Trace an IP Address

Tracing an IP address is fairly simple. To trace a website IP address, you can simply ping the URL from your computer's command console, then use an IP lookup to find out where it comes from. Similarly, to trace the IP address of an email, find the IP address from the email header, then use a whois search or IP lookup to trace it back to its source.

Steps

Website IP Address

1. Open a command console. On a Mac, it's called Terminal and it's in the Utilities folder. On a PC, click on Start, then "All Programs", then Accessories, and then Command Prompt. This will let you ping any website to find out the IP address of that website.
2. Ping an address. This sends a signal out to a URL which then bounces back with the website information attached, and how long the round trip took.
   • Type "ping [URL]" - example: ping www.facebook.com.<tt>
3. Press return/enter. The IP address should appear beside the website name, followed by how many seconds or milliseconds the ping took.
   • The format of an IP address is numeric, written as four numbers separated by periods. For Facebook, the IP address is 69.171.237.16.

Email IP Address

1. Open your email client. To find the IP of an email sent to you, you can investigate the message's headers—that stuff that looks like a keyboard exploded on the message.
2. Show headers. Open a message. From the View menu, select the option that lets you view all or extended headers, and your To/From section will blossom with new information.
   • On a Mac, click View > Message > All Headers
   • On a PC, on Options, click the dialogue box launcher > Message Options dialogue box (Properties) > Internet Headers
   • Next to the Received section you will see something like "from..... and an IP address as described above. Select one of those, and copy it to the clipboard. In this case, we'll select 66.220.155.163, and copy it. We can see that it says Received from mx-out.facebook.com, so we'll do a test to see if that's accurate.
3. Open a command console. This is described above. Only this time, instead of doing a ping on a known address, we're going to run a whois check.
   • In your terminal window, by the flashing cursor, type <tt>whois 66.220.155.163<tt>, and press Enter. The information will be sent out to a database, queried, and then returned with the registration information for that IP address.
   • In this case, we can verify that the message was sent through Facebook. Notice we also have the domain registrar's full address.
4. Use an alternative lookup. You may not want to use the terminal, or perhaps it's not loaded on your computer. Instead, you can try using an Internet lookup, such as ip-lookup, which gives you much the same information as a whois lookup, and in many cases, much more.

Geo-location of an IP Address

1. Use the methods described above to obtain the IP number you wish to check.
2. Go to a website that will allow you to look up IP address information. Google "IP Lookup" or "IP Geolocation" for a large list of sites that will freely offer this service.
3. Understand what you can and cannot learn from the IP address:
   • Which internet service provider (ISP) the user is using. In some cases this may be the user's company (e.g. Ford.com). In other cases it may be just one of the large ISPs such as ATT or Comcast.
   • The approximate physical location of the user (e.g. Palo Alto, California.)
   • Recognize that usually you will not learn the actual name of the person doing at that IP address (e.g. Joe Smith). ISPs will typically only release such information under a court order.

Traceroute

1. Open a command console as described above. On Windows, enter <tt>tracert <IP address><tt>. On UNIX (including Linux and Macintosh OS X), open a shell and use the command <tt>traceroute <IP address><tt>, and how long each step takes.

Tips

• Flying lines and glowing hubs are only on TV. Real life is much more prosaic—and slow. Regardless, if you want to find out who is sending you things, this will take you a long way.

Warnings

• Tracing an IP isn't foolproof. People can take extreme measures to remain anonymous (even forging e-mails).

Things You'll Need

• A Computer
• An Internet connection
• A computer wide Proxy Server

Related Articles

• Stop Spam
• Surf the Web Anonymously with Proxies
• Find the IP Address of Your PC
• Find Your IP Address on a Mac
• Check the IP Address in Linux

Sources and Citations

• http://www.dnsstuff.com - free tools and member-only tools - whois, ipwhois, dns health check, dnsreport, spam datatabase lookup