Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How can I get the IP address of someone I'm instant messaging, and does it actually identify them?

Question:

I recently joined a Website for “Singles” which allows instant messaging between interested parties. I was warned by one of my friends that there are people on this website who have multiple profiles. These people could IM you using one profile today and another profile tomorrow.

My friend suggested that one way of knowing for sure whether these two profiles are two different people or the same person with two profiles, is to check their IP address when the IM window opens in front of you.

Does that work?

No.

Having said that there are a couple of very rare exceptions where you can kind of, sort of, maybe tell. But not really.

Let’s look at how this all works and why the IP address tells you pretty much nothing.

Become a Patron of Ask Leo! and go ad-free!

To begin with, you didn’t say which IM service is being used. There are of course many possibilities including MSN Instant Messenger, AIM, GTalk, and others. In addition, your dating site may well have implemented their own IM system – it’s actually not that hard.

The single biggest problem with IP addresses and most instant messaging services it this: you’re connecting to the service, not to the person you’re IMing.

It looks more like this:

Instant Messaging Communication Path

When you create an instant messaging conversation, you’re not connecting to the person you’re talking with at all. Instead, your instant messaging program connects to the servers that are used by the IM service. When you send an IM your message is sent to those servers, and then from those servers sent on to whomever it is you’re IM’ing.

“When you create an instant messaging conversation, you’re not connecting to the person you’re talking with at all.”
In fact, let’s look at the IP’s in use when I have a conversation with an MSN Messenger user. Using TcpView during the conversation I see the following connections associated with my IM client, Trillian:

TCP/IP Connections in Trillian

If I then use the whois lookup at arin.net to see who owns the IP addresses involved, I find:

  • 216.155.193.143 – is owned by Yahoo (Trillian is configured to include my Yahoo account)
  • 72.14.253.125 – is owned by Google (Trillian is configured to include my Google Talk account)
  • 207.46.108.59 – is owned by Microsoft (Trillian is configured to include my MSN Instant Messenger account)
  • 207.46.108.19 – is also owned by Microsoft
  • 205.188.7.148 – is owned by AOL (Trillian is configured to include my AOL Instant Messenger account)
  • 64.12.165.100 – is also owned by AOL

Nowhere in there is the IP address of the party to whom I’m speaking. (To confirm, that “other party” is my wife’s place of business, so I know what the IP address would be should it have been visible.)

The Exception

Now it’s easy to say that “most” IM clients connect you through their
servers, but it’s also true that some do not. In fact, some instant messaging services allow you to establish a “direct connection”. I believe that AIM allows you to switch to this type of connection, and some other services such as Skype actually often operate this way natively in some configurations after the connection has been made.

So let’s assume, then, that using TcpView during an IM conversation you’re able to capture the IP addresses used by your IM program, and one of these represents a direct connection to the person you’re messaging.

What can you tell from this IP address?

Pretty much nothing. Still.

  • They could be behind a router or proxy provided by their ISP. This means that any number of people could “appear” to use that same IP. There’s no way to tell which user that is(*).
  • Similarly, they could be behind a router or proxy provided by their school or place of work. Once again any number of people could “appear” to use that same IP, and there’s still no way to tell which user that is(*).
  • They could be behind their own router at home as I so often recommend. Any number of machines could be behind that router, and there’s no way for you to tell which machine you’re conversing with.
  • And finally, even with the IP address of a specific machine or location, there’s no way for you to tell where that machine is located(*). The best you can do is identify the ISP that’s providing the internet connection to the person you’re conversing with.

(*) Yes, there is a way to tell exactly what machine is represented
by an IP address in most cases. But you can’t get it. You need the cooperation of the ISP that provides that other person’s internet connection, and that typically requires a court order or other law-enforcement involvement.

So unless you can convince law-enforcement that they should get involved, even having the IP address tells you pretty much next to nothing.

You simply cannot rely on an IP address to mean the same person. IP addresses could be shared, and you can’t even imply that an IP address changing means that the person has changed – IP addresses could be reallocated. While you might be able to make some broad generalizations; for example, if one IP resolves to an ISP in the United States, and another resolves to an ISP overseas, then perhaps it’s not the same person. But then again, to someone really dedicated to hiding his or her identity, even that can be circumvented.

Bottom line: don’t read anything into the IP address until or unless you can involve law enforcement. It’s just not a reliable enough indicator.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

8 comments on “How can I get the IP address of someone I'm instant messaging, and does it actually identify them?”

  1. http://www.tracemyip.org/
    this website works
    but how does it work..
    if u find answer to this question then i think u can find ip adress of a chatter..
    try using this below tool to get some awsome queries on ip adresses http://www.foundstone.com/us/resources/proddesc/vision.htm

    Tracemyip *fails* more often than it succeeds. It’s 300 miles off for me, for example.

    The “Vision” product looks pretty much like the free tool TCPView available on the Microsoft site: http://ask-leo.com/d-tcpview.

    I’ll keep saying it: there is NO reliable way to trace an IP address using only publicly avialable information. Only police and law enforcement can do more with a court order.

    -Leo

    Reply
  2. Dear ,
    Very nice article . But i could not beleive that ip address tracking while using any IM is impossible as there are certian tools available.
    With Regards,
    Khalid Rauf.
    Yep, there are lots of tools that claim to work. They’re unreliable, wrong and in many cases just plain bogus.
    – Leo27-Oct-2008

    Reply
  3. Someone added me on msn, and bascally said:

    ‘ive retrived you IP address and your not who you say you are, im reporting your IP address, expect a letter in a couple of days’

    are they being idiots or whats happening?
    Im 17 and my parents pay for the internet, i live in Britain, and i havent done anything illegal etc on the internet, besides normal porn which i dont tink is illegal.

    The guy hept trying to coax me into going on cam etc and saying i was fake, i didnt even know the person and then he said all that stuff when i didnt go on.

    Please Help me

    Sounds like someone’s just trying to scare you. Ignore him.

    Leo
    16-Sep-2009
    Reply
  4. Actually you must send a file to your friend through msn, even it being server based his IP will appear in the file transfer. Then with the IP you can use tracert on command prompt to see which servers it is passing through. There are a lot of websites who can tell accuratelly the location based on your friend’s IP (google it). And finally, you can use a tool like nmap to see which ports are open on his router or his computer, in some cases, then you can send info directly to these ports using telnet, echo > with a “virtual mounted device” that points to his IP and many other 3rd party tools.

    Reply
  5. i need to know the yahoo messenger chat persons ip address some people use bad words some hurts so i must know them details of that person. is there any action can take to them the people who hurt by using bad words

    I’m not aware of a way to get the IP address. If the problem persists I would complain to Yahoo customer support.

    Leo
    01-Sep-2011

    Reply
  6. Someone tried to get my ip address using file transfer via msn live messenger but blocked out by my norton 360. Did he establish direct connection successfully and manage to get my ip address in this way? Your kind help is much appreciated.

    He did not establish a direct connection thanks to your firewall, but he may have your IP address. As the article points out, that doesn’t matter since he can’t do anything with that anyway.

    Leo
    12-Dec-2011
    Reply
  7. “An informative and eye-opening post! It’s essential to understand the implications of trying to obtain someone’s IP address during instant messaging. While it may provide an identifier, it’s important to respect privacy and use this information responsibly. Thanks for shedding light on this topic!”

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.