve described above ‘ reverse DNS, whois lookups, and geolocation ‘ is all based on public information or publicly available services. And they are as far as you can go, at least without help.

What’s missing from all the information above?

Your name and address.2

Other people cannot find your name and physical address from your IP address, and you can’t find it from theirs.

Not without help.

We’ve seen that using a whois lookup on an IP address will tell you the ISP that owns it. It’s that ISP that can then tell you who, exactly, that IP address is connected to.

Note that while they can tell you, that doesn’t mean that they will. That information is typically regarded as private, and ISPs are reluctant to divulge it, no matter how desperate your plea.

What they can and do respond to, however, are court orders.3 If your situation merits the involvement of law enforcement — if laws have been broken and it is worth their effort to look into it — then a properly issued warrant or order from the court will get the information.

And you know what? Even that may not be enough.

An IP address is not a computer

Chances are you have more than one computer at home. In fact, chances are you have a router that allows several computers or other internet-connected devices to share your single connection to the internet.

They, in turn, share the single IP address you’ve been assigned on the internet.

The IP address alone cannot be used to identify a specific device behind your router.

Now, in many cases, that may seem inconsequential. An IP address might lead to a home, and it doesn’t matter which computer was used; you pretty much know at that point who owns the home and the computers therein.

There are two very important exceptions:

  • Sharing your connection, intentionally or otherwise. The classic case is an unsecured wireless access point being used without permission by a nearby neighbor. That neighbor’s activity would appear to be coming from your IP address.
  • Businesses, large and small, often share a single or limited number of IP addresses among dozens (if not hundreds or thousands) of different computers on their internal network. In the extreme case, while the internet IP address might be seen as being located in a city housing the company headquarters or IT center, the network behind the internet-facing router could span many cities or even countries.

In cases such as these, you would need the assistance of the local network administrator to identify a specific machine, if that’s even possible.

At home, where you are the network administrator, it’s important to realize that the actions of all computers sharing your internet connection will be associated with your IP address.

Bottom line

I often hear from individuals who have an IP address and desperately want to identify who is at that IP address.

As we’ve seen by now, it’s not that simple; it’s just not realistically possible.

Unless, of course, you have the assistance of law enforcement.

Since you also have an IP address that identifies your connection to the internet, this should reassure you (unless, of course, you’re doing things you shouldn’t).

If you’re someone being harassed or otherwise wronged by someone whose IP address you are able to identify, it can be frustrating. But realize that the hoops you have to jump through are the very same hoops that protect you as well.

Footnotes & References

1: Note that I use a P.O. box, not my home address. The infamous Mat Honan account hack used exactly this technique to learn his home address — and thus the billing address of his credit card.

2: Unless you made that information public by registering a domain name with your name and physical address, and then pointing that domain to an IP address that is connected to your physical address.

3: First, I’m not a lawyer and this is in no way legal advice. Second, all of this assumes that your country has a court system. I’m speaking mostly of how I understand things to operate in the United States. The requirements (if any) in other countries may be very different.

For related links, videos, and comments visit What Can People Tell from My IP Address? on Ask Leo!