Free IP Address Lookup Tool
Paste any public IP, IPv4 or IPv6, to see the country, city, ISP, ASN, reverse DNS and reputation data behind it. The result is the same whether you call this an IP lookup, IP checker, IP locator or IP tracker. They are all names for the same operation. Free, no signup, no rate limit on the website.
How Accurate Is an IP Lookup, and Why City-Level Drops Outside the US
Measured against ground-truth samples (RIR records, ISP geofeeds, RIPE Atlas anchors, latency triangulation). Country is essentially solved; city accuracy drops outside the US and Europe and is always lower for mobile, satellite and VPN ranges.
Database coverage
Live numbers from our own databasesWhat an IP Address Lookup Tells You About a Connection
Each IP address lookup returns the same set of fields, whether you call it an IP lookup, an IP checker, an IP locator or an IP address tracker. Every result page on IPWhois.net shows:
- Country, region and city with latitude and longitude coordinates
- ISP name, organisation and Autonomous System Number (ASN)
- Connection type: residential, hosting, mobile, business or VPN
- Reverse DNS (PTR record) hostname for the address
- VPN, proxy and Tor exit-node flags
- Blacklist / threat score across major DNSBLs
- Average ISP download and upload speeds
- Full WHOIS record: network range, registry, allocation dates, abuse contact
What an IP Lookup Won't Tell You About the Person Behind the IP
An IP address only points to a network block. It does not identify a single person. The lookup will never return:
- The person's name behind the IP
- A street address
- A phone number or email address
- Anything that identifies a single user
Going from an IP to an actual person requires the ISP's customer records. Those need a court order in any reasonable jurisdiction. Anyone offering "find a person from their IP" is either bluffing or breaking the law.
How to Look Up an IP Address You Already Have
Paste any IPv4 address (like 1.1.1.1) or IPv6 address (like 2001:4860:4860::8888) into the search box at the top and press the magnifier. The tool runs an instant lookup by IP number against our database and returns a full result page for that address. To search by IP number alone is enough, you do not need a hostname or domain.
If you do not have an IP yet but need to look one up, the address is part of almost every connection a remote machine makes to you: an email header (Received: line), a web server log, a chat-app voice call, a torrent peer list, a Discord profile, a forum post if it logs poster IPs. Pull the IP from whichever side of the conversation you control, then paste it here. For step-by-step guides to extracting an IP, see How to Find an IP Address.
How to Track an IP Address and Map It to a Location
An IP address tracker does the same thing as an IP lookup: it reads where the network block is registered and returns the country, region and city tied to that range. To trace the IP or track its location, paste the address above, no extra steps. The result includes a map pin, the ISP, the ASN and the reverse DNS hostname for that address. This is the same answer you'd get from any "find IP address location" query.
What an IP trace will not give you is the user's exact street address. The map pin is the centre of the city the ISP registered for the block, not where any specific person sits. To convert an IP into a real-world identity you would need the ISP's customer records, and those require a court order. Tracing or looking up an IP is legal everywhere because the address itself is public information that travels with every internet packet.
Tracking an IPv6 address works the same way, just paste the full address into the box. For tracing the path your traffic takes through the internet (hop by hop), use the visual traceroute tool. To check how an IP behaves over DNS, use the DNS propagation checker.
When an IP Lookup Tool Is Actually Useful in Real Work
Investigating abuse. Someone is brute-forcing your SSH, scraping your site or filling forms with junk? Look up the source IP, get the abuse contact and ASN, send a report to the right address. The connection type tells you whether it's a residential ISP, a known bulletproof host or a cloud range that should know better. Combine with the Blacklist Checker to see if the IP is already on public reputation lists.
Network troubleshooting. Traceroute hops are easier to read once you know which carrier each hop belongs to. Verify a route, confirm that your CDN is hitting the expected region, find the NOC contact for a peer that's misbehaving, or track down which ISP keeps reordering your packets. The ASN and registered domain make the routing graph human-readable.
Fraud screening. A customer says they're in Munich but their IP is registered in Bangkok? Worth a second look. A country mismatch alone isn't proof of anything, but combined with VPN/proxy flags, hosting-range detection and a threat score it becomes a useful signal during checkout, account creation or refund disputes. Cheap operational hygiene.
VPN sanity check. Connect to a VPN, look up the IP it gives you, confirm it actually shows the country you paid for and that no proxy/Tor flag is set. If your VPN is leaking your real IP for some destinations, the lookup will quickly show your home ISP again. Pair with our DNS Leak Test to catch DNS-side leaks too.
Email deliverability. Before you start sending mail from a new server, look up the IP. Hosting / cloud ranges often inherit a bad reputation from previous tenants. If the threat score is high or the IP is on Spamhaus, fix that before campaigning, otherwise major providers will quietly reject your messages.
Email tracing. Most email headers preserve the originating IP (Received: line). Drop it into the lookup to see which country and ISP a message actually came from. Combined with SPF / DKIM, that quickly reveals spoofed senders or compromised relays.
OSINT & pen-test recon. Resolving target infrastructure starts with knowing who owns each address. ASN, hosting / residential split and registered domain map the attack surface before you touch a single port. The same data tells you when a "company server" is actually a small VPS reseller in another country, which changes the engagement scope.
Content licensing & geo checks. Streaming, ad networks and analytics rely on IP-based country detection. If users in one region see the wrong content, run a few sample IPs from that region through the lookup. If we say FR and the licensing platform says CH, you've found the disagreement to escalate.
Server geo verification. Hosting providers don't always allocate IPs from the country they claim. If you bought a "Frankfurt" server but the IP geolocates to Vienna, latency-sensitive workloads may suffer. Look up the IP after provisioning and before going live.
Yes, Your IP Address Is Public, and Anyone Can Look It Up
Your IP shows up in every request you make, so any site you visit can read it. That's not a bug, it's how the internet routes packets back to you. The catch is that anyone can run the same lookup we do and learn the same things: your ISP, your country, your approximate city. They cannot get your name or your street address from it.
If that bothers you, hide your IP behind a VPN. Once connected, run a fresh lookup on your new IP to confirm the VPN exit shows the country you expect.
More About How IP Addresses Work and How They Get Tracked
Below are the questions and details people most often ask after running a lookup. Skim what is interesting, skip the rest.
Where is this IP address from?
Every public IP belongs to a block that an Internet Service Provider registered with one of the regional registries. The lookup result shows the country and city the ISP put on that block. That is the closest a public tool can get to "where is this IP from". For consumer ISPs in the US, the EU and Australia, the answer is usually accurate to within a city. For mobile carriers it is usually the carrier's regional gateway, not the actual phone. For VPNs, it is the VPN exit, not the user.
How accurate is an IP address tracker?
Country accuracy is around 99% across our database. Region (state/province) accuracy is around 92%. City accuracy sits between 70% and 80% inside North America and Europe and drops to roughly 55% in regions where ISP geofeeds are sparse. Anything called an "IP address tracker" online is reading the same registry data we do, so the accuracy band is similar everywhere; tools differ mostly in how recent their data is.
What does an IP address checker actually check?
Despite the different names (IP checker, IP lookup, IP locator, IP finder), they all return the same thing: the geolocation, ISP, ASN and reverse DNS for the address you provided, plus optional extras like blacklist score and VPN/proxy detection. There is no separate database of secret information that one tool has and another does not. Quality differences come from how well each tool curates its sources.
Can I trace an IP address back to a person?
Not from a public tool, no. An IP trace identifies the network and the ISP that owns the address. The mapping from "IP at time X" to "customer name and address" only exists inside the ISP's billing system. Police and courts can request that mapping with a warrant. Outside of that, no IP lookup tool, anywhere, can hand you a person.
Is using an IP lookup tool legal?
Yes, in every jurisdiction we are aware of. An IP address is public information that travels with every internet packet you send or receive. Looking it up is no more legal-trouble than reading the return address on an envelope. What is illegal is using the result to harass someone, attempt to break into their network, or pretending you can locate them precisely so you can sell that to a third party.
What is the difference between an IP lookup and an IP tracker?
None, really. The terms are used interchangeably online: IP lookup, IP trace, IP tracker, IP checker, IP locator, IP finder, search by IP number, lookup by IP address (also written as iplookup, one word, by people in a hurry). They all describe the same operation: take an IP, return what's publicly known about it. We use "IP lookup" because it is closer to the technical term WHOIS uses.
How an IP address gets to your device
The Internet Assigned Numbers Authority (IANA) hands out big blocks of IP space to five regional registries. ARIN covers North America, RIPE NCC covers Europe and the Middle East, APNIC covers Asia-Pacific, LACNIC covers Latin America and AFRINIC covers Africa. Those registries split the blocks further and assign them to ISPs, hosting providers and large enterprises. When you connect to your ISP, a router somewhere on their network leases you one address from a pool they own. Your device gets it via DHCP, you start sending packets, the registry record stays as it was.
What an IPv4 address looks like
An IPv4 address is 32 bits, written as four decimal groups separated by dots: 203.0.113.45. Each group is one byte (0–255), so there are exactly 4,294,967,296 possible addresses. The original design used "classes" (A, B, C) to split the space, but that was replaced in the 1990s by CIDR (Classless Inter-Domain Routing), which writes ranges as 203.0.113.0/24 meaning the first 24 bits are fixed and the last 8 are the host portion (256 addresses).
203.0.113.45 breaks down: four 8-bit octets, each holding a decimal value from 0 to 255.The arrival of IPv6
By the early 2010s the world ran out of new IPv4 space at the global level. IPv6 was designed in the late 1990s as the long-term replacement. It uses 128 bits, written as eight groups of four hex digits: 2001:0db8:85a3:0000:0000:8a2e:0370:7334. Long runs of zeros can be collapsed with ::, so 2001:db8::1 is shorthand for 2001:0db8:0000:0000:0000:0000:0000:0001. The total space is about 340 undecillion addresses, which is enough that nobody seriously plans for exhaustion. Mobile networks pushed adoption hardest because they couldn't get more IPv4 space, and IPv6 now carries roughly 40% of all Google traffic.
Public vs private IPs
A few IPv4 ranges are reserved for internal use and are never routed across the public internet:
10.0.0.0/8– 16 million addresses, common for corporate LANs172.16.0.0/12– about 1 million addresses192.168.0.0/16– 65 thousand addresses, what most home routers hand out127.0.0.0/8– loopback, your own machine talking to itself
If you look up one of those, you get nothing back, because they have no public registration and any of them can be used by millions of separate networks at the same time.
Static vs dynamic IPs
Most home and mobile users get a dynamic IP. The ISP leases it for a few hours or days, and when the lease expires, when you reboot your router, or when the ISP rotates its pool, you get a different one. Servers and businesses usually pay extra for a static IP that doesn't change, because services like email, VPN endpoints and SSL certificates are tied to specific addresses.
NAT and CGNAT
Inside your home network, ten devices can share a single public IP through Network Address Translation (NAT). The router rewrites outgoing packets so they appear to come from one address, then maps replies back to the right device. Mobile carriers go further with Carrier-Grade NAT (CGNAT), where thousands of customers share a small pool of public IPs. That's a big reason mobile IP geolocation tends to point at a regional hub rather than the user's actual city.
ASNs and BGP routing
Every network that participates in global routing gets an Autonomous System Number. ISPs, hosting providers, large universities and big enterprises each operate one or more. They announce their IP blocks via BGP (Border Gateway Protocol), which is how the rest of the internet learns "to reach 203.0.113.0/24, send packets to AS12345". When the lookup shows an ASN, that's the network actually carrying the traffic at the time. The registered organisation can be different (e.g. an IP block owned by Company X but announced by ISP Y).
Reverse DNS and PTR records
Forward DNS turns names into IPs (example.com → 93.184.216.34). Reverse DNS does the opposite via PTR records and the special in-addr.arpa zone. Mail servers care a lot about reverse DNS: an IP without a matching PTR is a strong signal of misconfigured or dodgy mail. Residential IPs typically have generic PTRs like c-71-198-22-179.hsd1.ca.comcast.net, which actually leaks city and ISP info. Lookup tools mine those hostnames for geolocation.
WHOIS and the registry record
WHOIS is the original protocol for asking "who registered this IP block?" The answer includes the network range, the assigned organisation, allocation dates, the responsible registry and the abuse contact. The modern replacement is RDAP (Registration Data Access Protocol) which returns the same information as JSON. Our result page shows both the parsed structured fields and the raw record so nothing is hidden.
How geolocation actually works
There is no single oracle that tells you "IP 203.0.113.45 is in Berlin". Country accuracy is essentially solved because RIRs require ISPs to register the country of the network. Region and city accuracy are estimates built from several sources stacked together:
- rDNS hostnames – ISPs often encode the city or POP into PTRs (
fra-pop1.example.net= Frankfurt) - BGP measurements – latency from probes around the world narrows down where a prefix is announced from
- Direct ISP geofeeds – some operators publish a CSV mapping their own ranges to cities (Comcast, AT&T, Telstra, Deutsche Telekom and dozens more)
- RIPE Atlas anchors – thousands of distributed probes that triangulate location via timing
- WHOIS street address – lowest-quality signal, often the company HQ rather than the network's actual location
City lookup is a guess weighted across these sources. When they all agree, accuracy is high. When they don't, our pipeline falls back to the largest registered city in the country.
VPN and proxy detection
Detection is mostly a curated list of known exit-node ranges. Major commercial VPNs (NordVPN, ExpressVPN, Mullvad, ProtonVPN and ~50 others) publish or leak their exit IPs. Datacentre prefixes from cloud providers (AWS, GCP, Azure, OVH, Hetzner, DigitalOcean) are flagged as "hosting" because real users almost never connect from those. Tor exits are public via the Tor consensus. Beyond the lists, behavioural signals (multiple users behind one IP, unusual port profiles, DNS-over-HTTPS) help, but those are real-time signals and not visible from a static lookup.
Why two lookups can disagree
Different vendors use different combinations of the sources above and refresh on different schedules. Common reasons for disagreement:
- The IP block was just transferred (e.g. company A sold it to company B); slower vendors still show the old owner
- The block is announced from multiple POPs (anycast); a single "city" answer is misleading
- The vendor relies heavily on one signal (e.g. WHOIS street address) and that signal is stale
- The ISP didn't register an updated geofeed when they reorganised their network
If you spot wrong data on a range you operate, send us the geofeed URL or the correct values via the contact page and we'll patch the database.
IP reputation and blacklists
Mail servers, firewalls and abuse-detection systems query DNSBLs (DNS-based blocklists) to decide whether to trust traffic from an IP. The big ones are Spamhaus (ZEN, SBL, XBL, PBL), SORBS, Barracuda, SpamCop and a few others. Each tracks different things: known spam sources, hijacked machines, hosting ranges that should not send mail, etc. One bad neighbour on a small hosting block can taint a whole /24 because some lists work at block level. Our lookup aggregates the most-used DNSBLs into a single threat score; the Blacklist Checker shows the per-list breakdown.
Hosting vs residential vs mobile
The connection type field tells you a lot at a glance. Residential IPs (Comcast, BT, Deutsche Telekom, Spectrum) belong to home and small-business broadband subscribers; they're dynamic, they have generic PTRs, and they show real human traffic. Hosting IPs (AWS, Hetzner, OVH, DigitalOcean) belong to servers; the user is almost always a script, a CDN, a VPN exit or a bot. Mobile IPs (T-Mobile, Vodafone, Orange) sit behind heavy CGNAT and tend to geolocate to the carrier's regional hub. For fraud screening, an order placed from a hosting IP is much more suspicious than one from a residential IP in the customer's city, all else equal.
IPv4 exhaustion and the transition
IANA's central pool ran dry on 3 February 2011 after the last five blocks were handed to the regional registries. Each RIR then drained at its own pace: APNIC ran out in April 2011, RIPE in September 2012, LACNIC in mid-2014, ARIN in September 2015. AFRINIC was the last and effectively ran out in 2017. After that, getting fresh IPv4 meant buying it on the transfer market, where /24s now sell for $30-$50 per address. That's the financial pressure that finally pushed mobile carriers and large CDNs hard onto IPv6.
CIDR notation in plain words
CIDR ("cider") notation writes a network range as an IP plus a slash and a number: 203.0.113.0/24. The number is how many of the leading bits stay the same; the rest are addresses inside the range. So:
/32= 1 single address/24= 256 addresses (a typical small business or office allocation)/16= 65,536 addresses (a small ISP)/8= 16,777,216 addresses (a /8 is huge; only a few exist, mostly legacy)
For IPv6 the same idea applies but the prefix lengths are longer (e.g. /48 is the typical home allocation in IPv6, which is still 1.2 trillion times the entire IPv4 internet).
How to find your own IP
Visit the IPWhois.net home page and your current public IP appears at the top, with country, ISP and ASN. If you prefer the terminal, curl ifconfig.me or curl ipwhois.net/ip returns just the address. Note that this is the IP your ISP NATs you behind, not the 192.168.x.x address your router gives your laptop. The two are different and only the public one is what websites and services see.
What your IP actually reveals about you
Realistically: your country, your approximate city, your ISP and (loosely) your connection type. That's it. It doesn't reveal your name, your home address, your phone number, your email or your browser history. The map pin shown for an IP is the centre of the registered city, not your house. Going from "this IP" to "this person" requires the ISP's internal records, which need a court order and a cooperating jurisdiction. The bigger privacy risk is not the IP alone, but the IP combined with cookies, browser fingerprints and account logins on services you use, which together can identify you across sites even when you change networks.
Frequently Asked Questions
How accurate is the location?
Country-level accuracy is above 99%. City-level accuracy ranges from 70% to 80% within a 25-mile / 40-km radius depending on how the ISP structures its address space. Mobile, satellite and VPN ranges score lower because the registered location is a network hub, not where the user actually is.
What is the difference between an IP lookup and a WHOIS lookup?
An IP lookup returns geolocation, ISP, ASN and security data in a structured format. A WHOIS IP lookup returns the raw registration record from the regional registry, including network ranges, allocation dates and admin contacts. Our result page combines both.
Can I do a reverse IP lookup here?
Yes. Each IP result includes the reverse DNS hostname (PTR record). For a full reverse IP lookup that shows all domains hosted on an IP, use the dedicated Reverse IP Lookup tool.
Is this tool free?
Yes. Unlimited lookups, no registration, no API key needed for the web interface. For programmatic access there's a free API.
Can I look up a private IP address?
No. Private ranges (10.x.x.x, 172.16-31.x.x, 192.168.x.x) and the loopback (127.0.0.0/8) are reserved for internal networks. They have no public registration.
Why does the IP location differ from where the user really is?
An IP points to where the network block is registered, not where the device sits. VPNs return the VPN server's IP. Mobile carriers route traffic through regional gateways. Satellite providers show the ground station. In all those cases the user can be hundreds of kilometres away from the mapped position.
What does the ISP speed number mean?
It's an average measured across real connections on that ISP's network. It tells you what the infrastructure looks like, not what one specific user is getting on their plan or at a particular hour.
Can someone find my home address from my IP?
No. An IP lookup shows your approximate city and your ISP. Your actual street address is only stored in the ISP's own records, and they need a court order to disclose it.
What is an IP blacklist lookup?
It checks whether an address appears on spam or threat reputation lists (DNSBLs like Spamhaus, SORBS, Barracuda). If your IP is on one, mail servers may reject your messages. Each result includes a threat score; for the full breakdown across 40+ lists use the Blacklist Checker.