How to Trace an IP Address
Do you
want to find out someone's IP address? Or your own? Or do you want to
find out what country an email is from? You an do it by tracing an IP
address. It is not very hard to do, and we'll show you how.
Website IP Address
Ping an address. This sends a signal out to a URL—like a sonar, hence the name—which then bounces back with the website information attached, and how long the round trip took. Type "ping [URL]" - example: ping www.facebook.com.
Press return. The IP address should appear beside the website name, followed by how many seconds or milliseconds the ping took. The format of an IP address is numeric, written as four numbers separated by periods. For Facebook, the IP address is 69.171.237.16.
Email IP Address
- 1Open your email client. To find the IP of an email sent to you, you can investigate the message's headers—that stuff that looks like a keyboard exploded on the message.
- 2Show headers. From the View menu, select the option that lets you view all or extended headers, and your To/From section will blossom with new information. From all that information, you only need a couple bits to search for.
- Next to the Received section you will see something like
"from..... and an IP address as described above. Select one of those,
and copy it to the clipboard. In this case, we'll select 66.220.144.152,
and copy it. We can see that it says Received from mx-out.facebook.com,
so we'll do a test to see if that's accurate.
- Next to the Received section you will see something like
"from..... and an IP address as described above. Select one of those,
and copy it to the clipboard. In this case, we'll select 66.220.144.152,
and copy it. We can see that it says Received from mx-out.facebook.com,
so we'll do a test to see if that's accurate.
- 3Open a command console. This is described above. Only this time, instead of doing a ping on a known address, we're going to run a whois check.
- In your terminal window, by the flashing cursor, type whois 66.220.144.152, and press Enter.
The information will be sent out to a database, queried, and then
returned with the registration information for that IP address.
- In this case, we can verify that the message was sent through Facebook. Notice we also have the domain registrar's full address.
- In your terminal window, by the flashing cursor, type whois 66.220.144.152, and press Enter.
The information will be sent out to a database, queried, and then
returned with the registration information for that IP address.
- 4Use an alternative lookup. You may not want to use the terminal, or perhaps it's not loaded on your computer. Instead, you can try using an internet lookup, such as ip-lookup, which gives you much the same information as a whois lookup, and in many cases, much more.
Geo-location of an IP Address
- 1Use the methods described above to obtain the IP number you wish to check.
- 2
- Go to a website that will allow you to look up IP address information. Google "IP Lookup" or "IP Geolcation" for a large list of sites that will freely offer this service.
- 3
- Understand what you can and cannot learn from the IP address:
- Which internet service provider (ISP) the user is using. In some cases this may be the user's company (e.g. Ford.com). In other cases it may be just one of the large ISPs such as ATT or Comcast.
- The approximate physical location of the user (e.g. Palo Alto, California.)
- Recognize that usually you will not learn the actual name of the
person doing at that IP address (e.g. Joe Smith). ISPs will typically
only release such information under a court order.
Tracerout
1
Open a command console as described above. On Windows, enter tracert <IP address>. On UNIX (including Linux and Macintosh OS X), open a shell and use the command traceroute <IP address>, and how long each step takes.
0 comments:
Post a Comment