How does Reverse IP lookup work?

131 viewsOther

How do some tools give Personally Identifiable Information like for ex – Company names of website visitors going on a specific website? They claim to so it with reverse IP lookup.

In: Other

3 Answers

Anonymous 0 Comments

Visit https://whatismyipaddress.com/ and click on the digital IP address. The hostname shown is the result of the reverse IP lookup. The IP address owner voluntarily publishes the hostname associated with the IP address. [For example 8.8.8.8 IP address](https://whatismyipaddress.com/ip/8.8.8.8) has “dns.google” hostname. Some other Google’s IP address may have a hostname like 38404.corp.google.com. If that IP address is used as an intermediate node for Google employees visiting some websites, the reverse IP lookup reveals the company of the visitor.

It is not as useful as the tools make you believe. The vast majority of IP addresses have either no hostname or the hostname reflects an ISP name such as <some-digits-and-numbers>.<your-ISP>.<domain>

Anonymous 0 Comments

IP addresses function very much like the addresses written on an envelope of traditional snail mail.

Every time you go to a website it’s likely that your source IP address (the address on your packets) is logged by that website.

Each IP address is in turn in a database that says who owns it, be it a datacenter, a business, or an ISP.

IP addresses can also be associated with DNS names, like Reddit or another website.

All of this information can be easily looked up if you know where to look.

If you come to my website I can see your source IP Address instantly. With your IP address I can very quickly look up which country you are in, what ISP you are using, and if that IP is associated with a website, a business, or email. It’s fairly trivial.

An IP address though doesn’t necessarily represent a specific person, in the same way that a phone call from a business or a house could be from anyone in that home or business.

Anonymous 0 Comments

Companies who want to act like service providers have to *buy* an IP range.

That makes sense for, say, AT&T, since they have millions of customers. They had to buy a ton of IP addresses so that each customer can have one. Those IP addresses are registered to AT&T.

But smaller companies can end up like that, too. Maybe the Microsoft Campus doesn’t deal with someone like AT&T or Verizon, maybe they connect to the internet themselves as if Microsoft were an ISP. In that case, Microsoft had to buy a chunk of IP addresses and it’s only legal for them to use those ranges.

So if you hear someone say something like “this Wikipedia article was edited by an IP in the United States Congress range”, that’s what’s going on. It the Capitol acts as its own service provider, had to buy IP addresses, so if you see an IP in that range either something illegal is happening or it must have been a computer using that service provider.