It’s typically easy to find out your IP address or the IP address of someone with whom you are communicating on the internet.
Unfortunately, many people believe it’s possible to find out all sorts of information about the person at the computer connected with that IP address.
That’s simply not the case.
The short answer? Not much.
Become a Patron of Ask Leo! and go ad-free!
- A “whois” service can resolve some IP addresses to domain names, like askleo.com, which identifies the server and possibly owner.
- “Whois” can also identify the ISP that owns and allocates an IP address.
- Geolocating services will try to tell you where an IP address is located, but they are notoriously inaccurate.
- An IP address is not “a” computer, but typically a router connected to the internet behind which there can be many computers.
- If warranted, law enforcement may be able to get more granular information from the services and providers involved.
Finding an IP address
Visit my article What’s my IP address? and I’ll show you your IP address and a few other bits of information that web servers get when you visit any webpage on the internet.
Many (though not all) email services include the IP address of the machine on which email originated in the normally hidden email header information. (As I said, not all, and even for those that do, it’s often not on all messages. If it’s not there, it’s not there.)
If you make a point-to-point connection with an instant message program (typically during a file transfer) or a peer-to-peer communications program (for example, Skype, depending on how the connection is made), then your IP address is available to that device.
When two computers talk to each other, they must know each other’s IP addresses; that’s how the internet works.
But once you’ve discovered an IP address, what can you tell about it?
Domains and reverse DNS
Some IP addresses are easy; they’re static (unchanging) and have a DNS name associated with them. For example, in a Windows Command Shell, enter the following command:
ping -a 18.104.22.168
That’s my quick-and-easy way to do what’s called a “reverse DNS lookup”. Normally, DNS maps names (like “askleo.com”) to IP addresses (like 22.214.171.124). In this case, it does the reverse, and reports the official domain name associated with that IP address.
Pinging askleo.com [126.96.36.199] with 32 bytes of data: Reply from 188.8.131.52: bytes=32 time=77ms TTL=52
Knowing the domain name, you can then do a “whois” lookup. One of my favorite sources for this is domaintools.com. For example,
There are services — typically referred to as private registration — that essentially replace all the public registration information with that of a third party, so as to keep even the basic registration information hidden.
What if the ping doesn’t work, or doesn’t return a domain name? Then things get less precise.
IP address ownership
The important thing to realize is that you do not own your IP address — your ISP or service provider does. All public information about that IP address will, in all likelihood, refer only to them.
We can use domaintools.com again to perform a “whois” lookup on an IP address we care about.
The result tells you that the IP address in the example above is owned by LiquidWeb, the hosting provider I use for askleo.com.
If the IP address is owned by an overseas provider, the information may direct you to a whois provider for the overseas region in which that provider is located.
There are two extremely important things to know about these “geo-location” services:
- They typically locate the endpoint of your ISP’s distribution equipment. What that means is the closest that they often get is the location of your ISP’s router – which could be next door or could be many miles away, depending on how your ISP has configured their network and where their equipment resides.
- Geo-location services are notoriously inaccurate. Depending on which service is used, my home IP address has been located as “Woodinville” (the postal region which encompasses 18 square miles and some 10,000 residential addresses), Seattle (roughly 10 miles from my house), Portland, Oregon (150 miles) and even southern California (close to 1000 miles).
As you can see, geolocation of an IP address can get close – perhaps identifying the city in which an IP address might be located — but its accuracy is seriously suspect.
Getting more details
Everything I’ve described above – reverse DNS, whois lookups, and geolocation – is all based on public information or publicly available services. And they are as far as you can go, at least without help.
What’s missing from all the information above?
Your name and address.3
Other people cannot find your name and physical address from your IP address, and you can’t find it from theirs.
Not without help.
We’ve seen that using a whois lookup on an IP address will tell you the ISP that owns it. It’s that ISP that can then tell you who, exactly, that IP address is connected to.
Note that while they can tell you, that doesn’t mean that they will. That information is typically regarded as private, and ISPs are reluctant to divulge it, no matter how desperate your plea.
What they can and do respond to, however, are court orders.4 If your situation merits the involvement of law enforcement — if laws have been broken and it is worth their effort to look into it — then a properly issued warrant or order from the court will get the information.
And you know what? Even that may not be enough.
An IP address is not a computer
Chances are you have more than one computer at home. In fact, chances are you have a router that allows several computers or other internet-connected devices to share your single connection to the internet.
They, in turn, share the single IP address you’ve been assigned on the internet.
The IP address alone cannot be used to identify a specific device behind your router.
Now, in many cases, that may seem inconsequential. An IP address might lead to a home, and it doesn’t matter which computer was used; you pretty much know at that point who owns the home and the computers therein.
There are two very important exceptions:
- Sharing your connection, intentionally or otherwise. The classic case is an unsecured wireless access point being used without permission by a nearby neighbor. That neighbor’s activity would appear to be coming from your IP address.
- Businesses, large and small, often share a single or limited number of IP addresses among dozens (if not hundreds or thousands) of different computers on their internal network. In the extreme case, while the internet IP address might be seen as being located in a city housing the company headquarters or IT center, the network behind the internet-facing router could span many cities or even countries.
In cases such as these, you would need the assistance of the local network administrator to identify a specific machine, if that’s even possible.
At home, where you are the network administrator, it’s important to realize that the actions of all computers sharing your internet connection will be associated with your IP address.
I often hear from individuals who have an IP address and desperately want to identify who is at that IP address.
As we’ve seen by now, it’s not that simple; it’s just not realistically possible.
Unless, of course, you have the assistance of law enforcement.
Since you also have an IP address that identifies your connection to the internet, this should reassure you (unless, of course, you’re doing things you shouldn’t).
If you’re someone being harassed or otherwise wronged by someone whose IP address you are able to identify, it can be frustrating. But realize that the hoops you have to jump through are the very same hoops that protect you as well.
If you found this article helpful, I'm sure you'll also love Confident Computing! My weekly email newsletter is full of articles that help you solve problems, stay safe, and give you more confidence with technology. Subscribe now and I'll see you there soon,
Footnotes & References
1: Actually it may tell you nothing at all. More and more domain registrars are switching to keeping this information private. Also, at the time of this update, the domaintools service doesn’t even show askleo.com as registered, though I can assure you it is.
3: Unless you made that information public by registering a domain name with your name and physical address, and then pointing that domain to an IP address that is connected to your physical address.
4: First, I’m not a lawyer and this is in no way legal advice. Second, all of this assumes that your country has a court system. I’m speaking mostly of how I understand things to operate in the United States. The requirements (if any) in other countries may be very different.