1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How to trace a private IP Address location?

Discussion in 'Security' started by ecapsnet, May 3, 2012.

  1. #1
    Hi,
    I have a query regarding, please help me if somebody knows how to trace the location of a private ip address.

    One of my friend is getting threat from unknown person; the incoming email id is is ******@gmail.com which is using private ip address, 192.168.111.***
    SEMrush
    Please help me to trace the location of the person.

    Thanks for your response.

    Regards
     
    ecapsnet, May 3, 2012 IP
    SEMrush
  2. RonBrown

    RonBrown Well-Known Member

    Messages:
    934
    Likes Received:
    55
    Best Answers:
    4
    Trophy Points:
    105
    #2
    The private IP address is no use to you at all. But, the email must have passed through other servers to get there, and their IP's might provide useful information. If you can post up the whole email header information (with the appropriate addresses obfuscated) someone may be able to give you some help. Even then, it's likely a final step will be needed via the senders ISP and they will not help you unless the police or some other authority is involved. But you never know, perhaps they are dumb enough to send their emails from a system where you can trace the IP back to a company or person.
     
    RonBrown, May 4, 2012 IP
  3. jcsrv

    jcsrv Peon

    Messages:
    8
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    IP's in the 192 range are, as you say, private, meaning they refer to a machine on your local network. If that's the only IP you have, you won't be able to track this person.

    Most likely you have the wrong IP.
     
    jcsrv, Jul 12, 2012 IP
  4. blockdos

    blockdos Active Member

    Messages:
    96
    Likes Received:
    0
    Best Answers:
    3
    Trophy Points:
    71
    #4
    You cant, thats why they are reserved ranges. Meaning anyone can allocate those ips within their network. You cannot use these outside the network though. You should not see outside connections from private ranges. If you see connection from that, it is from inside your network.
     
    blockdos, Oct 30, 2012 IP
  5. mangoo

    mangoo Peon

    Messages:
    27
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    If it's a threat, go to police with it.
    Also, if it's really 192.168.111.*, it could be your friend from the desk in front of you may be making jokes!
     
    mangoo, Nov 2, 2012 IP
  6. blockdos

    blockdos Active Member

    Messages:
    96
    Likes Received:
    0
    Best Answers:
    3
    Trophy Points:
    71
    #6
    I think it all boils down to people wanting to get the ips from gmail headers. It wont happen, its relayed internally and you will only get gmail's internal ips.

    Plus anything on these blocks can be used by anyone internally and not externally.

    RFC1918 name IP address range number of addresses classful description largest CIDR block (subnet mask) host id size mask bits
    24-bit block 10.0.0.0 - 10.255.255.255 16,777,216 single class A network 10.0.0.0/8 (255.0.0.0) 24 bits 8 bits
    20-bit block 172.16.0.0 - 172.31.255.255 1,048,576 16 contiguous class B network 172.16.0.0/12 (255.240.0.0) 20 bits 12 bits
    16-bit block 192.168.0.0 - 192.168.255.255 65,536 256 contiguous class C network 192.168.0.0/16 (255.255.0.0) 16 bits 16 bits
     
    blockdos, Nov 2, 2012 IP
  7. cfomodz

    cfomodz Member

    Messages:
    57
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    28
    #7
    ^^^^^ This is how to do it, honestly just SE the person into giving you their IP, send them an angry email (or whatever the situation requires) ranting and raving, and then, mention a link, or a site, or an image on a site, or a page on a site, (The before here mentioned "site" is of course yours), make sure that they will be the only person going to the link / page / site / image, and then just look at who has looked at it, they should be the only other person besides yourself who has looked at it. You should be able to get: IP, browser, plugins, OS, and some other useful information depending on your tracking system.
     
    cfomodz, Nov 24, 2012 IP
  8. blockdos

    blockdos Active Member

    Messages:
    96
    Likes Received:
    0
    Best Answers:
    3
    Trophy Points:
    71
    #8
    Amd you could also bypass going through the subpena process with google which I hear most law enforcement agencies dont have no luck at.
    After you get their info, it it is death threats, extortion or whatever then go to your LOCAL police dept or state police dept, dont try ic/fbi total waste of time unless you are a company or corporation and can show over $5k in damages/losses
     
    blockdos, Nov 24, 2012 IP
  9. panda222man

    panda222man Greenhorn

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    21
    #9
    can someone help me to find which one is the IP address? and if you can also check his location for me? since I dont know anything about this. is the one I want to know. Thanks guys!
    Delivered-To:
    Received: by 10.43.133.137 with SMTP id hy9csp92779icc;
    Fri, 18 Apr 2014 06:15:05 -0700 (PDT)
    Return-Path: <>
    Received-SPF: pass (google.com: domain of designates 10.194.82.35 as permitted sender) client-ip=10.194.82.35
    Authentication-Results: mr.google.com;
    spf=pass (google.com: domain of designates 10.194.82.35 as permitted sender) smtp.mail=;
    dkim=pass header.i=@gmail.com
    X-Received: from mr.google.com ([10.194.82.35])
    by 10.194.82.35 with SMTP id f3mr16598811wjy.36.1397826904666 (num_hops = 1);
    Fri, 18 Apr 2014 06:15:04 -0700 (PDT)
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
    d=gmail.com; s=20120113;
    h=mime-version:date:message-id:subject:from:to:content-type;
    bh=QR8Rdj5JVrbARNoYa3+XIJCdVEhUFe+NA/Q+mhM8M80=;
    b=yNj8x55SY2ojqO1X52u2LGRVahzB7YZQFqt0BJ8Nm2kuLnk5M4LzltVj/wJ+QuTOTO
    bPIMarkFNrWAJG2Jc0KgPnqLEv/oC8HdpFamH4rQcIhym35K0kr2JFcTQTv+V1us55z9
    DQ7Kr/Fo+vxImM0X1hI9PALUH3K6xcfPpkCnsYYlAKEX0cd+d7OMa03i+LIFr044vVFO
    YydJ9aTzrUYBfWQBDDjtJusBCce8zePk7s+C4i0MCkjEC1GVvhCtphoXhekP4JaFUnKl
    dOlHNLMcJ1x6nKvKEXfSV/v/HT7ILcHg1ouHs+o5Zuacb/J4ZX1aPSZXgBUghc1FOtKF
    T15w==
    MIME-Version: 1.0
    X-Received: by 10.194.82.35 with SMTP id f3mr16598811wjy.36.1397826904661;
    Fri, 18 Apr 2014 06:15:04 -0700 (PDT)
    Received: by 10.216.204.202 with HTTP; Fri, 18 Apr 2014 06:15:04 -0700 (PDT)
    Date: Fri, 18 Apr 2014 14:15:04 +0100
    Message-ID: <>
    Subject: First of many love letters to come
    From: robert oher <>
    To: Aisa Choi <>
    Content-Type: multipart/alternative; boundary=047d7bf0c1061c25ef04f750f0ef

    --047d7bf0c1061c25ef04f750f0ef
    Content-Type: text/plain; charset=UTF-8
     
    panda222man, May 2, 2014 IP
  10. thedark

    thedark Well-Known Member

    Messages:
    1,307
    Likes Received:
    41
    Best Answers:
    0
    Trophy Points:
    168
    Digital Goods:
    1
    #10
    thedark, Jan 4, 2015 IP
  11. Pigeon Yoga

    Pigeon Yoga Active Member

    Messages:
    52
    Likes Received:
    4
    Best Answers:
    1
    Trophy Points:
    63
    #11
    Do you have anything else besides the IP?
     
    Pigeon Yoga, Jan 4, 2015 IP
  12. thedark

    thedark Well-Known Member

    Messages:
    1,307
    Likes Received:
    41
    Best Answers:
    0
    Trophy Points:
    168
    Digital Goods:
    1
    #12
    192.168.111.*** is not a public IP Address. The person who sent this is within your own network.
     
    thedark, Jan 26, 2015 IP
  13. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,626
    Likes Received:
    719
    Best Answers:
    151
    Trophy Points:
    420
    #13
    As others have stated - if you get an email with the sender IP as 192.168.111.*, the person is on the network you're on, or spoofing their IP-address (which is of course also possible) - usually most email-servers will catch this, though.
     
    PoPSiCLe, Jan 26, 2015 IP
  14. AnaWade

    AnaWade Peon

    Messages:
    10
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #14
    If you have a internet access to your router, you may connect to your router and search the IP addresses of all networked devices. The router shows Static and Dynamic user lists with hostname, IP address and MAC address of the linked devices.
     
    AnaWade, Mar 18, 2015 IP
  15. Krissy22

    Krissy22 Peon

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    1
    #15
    Hi guys I would some help with this one! they ripped me off and I want justice.
    Delivered-To:
    Received: by 10.36.56.194 with SMTP id b185csp3021455ita;
    Sun, 5 Apr 2015 08:36:18 -0700 (PDT)
    X-Received: by 10.194.177.132 with SMTP id cq4mr22323442wjc.99.1428248178243;
    Sun, 05 Apr 2015 08:36:18 -0700 (PDT)
    Return-Path: <>
    Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com. [2a00:1450:400c:c05::22c])
    by mx.google.com with ESMTPS id v10si2570066wju.8.2015.04.05.08.36.17
    for <>
    (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
    Sun, 05 Apr 2015 08:36:18 -0700 (PDT)
    Received-SPF: pass (google.com: domain of designates 2a00:1450:400c:c05::22c as permitted sender) client-ip=2a00:1450:400c:c05::22c;
    Authentication-Results: mx.google.com;
    spf=pass (google.com: domain of designates 2a00:1450:400c:c05::22c as permitted sender) smtp.mail=;
    dkim=pass header.i=@gmail.com;
    dmarc=pass (p=NONE dis=NONE) header.from=gmail.com
    Received: by mail-wi0-x22c.google.com with SMTP id di4so8985809wid.0
    for <>; Sun, 05 Apr 2015 08:36:17 -0700 (PDT)
    DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
    d=gmail.com; s=20120113;
    h=mime-version:date:message-id:subject:from:to:content-type;
    bh=R6Ah4Q2X27R/v+BkDzHfAv5T+QZSLkWdwZEbVBpU7PE=;
    b=EK19oigDIm/QpVUiLV6FBkoap27TwLqYPsHyWXsO7i1DZhHPUJLwSGvXVHMz5BHUqV
    JaBZq/+4poKrFEzqiyEbKIpB0/d7xs++7l8iTJUVaGQIfvHJXvobrkpDc6sjMT+sOIYb
    NB2jrSTw78jtR2utuTlN1cRwHnQTG1j1Uk56lzh0bru3QSeftNpQ62oSjqCbPlHXD/wo
    e6kIOQZsx0NDklpzI4kH4XRE/DkR0d8q9icWqU8HiVognCN2tNkIL3nXkUxzYXcA36HJ
    EOsMIskUHlLxFNN9AFWwBNy7UKXZ7kCN4ex35cZrCiHG66/+OKtOJaFQXUBzqNm2/XLu
    ZkvQ==
    MIME-Version: 1.0
    X-Received: by 10.194.179.194 with SMTP id di2mr22963907wjc.4.1428248176899;
    Sun, 05 Apr 2015 08:36:16 -0700 (PDT)
    Received: by 10.27.47.1 with HTTP; Sun, 5 Apr 2015 08:36:16 -0700 (PDT)
    Date: Sun, 5 Apr 2015 08:36:16 -0700
    Message-ID: <>
    Subject: Transfer Of Ownership Paper to MD
    From: Bob sue <>
    To:
    Content-Type: multipart/mixed; boundary=089e01419d1c3de6880512fbf171
    Bcc:

    --089e01419d1c3de6880512fbf171
    Content-Type: text/plain; charset=UTF-8



    --089e01419d1c3de6880512fbf171
    Content-Type: image/jpeg; name="Transfer Of Ownership Paper to MD.jpg"
    Content-Disposition: attachment;
    filename="Transfer Of Ownership Paper to MD.jpg"
    Content-Transfer-Encoding: base64
    X-Attachment-Id: file1
     
    Krissy22, Apr 6, 2015 IP
  16. PoPSiCLe

    PoPSiCLe Illustrious Member

    Messages:
    4,626
    Likes Received:
    719
    Best Answers:
    151
    Trophy Points:
    420
    #16
    That might very well be, but first, you hijack a 3 year old thread - write your own. Second, you got nothing - stuff sent via gmail doesn't provide any info on the user's ip at all. Only way to get that info is to file charges, get a court order and have Google provide the information. Good luck with that.
     
    PoPSiCLe, Apr 6, 2015 IP
  17. thedark

    thedark Well-Known Member

    Messages:
    1,307
    Likes Received:
    41
    Best Answers:
    0
    Trophy Points:
    168
    Digital Goods:
    1
    #17
    Even if google disclose the IP address, it might be from a proxy or somewhere unknown. Then the Internet Service Provider should be forced to disclose the location or the name of the person who used that IP address. If it is from Africa or Asia, the chance is minimal even with police involved.
     
    thedark, Feb 28, 2016 IP
  18. na9endra

    na9endra Well-Known Member

    Messages:
    142
    Likes Received:
    6
    Best Answers:
    1
    Trophy Points:
    103
    #18
    just go and complain the cyber security cell, they will look after those things.

    takecare
     
    na9endra, Mar 9, 2017 IP
  19. Braylyn

    Braylyn Greenhorn

    Messages:
    1
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    21
    #19
    Do you have an account already you could help me find out who is the person behind the pictures that is catfishing me? I tried to search his URL in an IP a dress search to see where at least the person lived and it told me IP blocked. If this website can get around that please please help me!
     
    Braylyn, May 18, 2017 IP
  20. Komputerking

    Komputerking Greenhorn

    Messages:
    34
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    8
    #20
    Why not just block the sender? As what several people have already posted, that ip address as an internal ip. As such, it is coming from within the company, or the same network. If you are getting it from an e-mail account, just setup a filter to mark the email as read, and put it into a folder called, "mean person" or whatever, and collect evidence in case you ever need it and no longer worry about it.

    If you are working at a company, then you will want to contact ip and inform them and contact HR concerning abuse.
     
    Komputerking, Jul 31, 2018 IP