Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How can I get the IP address of someone I'm instant messaging, and does it actually identify them?

I recently joined a Website for “Singles” which allows instant messaging
between interested parties. I was warned by one of my friends that there are
people on this website who have multiple profiles. These people could IM you
using one profile today and another profile tomorrow.

My friend suggested that one way of knowing for sure whether these two
profiles are two different people or the same person with two profiles, is to
check their IP address when the IM window opens in front of you.

Does that work?

No.

Having said that there are a couple of very rare exceptions where you can
kind of, sort of, maybe tell. But not really.

Let’s look at how this all works and why the IP address tells you pretty
much nothing.

Become a Patron of Ask Leo! and go ad-free!

To begin with, you didn’t say which IM service is being used. There are of
course many possibilities including MSN Instant Messenger, AIM, GTalk, and
others. In addition, your dating site may well have implemented their own IM
system – it’s actually not that hard.

The single biggest problem with IP addresses and most instant messaging
services it this: you’re connecting to the service, not to the person you’re
IMing.

It looks more like this:

Instant Messaging Communication Path

When you create an instant messaging conversation, you’re not connecting to
the person you’re talking with at all. Instead, your instant messaging program
connects to the servers that are used by the IM service. When you send an IM
your message is sent to those servers, and then from those servers sent on to
whomever it is you’re IM’ing.

“When you create an instant messaging conversation,
you’re not connecting to the person you’re talking with at all.”

In fact, let’s look at the IP’s in use when I have a conversation with an
MSN Messenger user. Using TcpView
during the conversation I see the following connections associated with my IM
client, Trillian:

TCP/IP Connections in Trillian

If I then use the whois lookup at
arin.net
to see who owns the IP addresses involved, I find:

  • 216.155.193.143 – is owned by Yahoo (Trillian is configured
    to include my Yahoo account)

  • 72.14.253.125 – is owned by Google (Trillian is configured
    to include my Google Talk account)

  • 207.46.108.59 – is owned by Microsoft (Trillian is
    configured to include my MSN Instant Messenger account)

  • 207.46.108.19 – is also owned by Microsoft

  • 205.188.7.148 – is owned by AOL (Trillian is configured to
    include my AOL Instant Messenger account)

  • 64.12.165.100 – is also owned by AOL

Nowhere in there is the IP address of the party to whom I’m speaking. (To
confirm, that “other party” is my wife’s place of business, so I know
what the IP address would be should it have been visible.)

The Exception

Now it’s easy to say that “most” IM clients connect you through their
servers, but it’s also true that some do not. In fact, some instant messaging
services allow you to establish a “direct connection”. I believe that AIM
allows you to switch to this type of connection, and some other services such
as Skype actually often operate this way natively in some configurations after
the connection has been made.

So let’s assume, then, that using TcpView during an IM conversation you’re able to capture the IP
addresses used by your IM program, and one of these represents a direct
connection to the person you’re messaging.

What can you tell from this IP address?

Pretty much nothing. Still.

  • They could be behind a router or proxy provided by their ISP. This means
    that any number of people could “appear” to use that same IP. There’s no way to
    tell which user that is(*).

  • Similarly, they could be behind a router or proxy provided by their school
    or place of work. Once again any number of people could “appear” to use that
    same IP, and there’s still no way to tell which user that is(*).

  • They could be behind their own router at home as I so often recommend. Any
    number of machines could be behind that router, and there’s no way for you to
    tell which machine you’re conversing with.

  • And finally, even with the IP address of a specific machine or location,
    there’s no way for you to tell where that machine is located(*). The
    best you can do is identify the ISP that’s providing the internet
    connection to the person you’re conversing with.

(*) Yes, there is a way to tell exactly what machine is represented
by an IP address in most cases. But you can’t get it. You need the
cooperation of the ISP that provides that other person’s internet connection,
and that typically requires a court order or other law-enforcement
involvement.

So unless you can convince law-enforcement that they should get involved,
even having the IP address tells you pretty much next to nothing.

You simply cannot rely on an IP address to mean the same person. IP
addresses could be shared, and you can’t even imply that an IP address
changing means that the person has changed – IP addresses could be reallocated.
While you might be able to make some broad generalizations; for example if one
IP resolves to an ISP in the United States, and another resolves to an ISP
overseas, then perhaps it’s not the same person. But then again, to someone
really dedicated to hiding his or her identity, even that can be
circumvented.

Bottom line: don’t read anything into the IP address until or unless you can
involve law enforcement. It’s just not a reliable enough indicator.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

23 comments on “How can I get the IP address of someone I'm instant messaging, and does it actually identify them?”

  1. So, does this also mean that someone could log-on from different machines, ie from their workplace, and then say an hour later from home, giving different IP addresses, but actually being the same person. If this is the case, it would be even harder to identify that person. There are sites that give the ‘exact’ location of any given IP address, but on entering mine, are not always accurate, although sometimes frighteningly close. When using Tor, I appear to be at different locations – all over the world. Is it possible that some people can combine Tor (or similar) and their IM application to further muddy the waters?
    Andrew, France

    Reply
  2. all that is true but, here is something that could be helpfull:
    If you want to nkwo the IP of somebody thru an IM system the easiest way is try to send or recieve some file from the other user, this will make a direct connection between the users (this wont work always but most of the times do)
    In any case if you dont truyt the person, dont open anything this person send you.
    I think is not likely that you will meet 2 persons that are behind the same router. even if you do you can ask the person where is he/she located. if he lies, well he is already not saying the true and is not trustfull anyways…

    Reply
  3. I used Abika.com and paid $100.00 to have them trace a AOL Instant Messenger (AIM) screen name. They reported back one week later with the physical address and IP address of the computer. Called the address and got the problem taken care of. Believe me, it’s well work the money. They send you an official document also to take to law enforcement if you have to.

    Reply
  4. hello
    iv been having problems with my best mates msn account. some1 hacks into her account and starts giing all her friends grief and its no getting out of had. i just want to know how i could find out the ip address this hacker is using so i can pass it on to the right authorities.
    please help!!

    Reply
  5. nice article very interesting.i would like to know whether we can just come to know the geographical location of the person we are instant messaging?

    Reply
  6. http://www.tracemyip.org/
    this website works
    but how does it work..
    if u find answer to this question then i think u can find ip adress of a chatter..
    try using this below tool to get some awsome queries on ip adresses http://www.foundstone.com/us/resources/proddesc/vision.htm

    Tracemyip *fails* more often than it succeeds. It’s 300 miles off for me, for example.

    The “Vision” product looks pretty much like the free tool TCPView available on the Microsoft site: http://ask-leo.com/d-tcpview.

    I’ll keep saying it: there is NO reliable way to trace an IP address using only publicly avialable information. Only police and law enforcement can do more with a court order.

    -Leo

    Reply
  7. Dear ,

    Very nice article . But i could not beleive that ip address tracking while using any IM is impossible as there are certian tools available.

    With Regards,
    Khalid Rauf.

    Yep, there are lots of tools that claim to work. They’re unreliable, wrong and in many cases just plain bogus.

    – Leo
    27-Oct-2008
    Reply
  8. Actually, I had a chat with my friend using MSN and I could see his ip on netstat, however every other time I couldn’t. This was the only time and it was using a quite weird port number (port 35631). I loggod off the msn, and after loggin in again this connection disappeared. Does anybody have any idea what could that be? Thanks for any advice.

    Reply
  9. Someone added me on msn, and bascally said:

    ‘ive retrived you IP address and your not who you say you are, im reporting your IP address, expect a letter in a couple of days’

    are they being idiots or whats happening?
    Im 17 and my parents pay for the internet, i live in Britain, and i havent done anything illegal etc on the internet, besides normal porn which i dont tink is illegal.

    The guy hept trying to coax me into going on cam etc and saying i was fake, i didnt even know the person and then he said all that stuff when i didnt go on.

    Please Help me

    Sounds like someone’s just trying to scare you. Ignore him.

    Leo
    16-Sep-2009
    Reply
  10. Actually you must send a file to your friend through msn, even it being server based his IP will appear in the file transfer. Then with the IP you can use tracert on command prompt to see which servers it is passing through. There are a lot of websites who can tell accuratelly the location based on your friend’s IP (google it). And finally, you can use a tool like nmap to see which ports are open on his router or his computer, in some cases, then you can send info directly to these ports using telnet, echo > with a “virtual mounted device” that points to his IP and many other 3rd party tools.

    Reply
  11. sir, during the gtalk chat ! i find ip addresses by netstat -n—it shows port 5222 with someone’s ip!
    but its not the real ip . i wana find the real ip address if the person is not even behind any firewall..can tcpview make it this too !!

    waiting 4 d answer !!!

    crackconfig

    Reply
  12. Actually there is no way to accurately get one person’s ip address. Even if you do get an ip address, you wouldn’t be able to find anyone by it since a whole neighborhoods could have the same ip address, sometimes whole towns.

    Not to mention, most ip addresses will trace back to the service provider, with exceptions of course. There is no reason you would need one anyway and stalking is really unnecessarily.

    Reply
  13. i need to know the yahoo messenger chat persons ip address some people use bad words some hurts so i must know them details of that person. is there any action can take to them the people who hurt by using bad words

    I’m not aware of a way to get the IP address. If the problem persists I would complain to Yahoo customer support.

    Leo
    01-Sep-2011

    Reply
  14. Plz wil u tel me the gtalk ip tracer ???
    i hv added that person in gmail account, is there any possibility to trace his ip address ,, then i will able to find that man… will help me ,, its very serious matter wid him … thanx

    Reply
  15. Someone tried to get my ip address using file transfer via msn live messenger but blocked out by my norton 360. Did he establish direct connection successfully and manage to get my ip address in this way? Your kind help is much appreciated.

    He did not establish a direct connection thanks to your firewall, but he may have your IP address. As the article points out, that doesn’t matter since he can’t do anything with that anyway.

    Leo
    12-Dec-2011
    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.