The IP your connection arrived from. May be IPv4 or IPv6 depending on what the connection negotiated — modern dual-stack devices have both, but only one is reported per connection.
What is my IP address? Your public IPv4, IPv6, location, ISP, and ASN — at a glance.
My IP Lookup shows your public IP address, geolocates it down to country, region, and city where available, identifies your ISP and ASN, runs a reverse DNS (PTR) query, flags VPN/Proxy/Tor/hosting use, and lists every HTTP header your browser is sending. No signup, no log retention beyond rate-limiting. Median response: under 200ms.
What gets detected
You don't enter anything — when you load this page, your browser opens a connection to our server and we read everything visible from the server side. Six independent classes of information are returned:
IP class (A through E, based on the first octet) and whether the address falls in a private (RFC 1918) range. 1.1.1.1 — Cloudflare's resolver IP, used as the sample throughout this page — is Class A and public.
Country, region, city, latitude/longitude with an accuracy radius (typically 5–50 km in urban areas, larger in rural ones), and IANA timezone. Some IPs — particularly CDN/Anycast addresses — geolocate to 'Unknown' deliberately.
The Internet Service Provider, parent organization, and Autonomous System Number (ASN) that owns the IP block. 1.1.1.1 belongs to AS13335 (CLOUDFLARENET).
Four reputation checks against current threat-intelligence feeds: known VPN exit, proxy, Tor exit node, hosting/datacenter IP. Plus a composite `isAnonymous` flag (true if any of the four are true).
Every HTTP header your browser sent — User-Agent, Accept-Language, Sec-Ch-Ua-* Client Hints, Referer, Sec-Fetch-* headers, and more. Shows you exactly what websites automatically learn about your browser, OS, and language.
Why anyone needs to know their own IP
Knowing your public IP is the foundational network self-knowledge — useful any time you need to identify yourself to a remote system, or verify what that remote system is identifying you as:
- Verify your VPN is actually working A VPN that quietly disconnects is worse than no VPN at all — you think you're protected, you're not. Comparing the IP this page shows against your home/office IP is the fastest sanity check.
- Whitelist your IP somewhere Cloud-provider security groups, API gateway allowlists, admin-console IP restrictions, database firewalls — all need your current public IP. This page gives you the value to paste.
- Configure remote access SSH allowlists, RDP firewall rules, home-server port forwarding, smart-home device exposure — each needs your IP, and each silently breaks when your ISP rotates it.
- Debug CDN and region routing If a site loads slowly, check which ISP and ASN you're going through. Cross-reference with your VPN setting, your home ISP, and what your destination's CDN expects to see.
- Verify geolocation for region-locked content Streaming services, banking sites, and licensed content all gate by IP geolocation. If the country shown here doesn't match what you expect, you have your answer.
Detection happens server-side, with no input from you
Your browser opens a TLS connection to our server. The connection metadata — source IP, headers, TLS parameters — is everything we need. Geolocation, ISP, threat flags, and reverse DNS are derived from that single IP via database lookups.
- Stage 1 — Capture the connection IP If we're behind a CDN or proxy, the real client IP comes from X-Forwarded-For (the first non-private hop). Otherwise it's the raw socket address. Either way, it's the IP that originated the request.
- Stage 2 — Identify the network owner Look up the IP in BGP routing data to find the announcing ASN and the ISP/organization that owns the block. Cached for performance; the underlying BGP table refreshes hourly.
- Stage 3 — Geolocate MaxMind-class geolocation database keyed by IP block. Returns country, region, city, lat/lng, accuracy radius, and timezone. Accuracy varies — urban residential IPs are precise, datacenter and Anycast IPs are often 'Unknown'.
- Stage 4 — Run threat checks Match against current VPN-exit lists, Tor relay list (public), proxy lists, and hosting-provider IP ranges. Each is independent; the composite isAnonymous flag is true if any single check matches.
- Stage 5 — Reverse DNS PTR query against the in-addr.arpa zone (for IPv4) or ip6.arpa (for IPv6). Most residential IPs don't have meaningful PTR records; servers and named infrastructure usually do (1.1.1.1 → one.one.one.one).
- Stage 6 — Parse and expose headers Every header your browser sent — User-Agent, Accept-Language, Sec-Ch-Ua-* Client Hints, Referer, Sec-Fetch-* — surfaced in the response. Shows exactly what every site receives without your involvement.
Two protocols, both active
Most modern devices have both an IPv4 and an IPv6 address active simultaneously. Which one a remote server sees depends on what the connection negotiated, and the answer differs between services.
- IPv4 — 32-bit, ~4.3 billion total Format: four octets separated by dots, e.g., 1.1.1.1. Address space was exhausted at the regional registry level in 2011; most new allocations now happen through transfers and CGNAT (carrier-grade NAT). Still required by ~99% of websites for legacy client support.
- IPv6 — 128-bit, effectively unlimited Format: eight 16-bit hexadecimal groups separated by colons, e.g., 2606:4700:4700::1111 (with `::` collapsing consecutive zero groups). Global adoption is ~45% and rising. Mobile carriers and ISPs have led the rollout; enterprise networks have lagged due to legacy tooling.
- Dual-stack — both addresses at once Your device usually has both an IPv4 and IPv6 address assigned. The operating system picks per-connection based on what the destination supports. When both work, the Happy Eyeballs algorithm (RFC 8305) races them and uses whichever responds first.
- Why your reported IP differs between services Some sites force IPv4 (legacy load balancers, internal apps, anything pre-2015 that wasn't rebuilt). Others prefer IPv6 when available. The IP you see on one 'what is my IP' site can legitimately differ from another for exactly this reason.
- How to force one version From the command line: `curl -4 ifconfig.me` forces IPv4, `curl -6 ifconfig.me` forces IPv6. In browsers you generally can't choose — short of disabling one protocol at the OS level.
Address ranges, classes, and what they mean
Your device often has two IP addresses at once — a private one on your local network and a public one that the rest of the internet sees. They live in non-overlapping ranges and serve fundamentally different purposes.
- Public vs Private — the fundamental distinction Public IPs are globally routable — anyone on the internet can reach them, and they're unique worldwide. Private IPs are routable only within your local network; they don't appear on the public internet and the same private IP can exist on millions of local networks simultaneously. NAT at your router translates between them.
- RFC 1918 private ranges 10.0.0.0/8 — 16.7M addresses, used in enterprises. 172.16.0.0/12 — 1M addresses, used in mid-sized deployments. 192.168.0.0/16 — 65K addresses, the default for almost every home router. If your operating system tells you your IP is something like 192.168.1.42, that's your private IP, not what the internet sees.
- Special-use ranges 127.0.0.0/8 — loopback (always your own machine, regardless of network). 169.254.0.0/16 — link-local, auto-assigned when DHCP fails. 100.64.0.0/10 — CGNAT, used by mobile carriers and some residential ISPs to share IPv4 across thousands of customers.
- IP classes — historical, mostly obsolete IP class is largely obsolete since CIDR replaced classful addressing in 1993. The classification is still reported by some tools (including this one) because the original address ranges still mean something — broadcast handling, multicast, experimental reservation.
- Class A — 1.0.0.0 to 126.255.255.255 First octet 1–126. Originally a /8 each (16.7M hosts per network). 1.1.1.1 is Class A. Most major ISPs have at least one Class A allocation.
- Class B — 128.0.0.0 to 191.255.255.255 First octet 128–191. Originally /16 each (65K hosts per network). Allocated heavily to universities and large enterprises in the early internet.
- Class C — 192.0.0.0 to 223.255.255.255 First octet 192–223. Originally /24 each (256 hosts per network). The bulk of small-to-medium-business allocations historically.
- Class D — 224.0.0.0 to 239.255.255.255 Multicast. Never assigned to individual hosts — used for one-to-many delivery (streaming protocols, mDNS, routing protocol updates).
- Class E — 240.0.0.0 to 255.255.255.255 Experimental / reserved. Never routed on the public internet. Various proposals have argued for reclaiming it given IPv4 exhaustion; none have succeeded.
What VPN, Proxy, Tor, and Hosting flags actually mean
Beyond identification, we run four reputation checks against current threat-intelligence feeds. Each one tells you something different about how the IP is being used — and whether the request is coming from a real user, a privacy tool, or a bot.
- isVPN — known commercial VPN exit The IP matches a current entry in major VPN provider exit lists — NordVPN, ExpressVPN, Mullvad, ProtonVPN, Surfshark, and ~50 others. If this is true and you didn't expect it, your VPN is doing what you paid for. If you didn't enable a VPN and this is true, someone else (corporate IT, parental controls, ISP-level filtering) likely did.
- isProxy — HTTP or SOCKS proxy in use Detected via known proxy lists and behavioral signatures (specific header sets, response timing patterns). Less reliable than VPN detection — corporate proxies and CDN edge IPs can match. False positives are non-zero.
- isTorExitNode — Tor relay exit The IP is currently listed as a Tor exit relay. The Tor Project publishes the exit list openly (anyone can fetch it), so this is the highest-confidence flag we run. If true, a Tor user is routing through this IP — could be you, could be anyone.
- isHostingProvider — datacenter IP The IP belongs to a cloud or hosting provider (AWS, GCP, Azure, DigitalOcean, OVH, Hetzner, and similar) rather than an ISP serving end-users. Real users typically don't browse from datacenter IPs — when this is true, the request is usually a bot, an automated job, a developer, or someone using a cloud-hosted VPN.
- isAnonymous — composite True if any of the above four are true. The fastest single flag to read when you just want to know whether the request looks like it's coming from a typical home or office user.
What every website automatically learns about you
Your IP tells a remote server where you are. Your HTTP headers tell them everything else — what browser you use, what languages you read, what platform, what site referred you, and (via Client Hints) what specific OS and browser version. We surface all of it so you can see exactly what every site receives without your involvement.
- User-Agent The legacy fingerprinting header. Identifies your browser, version, and OS in a single string — e.g., `Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 ... Chrome/148.0.0.0 Safari/537.36`. Increasingly being frozen and replaced by Client Hints, but every site still receives it.
- Sec-Ch-Ua-* (Client Hints) Modern replacements for User-Agent. Each piece of info is a separate header: Sec-Ch-Ua (browser brands), Sec-Ch-Ua-Platform (OS), Sec-Ch-Ua-Mobile (phone vs desktop). High-entropy Client Hints (specific version, model) are opt-in — sites request them via Accept-CH.
- Accept-Language Your browser's language preferences, with quality values (`q=`). For example, `en-US,en;q=0.9,hi;q=0.8` means "US English best, English second, Hindi third." Sites use this to localize content automatically — but it also reveals your language profile.
- Referer (note the misspelling — it's historical) The URL that linked you to the current page. Often stripped or downgraded by browsers for privacy (modern policies send only the origin, not the full path), but plenty of sites still receive the complete referrer.
- Origin · Sec-Fetch-Site · Sec-Fetch-Mode · Sec-Fetch-Dest Tell the server where the request originated and what kind of resource is being fetched (document, script, image, fetch, etc.). Used for CSRF prevention and request classification. Most users never see these, but they're always being sent.
- Accept-Encoding Which compression algorithms your browser supports (gzip, deflate, br, zstd). A tiny but telling fingerprint detail — Brotli support implies a modern browser; zstd support implies a very modern one.
Use this programmatically
The same information shown on this page is available as a JSON API. Useful for building IP-display widgets, geo-routing logic, and security pre-checks. Free tier rate-limited per IP; API keys available for production use.
const res = await fetch('https://api.domainscan.in/v1/myip');
const me = await res.json();
console.log(me.ip); // your public IP
console.log(me.location.country.name); // best-effort country
console.log(me.isp.isp); // your ISP
console.log(me.isp.asn.number); // ASN
console.log(me.location.security.isVPN); // VPN detected?
// Reverse DNS for the same IP
const rev = await fetch(
`https://api.domainscan.in/v1/ip/reverse?ip=${me.ip}`
);
const ptr = await rev.json();
console.log(ptr.data[0]?.data); // 'one.one.one.one' for 1.1.1.1{
"ip": "string (IPv4 or IPv6)",
"class": "Class A | Class B | Class C | Class D | Class E",
"private": "boolean",
"protocol": "https | http",
"host": "string",
"referrer": "string",
"userAgent": "string (full UA)",
"headers": { /* every header your browser sent */ },
"location": {
"ip": "string",
"network": "CIDR block",
"continent": "string",
"country": { "code": "ISO 3166", "name": "string" },
"registeredCountry": { "code": "...", "name": "..." },
"state": "string",
"city": "string",
"postalCode": "string",
"location": {
"latitude": "number | null",
"longitude": "number | null",
"accuracyRadius": "number (km) | 'Unknown'",
"timeZone": "IANA timezone string"
},
"security": {
"isAnonymous": "boolean",
"isVPN": "boolean",
"isProxy": "boolean",
"isTorExitNode": "boolean",
"isHostingProvider": "boolean"
}
},
"isp": {
"ip": "string",
"network": "CIDR block",
"isp": "string",
"organization": "string",
"asn": { "number": "integer", "organization": "string" },
"type": "ISP | Hosting | CDN | ...",
"details": "string"
}
}
// Reverse DNS endpoint (separate)
// GET /v1/ip/reverse?ip=<address>
{
"data": [
{ "name": "...", "class": "IN", "type": "PTR", "ttl": "number", "data": "hostname" }
]
}How people use My IP Lookup
Six common reasons people land here:
Hit this page with the VPN on. If the IP, ISP, and country match your VPN provider — and the isVPN flag is true — your VPN is working. If they match your real ISP, your VPN dropped silently.
AWS security groups, Cloudflare access rules, database firewalls, admin-console allowlists — all need your current public IP. Copy the IP shown here and paste it into the rule.
Restricting SSH or RDP to your home IP is the simplest form of bastion-free remote access. When your ISP rotates the IP, this page tells you the new one to update.
When a CDN-backed site loads slowly, check which ISP and ASN you're going through. Cross-reference with the CDN's expected region; surprising routes often explain latency.
Streaming, banking, and licensed-content services gate by IP geolocation. If the country shown here doesn't match where you actually are (e.g., a CGNAT pop is in another region), that's why the content is blocked.
Network support calls go faster when you can name your ASN and IP block instead of describing the symptom. This page gives both, plus the network CIDR.
Common questions
- Why is my IP location wrong? Geolocation databases map IP blocks to physical locations using ISP records, BGP routing data, and submitted user reports. Residential IPs in major cities tend to be accurate within 5–10 km. Mobile, CGNAT, satellite, and corporate IPs can be off by hundreds of kilometers — the database knows the ISP's data center, not your physical location. CDN and Anycast IPs (like 1.1.1.1) often return 'Unknown' deliberately because they have no single physical location.
- What's the difference between IPv4 and IPv6? IPv4 is the original 32-bit protocol — four octets, ~4.3 billion total addresses, exhausted. IPv6 is the 128-bit replacement — eight hex groups, effectively unlimited. Most modern devices have both active at once and the OS picks per-connection. Practically, you don't have to do anything to use IPv6 if your ISP supports it; it just happens.
- Can someone find my home address from my IP? No — at least not at the precision people often imagine. Your IP geolocates to a city or postal-code-level region at best for residential connections. The only entities with the ability to map an IP to a physical address are your ISP (which has billing records) and law enforcement with a court order. The thriller-movie version where someone types your IP into a console and a red dot lands on your house doesn't exist.
- Why does my ISP show as Cloudflare / Google / Amazon? If you're behind a CDN or VPN that uses major cloud infrastructure, the IP you present to the internet belongs to the CDN, not your home ISP. Some mobile carriers also route traffic through cloud-based gateways. The 'real' ISP that sells you internet is your residential carrier; the ISP shown here is whoever owns the IP that reached our server, which can be a layer above.
- What is reverse DNS (PTR) and why does it matter? Reverse DNS maps an IP back to a hostname — the opposite direction from regular DNS. It lives in special zones (in-addr.arpa for IPv4) and is managed by whoever owns the IP block. Most residential IPs don't have meaningful PTR records (you'll see something like `c-73-x-x-x.hsd1.ca.comcast.net`). Servers and named infrastructure usually do (1.1.1.1 → one.one.one.one). Mail servers care about PTR because most receivers require matching forward and reverse DNS for sender legitimacy.
- Is my IP private or public? If the IP shown here starts with 10., 172.16–31., or 192.168., you're seeing a private IP — which means our server is on your local network, which means something is unusual. The IP shown here is otherwise always your public IP, which is what the internet sees. Your operating system may also report a private IP (e.g., 192.168.1.42) for your local network interface — that's a different IP, used only on your LAN.
- How accurate is the geolocation? Country: ~99% accurate for residential connections. Region/state: ~80%. City: 50–80%, with high variance. Lat/lng with accuracy radius: roughly the value of accuracyRadius (often 5–50 km in dense urban areas, more in rural ones). VPN, CGNAT, and corporate IPs are systematically less accurate.
- Why does my IP change? Residential IPs are typically assigned dynamically by your ISP via DHCP, with leases that last anywhere from a few hours to a few weeks. Restarting your router, switching networks, or your ISP simply rotating its DHCP pool all change your IP. For a stable IP, ask your ISP for a static-IP plan (usually a small monthly fee) or use a VPN with a dedicated IP.