How to find someone's ip address on the internet guide | Anonymous Proxies (2024)

Finding someone's IP address can be a challenging task if the person does not know you. There are many methods of exposing one's IP address, some of which, involve clever tactics...to say the least.

Have the person access an online service

If you're trying to help someone find their IP address then things are simple. Have him access an online service such as infoip and the website will display their address and geolocation data.

Some things to know

Can I extract a user's IP address from social media apps?

No, you cannot extract the IP address from someone you talk to over {Whatsapp/Telegram/Instagram/Facebook/...}. In most instances, a third party (middle server) is responsible for relaying communication data between parties. The exchange does not flow directly from A to B. Actually, sensitive data like this is hidden by design. Being able to find someone's IP address through such an app would be considered a bug or security risk and should be reported straight away. you might even get a reward.

Method 1: Parse email headers

Simplest method would be to receive an email from the target and display the headers (full message). For Gmail you can open the email, go to the top right corner where the 3 vertical dotted menu sits, click on it and select `Show original`. This will open the email in the original form that contains all the data that came with it, similarly to the source code of a webpage.

With the full message displayed, look for something like Received: from o15.ptr9908.discord.com (o15.ptr9908.discord.com. [149.72.158.236]) (actual message I received). 149.72.158.236 here represents the sender's address.

Method 2: Send them an email with a tracking pixel

If method one does not work we need to try a different approach by sending an email to the target. Of course...this requires that you know their email address. Inside that email we will place an image. It can be a one pixel image or a bigger image, it doesn't matter. What matters is that the image is not sent as an attachment. It needs to be inline and loaded from an url. That url must be from a web server deployed by us. When the target tries to read the email, the browser or client they use will attempt to load the images so it will call your server in order to download the image from the url you provided. When the file is requested, your server can store the IP address of the caller.

Example web server used to serve email tracking images

I will use a Python web server for this task along with `Flask` which is a very light web framework.

 import logging
 from flask import Flask, send_file, request
 app = Flask(__name__)
 logging.basicConfig(filename='access.log', level=logging.INFO, format='%(asctime)s - %(message)s')
 @app.route('/pixel.png')
 def pixel():
 client_ip = request.remote_addr
 logging.info(f'Client IP: {client_ip}')
 return send_file('pixel.png', mimetype='image/png')
 if __name__ == '__main__':
 app.run(host='0.0.0.0', port=5000)

This can be uploaded on Digitalocean or other providers, there are literally thousands of of options so I won't stress it too far. Funnily enough, this is how I started learning programming.

The pixel can even be generated by Python, in the same code:

 from PIL import Image
img = Image.new('RGBA', (1, 1), (0, 0, 0, 0))
img.save('pixel.png')
See Also
Discord User Finder - How to Find Someone [2 Best Tools] - Alvaro Trigo's BlogHow to Fix Temporary Network Error on Discord? [2024]How to Find IP Address from Xbox Live GamertagWhat Are CatDDoS Botnet and DNSBomb DDoS Attacks?

Now you can place the image in your email: <img src="http://your-server-ip:5000/pixel.png" alt="">

Keep in mind that many email providers have started resolving the images via proxy servers before sending them to the client so the IP address that you log might actually be one of their server's address.

Method 3: Make them visit a webpage that you control

You can use the web server from method 2 and, with little tweaks, make it to respond to various kind of requests, not just images. The target would need to visit one of your endpoints for that to work. These two methods are very similar but one requires you to know the email address while the other one doesn't but requires that you're able to send an url to the target.

How to find the IP address of a website

This one is slightly unrelated but it will introduce you to ping which is a tool I use very often. You can open a command prompt and write ping google.com which will output something like:

 ping google.com
 PING google.com (216.58.212.46): 56 data bytes
 64 bytes from 216.58.212.46: icmp_seq=0 ttl=115 time=51.153 ms
 64 bytes from 216.58.212.46: icmp_seq=1 ttl=115 time=78.244 ms
 ^C
 --- google.com ping statistics ---
 2 packets transmitted, 2 packets received, 0.0% packet loss
 round-trip min/avg/max/stddev = 51.153/64.698/78.244/13.546 ms

In this output, 216.58.212.46 is the IP that responded for google.com. Since they have thousands of servers deployed, I am more than sure that 216.58.212.46 is a server located very close to me and the 50ms latency confirms it.

Are you hiding behind a proxy and need to check for leaks?

If you're using an anonymous HTTP proxy or maybe a SOCKS5 proxy and wish to check if it is leaking any private information I suggest you to find a service which performs all these tests:

Let's actually take them one by one and see how could they break through and reveal your real internet address.

WebRTC

It is used for real-time communication. Think video, voice or other generic binary data. Since it is a new protocol that works over UDP (preferably) and its traffic is not yet passed through proxies, WebRTC is able to reveal your IP address easily. You can stop it by disabling it in the browser's settings or you can trick it by using a VPN that works at the network level and not just the browser. For fast and light proxy work I suggest disabling it in the browser.

To disable WebRTC in chrome go to `chroms://settings` and perform a Search for the `WebRTC` keyword. It will display a list with one of the items being `WebRTC IP handling policy`. Set it to `Disable non-proxied UDP`.

Here is a Javascript code that uses WebRTC to show the real IP address of the user, bypassing the browser's proxy settings:

 function getPublicIP(callback) {
 let ipAddresses = new Set();
 let pc = new RTCPeerConnection({
 iceServers: [{ urls: 'stun:stun.l.google.com:19302' }]
 });
 pc.createDataChannel('');
 pc.createOffer().then(offer => pc.setLocalDescription(offer)).catch(err => console.error('Error creating offer:', err));
See Also
Discord Keeps Disconnecting and Reconnecting? 15 Ways to Fix
 pc.onicecandidate = (event) => {
 if (event.candidate) {
 let candidate = event.candidate.candidate;
 let regex = /([0-9]{1,3}(\.[0-9]{1,3}){3})/g;
 let matches = candidate.match(regex);
 if (matches) {
 matches.forEach(ip => ipAddresses.add(ip));
 }
 } else {
 callback(ipAddresses);
 pc.close();
 }
 };
 }
 getPublicIP(publicIPs => {
 console.log('Public IP addresses:', publicIPs);
 });

To run this code and see for yourself whether your browser is leaking unwanted bits, right click anywhere on a webpage , select Inspect, in the newly opened drawer go to Console, paste the code and hit Enter. It might take even a minute to come back but, if the browser allows it, your real ip address will be resolved.

So why does WebRTC discloses the IP address after all? To understand this we need to first understand how this protocol operates. Since it is being used mostly for direct communication where low latencies are desired, knowing the IP address of the peer you wish to communicate with is crucial. If you're doing any voice or video activities you know how bad higher latencies can affect the quality of the stream so this is why WebRTC dominates other protocols that involve a third party server to relay the packets.

Java applets

Java applets can be executed from the browser but they run on the system and here lies the problem. The system is not proxied, only the browser so any type of request made from that Java applet to any given server will reveal your real info. I suggest disabling Java from running inside the browser entirely.

QUIC/HTTP3

Similarly to WebRTC QUIC is a new protocol which is not yet proxified by browsers. It works on UDP and it is being used generally for a faster internet since connections are established much easier. There is a document where it is being discussed/proposed how to tunnel UDP through HTTP by using the connect-udp method but no browser implementations so far. Your best bet is to disable QUIC by going to chrome://flags and look for Experimental QUIC protocol; set it to disabled.

QUIC seems like the future for the web so we're eagerly waiting for adoptions of this RFC and for browsers to be able to proxify UDP traffic. This will probably solve both WebRTC and QUIC.

DNS leak

While a DNS leak will not reveal your IP address, it will reveal the address of your DNS resolver. You see, each url you visit has a domain and each domain has one or more servers behind it. Those servers have IP addresses through which they communicate with you. For the browser to know the IP addresses it can talk to, it needs a DNS server which resolves a domain to its address(es) so it will contact the nameservers. A website could send out requests towards generated subdomains and put a nameserver up just to see who tries to resolve those domains. If the IP of the resolver is very different (country, city etc) from the IP of the visitor then it may be flagged. This is, in a nutshell, how a DNS leak works.

To see if your proxy or browser is leaking via DNS you can perform a DNS leak test online. Our premium HTTP proxies resolve DNS queries locally so you're protected from this leak.

How to find the IP addresses that your PC is communicating with

To find the IP addresses that your PC is communicating with, you can use various tools and commands available on your operating system. Here are methods for Windows, macOS, and Linux.

Windows

Using Command Prompt

1. Open Command Prompt: Press Win + R, type cmd, and press Enter.

2. Run the netstat Command:

netstat -an

This command will display all active connections and listening ports.

For more detailed information:

netstat -anob

The -o option shows the owning process ID associated with each connection, and -b shows the executable involved in creating each connection.

Using PowerShell

1. Open PowerShell: Press Win + X, select Windows PowerShell (Admin).

2. Run the Get-NetTCPConnection Command:

Get-NetTCPConnection | Select-Object -Property State, LocalAddress, RemoteAddress

This command displays TCP connections along with the local and remote IP addresses.

macOS

Using Terminal

1. Open Terminal: You can find it in Applications > Utilities, or press Cmd + Space and type Terminal.

2. Run the netstat Command:

netstat -an

This will show all active connections and listening ports.

For more detailed information:

sudo lsof -i -n -P

This command lists open internet and network files.

Linux

Using Terminal

1. Open Terminal: Press Ctrl + Alt + T.

2. Run the netstat Command:

netstat -an

This will show all active connections and listening ports.

For more detailed information:

sudo netstat -tunlp

Using ss Command

The ss command is a modern alternative to netstat on Linux:

ss -tunap

Using Wireshark (Cross-Platform)

Wireshark is a network protocol analyzer that can capture and analyze packets in real-time.