In order to display the right content for my users I get their country based on their IP address. I have been receiving several reports from American users saying that the content is being displayed incorrectly. I always check their IP address and my country detection API is right, for some reason American users are being assigned IP addresses from other countries.
Is this a regular practice? Does this have something to do with the IPcalypse? Is there a better way to get the user’s location?
Edit: I’m using an API called MaxMind to get the location based on the IP, this issue has only happened with IPv4 users so far. The last issue I had was with an American user whose IP address location was showing up as Malaysia, their IP Address was 184.108.40.206, all I know is that the user is using a device with iOS.
Maxmind is a good service, though occasionally there can be errors, since we’re now in the time period where IPv4 blocks are scarce, and are being traded and resold on a gray market. If you do find an actual error you can report it to them, though this doesn’t appear to be an error.
This is basically how I confirm the location of an IP address:
Second, I’ll check the whois record for the address. APNIC also says it’s registered to UTM. Not looking good for your supposed American…
inetnum: 220.127.116.11 - 18.104.22.168 netname: UTMNET descr: Universiti Teknologi Malaysia country: MY admin-c: UTM1-AP tech-c: UTM1-AP status: ALLOCATED PORTABLE mnt-by: MAINT-MY-UNITEKMY mnt-irt: IRT-UNITEKMY-NON-MY changed: firstname.lastname@example.org changed: email@example.com 20120907 source: APNIC irt: IRT-UNITEKMY-NON-MY address: Center for Information and Communication Technology e-mail: firstname.lastname@example.org abuse-mailbox: email@example.com admin-c: UTM1-AP tech-c: UTM1-AP auth: # Filtered mnt-by: MAINT-MY-UNITEKMY changed: firstname.lastname@example.org 20120906 source: APNIC role: Universiti Teknologi Malaysia address: Center for Information and Communication Technology country: MY phone: +607-5532470 fax-no: +607-5566164 e-mail: email@example.com admin-c: UTM1-AP tech-c: UTM1-AP nic-hdl: UTM1-AP mnt-by: MAINT-MY-UNITEKMY changed: firstname.lastname@example.org 20120906 source: APNIC % This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)
Finally, I’ll do a traceroute and look at the actual network path taken to reach the IP address. In this case…
$ traceroute 22.214.171.124 traceroute to 126.96.36.199 (188.8.131.52), 30 hops max, 60 byte packets 1 172.28.5.1 (172.28.5.1) 0.181 ms 0.146 ms 0.127 ms 2 62-210-251-1.rev.poneytelecom.eu (184.108.40.206) 1.317 ms 1.480 ms 1.611 ms 3 220.127.116.11 (18.104.22.168) 1.011 ms 1.236 ms 1.300 ms 4 prs-b7-link.telia.net (22.214.171.124) 0.956 ms 0.924 ms 0.917 ms 5 prs-bb3-link.telia.net (126.96.36.199) 1.779 ms prs-bb3-link.telia.net (188.8.131.52) 1.652 ms prs-bb2-link.telia.net (184.108.40.206) 0.898 ms 6 adm-bb4-link.telia.net (220.127.116.11) 15.224 ms adm-bb3-link.telia.net (18.104.22.168) 11.010 ms adm-bb4-link.telia.net (22.214.171.124) 13.345 ms 7 adm-b2-link.telia.net (126.96.36.199) 12.709 ms adm-b2-link.telia.net (188.8.131.52) 12.043 ms adm-b2-link.telia.net (184.108.40.206) 12.702 ms 8 telekommalaysia-ic-149786-adm-b2.c.telia.net (220.127.116.11) 11.203 ms telekommalaysia-ic-301284-adm-b2.c.telia.net (18.104.22.168) 11.131 ms 12.056 ms 9 * * * 10 22.214.171.124 (126.96.36.199) 207.612 ms 202.755 ms 203.625 ms 11 * * * 12 * * * 13 * * * 14 * * * 15 *^C
Here we see that it starts at my location in Paris, is passed onward to Amsterdam, and then to Telekom Malaysia, after which we get no further return. The final IP address to respond, when subjected to these same checks, is also a Telekom Malaysia IP address.
It looks exceedingly unlikely at this point that this IP address is anywhere other than the Malaysian university previously named. If the user is absolutely certain that this is wrong, they can try running a traceroute from their end (e.g. with an iOS app for that purpose) and you can inspect its results for any possible clues.
Finally, it’s possible that the user is connected to a VPN provided by the university. In this case he will always be identified as being at the university regardless of his location in the world, and if he wants to be identified as to his actual location he should turn off the VPN and connect directly.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.