Episode 14: IP Address Investigations and Local OSINT

#1728277: Episode 14: IP Address Investigations and Local OSINT

Description:	Every packet travels somewhere. Every connection leaves a trace. And every investigator eventually has to answer the same question: where did this activity actually come from? This episode covers Issues 97 and 98 of The OSINT Newsletter and focuses on two critical aspects of modern OSINT: understanding how IP addresses reveal the movement of data across the internet, and how investigators can gather intelligence from a specific location even when they are nowhere near it. In Episode 14 of The OSINT Podcast, host Jake Creps explores IP address OSINT from first principles, explaining how IPs function as the routing system of the internet. The episode walks through the difference between user IPs and server infrastructure, why dynamic IP addresses constantly change hands, and how static infrastructure can reveal patterns behind suspicious activity. Jake then breaks down several investigative techniques used in IP analysis, including reverse IP lookups, passive DNS research, IP geolocation, and identifying traffic routed through VPNs and Tor nodes. When combined with timestamps and behavioural patterns, these signals allow investigators to reconstruct the path digital activity has taken across networks. The episode then shifts to a different but equally important challenge: local OSINT investigations. Some investigations require extremely targeted intelligence from a specific city or region. In those cases, investigators must replicate the local internet environment in order to see the same results a local user would. Jake explores how investigators can use VPNs and browser location manipulation to appear local, allowing search engines, advertisements, and recommendation systems to reveal location specific information. From there, he discusses how to build local intelligence feeds by aggregating small regional publications, government websites, and community sources into a single stream using RSS readers and alerting tools. The episode also looks at analysing activity around physical locations using Google Maps “Popular Times” data, showing how investigators can detect patterns and unusual activity around businesses or venues without ever being physically present. Along the way, Jake highlights several useful OSINT tools and resources including Dark Light Viewer, Twitter Viewer, and GeoSentinel, while also touching on developments in AI driven investigations and evolving OPSEC considerations. As always, the emphasis remains on method over novelty. Infrastructure reveals behaviour. Location reveals context. And the best investigators know how to follow both. Highlights include: 📦 IP Address OSINT – Following the Packets – how IP addresses function as the routing system of the internet, why dynamic IPs complicate attribution, and how reverse IP lookups and passive DNS can reveal hidden infrastructure. 🌍 Local OSINT Investigations – techniques for collecting intelligence from a specific place remotely using VPNs, browser configuration, local news aggregation, and location specific data sources. 🛠 Tools in Focus – Dark Light Viewer for satellite light comparison, Twitter Viewer for footprint free browsing of X profiles, and GeoSentinel for tracking global movement across maritime and aviation data. Throughout the episode, the focus stays on practical investigative thinking. Infrastructure creates patterns. Location creates context. And when both are understood together, digital activity becomes much easier to trace. If you want to strengthen your understanding of IP address investigations and location based intelligence gathering, Episode 14 is for you.
More info:	https://osintnewsletter.com/p/episode-14-ip-address-investigations?utm_source=post-email-title&publication_id=1442182&post_id=190501977&utm_campaign=email-post-title&isFreemail=true&r=3pnkkr&triedRedirect=true&utm_medium=email

Description:

Every packet travels somewhere. Every connection leaves a trace. And every investigator eventually has to answer the same question: where did this activity actually come from?

This episode covers Issues 97 and 98 of The OSINT Newsletter and focuses on two critical aspects of modern OSINT: understanding how IP addresses reveal the movement of data across the internet, and how investigators can gather intelligence from a specific location even when they are nowhere near it.

In Episode 14 of The OSINT Podcast, host Jake Creps explores IP address OSINT from first principles, explaining how IPs function as the routing system of the internet. The episode walks through the difference between user IPs and server infrastructure, why dynamic IP addresses constantly change hands, and how static infrastructure can reveal patterns behind suspicious activity.

Jake then breaks down several investigative techniques used in IP analysis, including reverse IP lookups, passive DNS research, IP geolocation, and identifying traffic routed through VPNs and Tor nodes. When combined with timestamps and behavioural patterns, these signals allow investigators to reconstruct the path digital activity has taken across networks.

The episode then shifts to a different but equally important challenge: local OSINT investigations. Some investigations require extremely targeted intelligence from a specific city or region. In those cases, investigators must replicate the local internet environment in order to see the same results a local user would.

Jake explores how investigators can use VPNs and browser location manipulation to appear local, allowing search engines, advertisements, and recommendation systems to reveal location specific information. From there, he discusses how to build local intelligence feeds by aggregating small regional publications, government websites, and community sources into a single stream using RSS readers and alerting tools.

The episode also looks at analysing activity around physical locations using Google Maps “Popular Times” data, showing how investigators can detect patterns and unusual activity around businesses or venues without ever being physically present.

Along the way, Jake highlights several useful OSINT tools and resources including Dark Light Viewer, Twitter Viewer, and GeoSentinel, while also touching on developments in AI driven investigations and evolving OPSEC considerations.

As always, the emphasis remains on method over novelty. Infrastructure reveals behaviour. Location reveals context. And the best investigators know how to follow both.

Highlights include:

📦 IP Address OSINT – Following the Packets – how IP addresses function as the routing system of the internet, why dynamic IPs complicate attribution, and how reverse IP lookups and passive DNS can reveal hidden infrastructure.

🌍 Local OSINT Investigations – techniques for collecting intelligence from a specific place remotely using VPNs, browser configuration, local news aggregation, and location specific data sources.

🛠 Tools in Focus – Dark Light Viewer for satellite light comparison, Twitter Viewer for footprint free browsing of X profiles, and GeoSentinel for tracking global movement across maritime and aviation data.

Throughout the episode, the focus stays on practical investigative thinking. Infrastructure creates patterns. Location creates context. And when both are understood together, digital activity becomes much easier to trace.

If you want to strengthen your understanding of IP address investigations and location based intelligence gathering, Episode 14 is for you.

More info:

https://osintnewsletter.com/p/episode-14-ip-address-investigations?utm_source=post-email-title&publication_id=1442182&post_id=190501977&utm_campaign=email-post-title&isFreemail=true&r=3pnkkr&triedRedirect=true&utm_medium=email

Date added	March 13, 2026, 5:43 p.m.
Source	osintnewsletter
Subjects	Open Source Intelligence (OSINT) PodCasts / Webcast / Webinar / eSummit / Virtual Event etc.