Track IP Addresses in your investigations, including IPv4 and IPv6 addresses
How does an IP address work?
When someone types in a website’s URL into the browser, their computer sends a request to that website’s server. The server then looks up the IP address associated with that domain name and sends back the appropriate information. The computer then uses that information to render the website on the screen.
IP addresses are made up of four sets of numbers between 0 and 255, and they usually look something like this: 220.127.116.11. These numbers identify the specific server that a website is hosted on. Every time someone visits a website, their computer must look up the IP address for that site’s domain name so that it can find the right server to request information from.
Computers also have their IP addresses which allow other devices to identify that computer on the network. Just like a person needs someone’s mailing address to send them a letter, devices need a person’s computer’s IP address to send information to that computer. The IP address of a computer can be static, which means it never changes, or dynamic, which means it can change from time to time.
IPv4 vs IPv6
There are two types of IP addresses, i.e., IPv4 and IPv6. IPv4 is the older type of address, and IPv6 is the newer type. IPv4 addresses are 32-bits long, and they are written in dotted-decimal notation. For example, 192.168.1.1 is an IPv4 address. IPv6 addresses are 128-bits long, and they are written in hexadecimal notation. For example, 2001:db8:85a3:0000:0000:8a2e:0370:7334 is an IPv6 address.
IPv6 is the latest version of the Internet Protocol, and it offers several improvements over IPv4. IPv6 is more scalable, easier to manage, and provides enhanced security features. Most importantly, IPv6 can support vastly more devices than IPv4.
How can an IP address help in an investigation?
IP addresses can be used to determine the location of a device. This is because every ISP (internet service provider) is assigned a range of IP addresses to use. So, by looking up the IP address of a device, it’s possible to determine which ISP it is using and, from there, approximately where the device is located.
This information can be very useful in an investigation. For example, if a crime was committed online using a computer or smartphone, investigators can obtain a warrant for the ISP records associated with that IP address. This will reveal the identity of the person who was using the device at the time of the crime.
How do criminals use a proxy or VPN?
What is a proxy server?
A proxy server is an intermediary between one’s computer and the internet. When a criminal connects to the internet through a proxy server, their IP address is hidden from the sites they visit. This can be used by criminals to protect their privacy online or access geo-blocked content. But proxy servers only provide a basic level of anonymity and can’t be used by criminals to encrypt their traffic or prevent tracking by ISPs.
What is a VPN?
A VPN, or Virtual Private Network, is a more sophisticated way of masking identity and activities from law enforcement agents than a proxy server. A VPN encrypts all the traffic between a device and the VPN server, making it impossible for anyone to see what a person is doing online. This includes their ISP and government agencies. In addition, VPNs can be used by criminals to bypass geographic restrictions and access content that would otherwise be unavailable in a particular location. VPNs tend to be slower than proxy servers due to the extra encryption overhead.
The problem of constantly recycling IP addresses
API management is key in this scenario. By creating an API that can keep track of the IP addresses being used, one can keep track of where each request is coming from and when it was made. This helps in identifying any suspicious activity and ensures that the data is properly protected.