8

In order to display the right content for my users I get their country based on their IP address. I have been receiving several reports from American users saying that the content is being displayed incorrectly. I always check their IP address and my country detection API is right, for some reason American users are being assigned IP addresses from other countries.

Is this a regular practice? Does this have something to do with the IPcalypse? Is there a better way to get the user's location?

Edit: I'm using an API called MaxMind to get the location based on the IP, this issue has only happened with IPv4 users so far. The last issue I had was with an American user whose IP address location was showing up as Malaysia, their IP Address was 161.139.224.31, all I know is that the user is using a device with iOS.

fpg1503
  • 191
  • 6
  • 2
    What kind of devices are the American users connecting through typically? From a private home network, mobile device, other? – Matt Jul 14 '15 at 21:02
  • 7
    That IP address really is in Malaysia. If he wants to be identified as American he should go to the airport and get a flight back to the US... – Michael Hampton Jul 14 '15 at 21:12
  • 5
    For best user experience you can allow users to override the autodetected location. Their preferred location can then be saved somewhere (in a cookie if it is a webservice). – kasperd Jul 14 '15 at 22:04
  • 4
    Why do you assume American users are necessarily in America? I travel out of country frequently, sometimes travelling for business. Similarly, why do you expect users to always connect from ? If I happen to be in France and you force a French UI at me, I will not be impressed. – Eric Towers Jul 15 '15 at 03:33
  • 3
    Are any of the users using a VPN service or an anonymizing service that might mask their local IP? Some users don't understand the implications of using such services. – austinian Jul 15 '15 at 03:52
  • 4
    @kasperd: "you can allow" -> "you absolutely should". There are many ways in which geolocation can go wrong, plus the user may want different content (on holiday, preparing a trip...). I _hate_ it when a site gives me stuff based on geolocation with no way to choose. – sleske Jul 15 '15 at 07:03
  • 1
    When your content differs mostly by language, you should select the default language based on the http `Accept-Language` header, not the IP address. The advantage is that a user who is currently not in a location where their preferred language is spoken they will see the content in their preferred language. – Philipp Jul 15 '15 at 07:57
  • 1
    Unfortunately I can't, I have business partners that licence the content by location :/ – fpg1503 Jul 15 '15 at 09:41
  • 1
    @fpg1503 By location of what? You cannot know where the users are. But usually you can know where the servers are. Without knowing the wording of the license it is impossible for us to even tell if it is technically possible to comply with the license. – kasperd Jul 15 '15 at 12:34

2 Answers2

21

Maxmind is a good service, though occasionally there can be errors, since we're now in the time period where IPv4 blocks are scarce, and are being traded and resold on a gray market. If you do find an actual error you can report it to them, though this doesn't appear to be an error.

This is basically how I confirm the location of an IP address:

First, I'll see what Maxmind says about it. Their online tool tells me it's in Malaysia and registered to Universiti Teknologi Malaysia. But is it really?

Maxmind GeoIP results for 161.139.224.31

Second, I'll check the whois record for the address. APNIC also says it's registered to UTM. Not looking good for your supposed American...

inetnum:        161.139.0.0 - 161.139.255.255
netname:        UTMNET
descr:          Universiti Teknologi Malaysia
country:        MY
admin-c:        UTM1-AP
tech-c:         UTM1-AP
status:         ALLOCATED PORTABLE
mnt-by:         MAINT-MY-UNITEKMY
mnt-irt:        IRT-UNITEKMY-NON-MY
changed:        hm-changed@apnic.net
changed:        hm-changed@apnic.net 20120907
source:         APNIC

irt:            IRT-UNITEKMY-NON-MY
address:        Center for Information and Communication Technology
e-mail:         jeff@utm.my
abuse-mailbox:  jeff@utm.my
admin-c:        UTM1-AP
tech-c:         UTM1-AP
auth:           # Filtered
mnt-by:         MAINT-MY-UNITEKMY
changed:        hm-changed@apnic.net 20120906
source:         APNIC

role:           Universiti Teknologi Malaysia
address:        Center for Information and Communication Technology
country:        MY
phone:          +607-5532470
fax-no:         +607-5566164
e-mail:         jeff@utm.my
admin-c:        UTM1-AP
tech-c:         UTM1-AP
nic-hdl:        UTM1-AP
mnt-by:         MAINT-MY-UNITEKMY
changed:        hm-changed@apnic.net 20120906
source:         APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (UNDEFINED)

Finally, I'll do a traceroute and look at the actual network path taken to reach the IP address. In this case...

$ traceroute 161.139.224.31
traceroute to 161.139.224.31 (161.139.224.31), 30 hops max, 60 byte packets
 1  172.28.5.1 (172.28.5.1)  0.181 ms  0.146 ms  0.127 ms
 2  62-210-251-1.rev.poneytelecom.eu (62.210.251.1)  1.317 ms  1.480 ms  1.611 ms
 3  195.154.1.170 (195.154.1.170)  1.011 ms  1.236 ms  1.300 ms
 4  prs-b7-link.telia.net (62.115.40.77)  0.956 ms  0.924 ms  0.917 ms
 5  prs-bb3-link.telia.net (213.155.132.192)  1.779 ms prs-bb3-link.telia.net (213.155.134.220)  1.652 ms prs-bb2-link.telia.net (213.155.134.228)  0.898 ms
 6  adm-bb4-link.telia.net (213.155.137.156)  15.224 ms adm-bb3-link.telia.net (62.115.135.62)  11.010 ms adm-bb4-link.telia.net (213.155.136.24)  13.345 ms
 7  adm-b2-link.telia.net (62.115.141.51)  12.709 ms adm-b2-link.telia.net (213.155.137.197)  12.043 ms adm-b2-link.telia.net (62.115.141.67)  12.702 ms
 8  telekommalaysia-ic-149786-adm-b2.c.telia.net (213.248.99.146)  11.203 ms telekommalaysia-ic-301284-adm-b2.c.telia.net (62.115.8.206)  11.131 ms  12.056 ms
 9  * * *
10  58.27.55.202 (58.27.55.202)  207.612 ms  202.755 ms  203.625 ms
11  * * *
12  * * *
13  * * *
14  * * *
15  *^C

Here we see that it starts at my location in Paris, is passed onward to Amsterdam, and then to Telekom Malaysia, after which we get no further return. The final IP address to respond, when subjected to these same checks, is also a Telekom Malaysia IP address.

It looks exceedingly unlikely at this point that this IP address is anywhere other than the Malaysian university previously named. If the user is absolutely certain that this is wrong, they can try running a traceroute from their end (e.g. with an iOS app for that purpose) and you can inspect its results for any possible clues.

Finally, it's possible that the user is connected to a VPN provided by the university. In this case he will always be identified as being at the university regardless of his location in the world, and if he wants to be identified as to his actual location he should turn off the VPN and connect directly.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • 1
    I ran a `tracert 161.139.224.31`, and your hop #11 appears to me as `securevpn.utm.my (161.139.251.101)`, which would explain everything. I also have some hops in LA, USA (even though I'm also in France), but it's probably a coincidence. – ElderBug Jul 15 '15 at 15:04
2

It's not just American users, it can be users from any country.
And there are several reasons it can happen.

  • Users traveling abroad and logging on from there would get reported as being users from that country.
  • international companies often have IP blocks from one country only and assign those addresses to all their offices.
  • same for ISPs operating in multiple countries, obviously
  • if you've a domain/site hosted in another country you may end up with a server IP range in that country, and hosts in the US are often likely more expensive than those elsewhere.

The last is probably not relevant for you, but the others can be (and yes, I've had all of them happen at one time or another).

jwenting
  • 121
  • 3