Hi, I have a query regarding, please help me if somebody knows how to trace the location of a private ip address. One of my friend is getting threat from unknown person; the incoming email id is is ******@gmail.com which is using private ip address, 192.168.111.*** Please help me to trace the location of the person. Thanks for your response. Regards
The private IP address is no use to you at all. But, the email must have passed through other servers to get there, and their IP's might provide useful information. If you can post up the whole email header information (with the appropriate addresses obfuscated) someone may be able to give you some help. Even then, it's likely a final step will be needed via the senders ISP and they will not help you unless the police or some other authority is involved. But you never know, perhaps they are dumb enough to send their emails from a system where you can trace the IP back to a company or person.
IP's in the 192 range are, as you say, private, meaning they refer to a machine on your local network. If that's the only IP you have, you won't be able to track this person. Most likely you have the wrong IP.
You cant, thats why they are reserved ranges. Meaning anyone can allocate those ips within their network. You cannot use these outside the network though. You should not see outside connections from private ranges. If you see connection from that, it is from inside your network.
If it's a threat, go to police with it. Also, if it's really 192.168.111.*, it could be your friend from the desk in front of you may be making jokes!
I think it all boils down to people wanting to get the ips from gmail headers. It wont happen, its relayed internally and you will only get gmail's internal ips. Plus anything on these blocks can be used by anyone internally and not externally. RFC1918 name IP address range number of addresses classful description largest CIDR block (subnet mask) host id size mask bits 24-bit block 10.0.0.0 - 10.255.255.255 16,777,216 single class A network 10.0.0.0/8 (255.0.0.0) 24 bits 8 bits 20-bit block 172.16.0.0 - 172.31.255.255 1,048,576 16 contiguous class B network 172.16.0.0/12 (255.240.0.0) 20 bits 12 bits 16-bit block 192.168.0.0 - 192.168.255.255 65,536 256 contiguous class C network 192.168.0.0/16 (255.255.0.0) 16 bits 16 bits
^^^^^ This is how to do it, honestly just SE the person into giving you their IP, send them an angry email (or whatever the situation requires) ranting and raving, and then, mention a link, or a site, or an image on a site, or a page on a site, (The before here mentioned "site" is of course yours), make sure that they will be the only person going to the link / page / site / image, and then just look at who has looked at it, they should be the only other person besides yourself who has looked at it. You should be able to get: IP, browser, plugins, OS, and some other useful information depending on your tracking system.
Amd you could also bypass going through the subpena process with google which I hear most law enforcement agencies dont have no luck at. After you get their info, it it is death threats, extortion or whatever then go to your LOCAL police dept or state police dept, dont try ic/fbi total waste of time unless you are a company or corporation and can show over $5k in damages/losses
can someone help me to find which one is the IP address? and if you can also check his location for me? since I dont know anything about this. is the one I want to know. Thanks guys! Delivered-To: Received: by 10.43.133.137 with SMTP id hy9csp92779icc; Fri, 18 Apr 2014 06:15:05 -0700 (PDT) Return-Path: <> Received-SPF: pass (google.com: domain of designates 10.194.82.35 as permitted sender) client-ip=10.194.82.35 Authentication-Results: mr.google.com; spf=pass (google.com: domain of designates 10.194.82.35 as permitted sender) smtp.mail=; dkim=pass header.i=@gmail.com X-Received: from mr.google.com ([10.194.82.35]) by 10.194.82.35 with SMTP id f3mr16598811wjy.36.1397826904666 (num_hops = 1); Fri, 18 Apr 2014 06:15:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=QR8Rdj5JVrbARNoYa3+XIJCdVEhUFe+NA/Q+mhM8M80=; b=yNj8x55SY2ojqO1X52u2LGRVahzB7YZQFqt0BJ8Nm2kuLnk5M4LzltVj/wJ+QuTOTO bPIMarkFNrWAJG2Jc0KgPnqLEv/oC8HdpFamH4rQcIhym35K0kr2JFcTQTv+V1us55z9 DQ7Kr/Fo+vxImM0X1hI9PALUH3K6xcfPpkCnsYYlAKEX0cd+d7OMa03i+LIFr044vVFO YydJ9aTzrUYBfWQBDDjtJusBCce8zePk7s+C4i0MCkjEC1GVvhCtphoXhekP4JaFUnKl dOlHNLMcJ1x6nKvKEXfSV/v/HT7ILcHg1ouHs+o5Zuacb/J4ZX1aPSZXgBUghc1FOtKF T15w== MIME-Version: 1.0 X-Received: by 10.194.82.35 with SMTP id f3mr16598811wjy.36.1397826904661; Fri, 18 Apr 2014 06:15:04 -0700 (PDT) Received: by 10.216.204.202 with HTTP; Fri, 18 Apr 2014 06:15:04 -0700 (PDT) Date: Fri, 18 Apr 2014 14:15:04 +0100 Message-ID: <> Subject: First of many love letters to come From: robert oher <> To: Aisa Choi <> Content-Type: multipart/alternative; boundary=047d7bf0c1061c25ef04f750f0ef --047d7bf0c1061c25ef04f750f0ef Content-Type: text/plain; charset=UTF-8
You can use this google tool to get the location: https://toolbox.googleapps.com/apps/messageheader/ Then you can find the location using ip lookup websites. You can try http://www.ipgp.net
As others have stated - if you get an email with the sender IP as 192.168.111.*, the person is on the network you're on, or spoofing their IP-address (which is of course also possible) - usually most email-servers will catch this, though.
If you have a internet access to your router, you may connect to your router and search the IP addresses of all networked devices. The router shows Static and Dynamic user lists with hostname, IP address and MAC address of the linked devices.
Hi guys I would some help with this one! they ripped me off and I want justice. Delivered-To: Received: by 10.36.56.194 with SMTP id b185csp3021455ita; Sun, 5 Apr 2015 08:36:18 -0700 (PDT) X-Received: by 10.194.177.132 with SMTP id cq4mr22323442wjc.99.1428248178243; Sun, 05 Apr 2015 08:36:18 -0700 (PDT) Return-Path: <> Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com. [2a00:1450:400c:c05::22c]) by mx.google.com with ESMTPS id v10si2570066wju.8.2015.04.05.08.36.17 for <> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 05 Apr 2015 08:36:18 -0700 (PDT) Received-SPF: pass (google.com: domain of designates 2a00:1450:400c:c05::22c as permitted sender) client-ip=2a00:1450:400c:c05::22c; Authentication-Results: mx.google.com; spf=pass (google.com: domain of designates 2a00:1450:400c:c05::22c as permitted sender) smtp.mail=; dkim=pass header.i=@gmail.com; dmarc=pass (p=NONE dis=NONE) header.from=gmail.com Received: by mail-wi0-x22c.google.com with SMTP id di4so8985809wid.0 for <>; Sun, 05 Apr 2015 08:36:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=R6Ah4Q2X27R/v+BkDzHfAv5T+QZSLkWdwZEbVBpU7PE=; b=EK19oigDIm/QpVUiLV6FBkoap27TwLqYPsHyWXsO7i1DZhHPUJLwSGvXVHMz5BHUqV JaBZq/+4poKrFEzqiyEbKIpB0/d7xs++7l8iTJUVaGQIfvHJXvobrkpDc6sjMT+sOIYb NB2jrSTw78jtR2utuTlN1cRwHnQTG1j1Uk56lzh0bru3QSeftNpQ62oSjqCbPlHXD/wo e6kIOQZsx0NDklpzI4kH4XRE/DkR0d8q9icWqU8HiVognCN2tNkIL3nXkUxzYXcA36HJ EOsMIskUHlLxFNN9AFWwBNy7UKXZ7kCN4ex35cZrCiHG66/+OKtOJaFQXUBzqNm2/XLu ZkvQ== MIME-Version: 1.0 X-Received: by 10.194.179.194 with SMTP id di2mr22963907wjc.4.1428248176899; Sun, 05 Apr 2015 08:36:16 -0700 (PDT) Received: by 10.27.47.1 with HTTP; Sun, 5 Apr 2015 08:36:16 -0700 (PDT) Date: Sun, 5 Apr 2015 08:36:16 -0700 Message-ID: <> Subject: Transfer Of Ownership Paper to MD From: Bob sue <> To: Content-Type: multipart/mixed; boundary=089e01419d1c3de6880512fbf171 Bcc: --089e01419d1c3de6880512fbf171 Content-Type: text/plain; charset=UTF-8 --089e01419d1c3de6880512fbf171 Content-Type: image/jpeg; name="Transfer Of Ownership Paper to MD.jpg" Content-Disposition: attachment; filename="Transfer Of Ownership Paper to MD.jpg" Content-Transfer-Encoding: base64 X-Attachment-Id: file1
That might very well be, but first, you hijack a 3 year old thread - write your own. Second, you got nothing - stuff sent via gmail doesn't provide any info on the user's ip at all. Only way to get that info is to file charges, get a court order and have Google provide the information. Good luck with that.
Even if google disclose the IP address, it might be from a proxy or somewhere unknown. Then the Internet Service Provider should be forced to disclose the location or the name of the person who used that IP address. If it is from Africa or Asia, the chance is minimal even with police involved.
Do you have an account already you could help me find out who is the person behind the pictures that is catfishing me? I tried to search his URL in an IP a dress search to see where at least the person lived and it told me IP blocked. If this website can get around that please please help me!
Why not just block the sender? As what several people have already posted, that ip address as an internal ip. As such, it is coming from within the company, or the same network. If you are getting it from an e-mail account, just setup a filter to mark the email as read, and put it into a folder called, "mean person" or whatever, and collect evidence in case you ever need it and no longer worry about it. If you are working at a company, then you will want to contact ip and inform them and contact HR concerning abuse.