IP & Network · · 5 min read

How to Check the Location of Any IP Address

Learn how to find the geographic location of any IP address using free lookup tools, command line methods, and geolocation databases. Understand accuracy limits.

ip

How to Check the Location of Any IP Address

Every device connected to the internet has an IP address, and every IP address is associated with a geographic location. Whether you are investigating a suspicious login, verifying the origin of an email, or troubleshooting network routing, looking up an IP's location is a common and straightforward task. This guide covers the methods, tools, and accuracy considerations.

How IP Geolocation Works

IP addresses are allocated in blocks by Regional Internet Registries (RIRs): ARIN (North America), RIPE NCC (Europe/Middle East/Central Asia), APNIC (Asia-Pacific), LACNIC (Latin America), and AFRINIC (Africa). These registries assign blocks to ISPs and organizations, who register their geographic details.

Geolocation databases combine this registration data with:

  • BGP (Border Gateway Protocol) routing data that reveals which networks advertise specific IP ranges
  • Active probing using latency measurements from distributed vantage points to triangulate location
  • User-contributed corrections and feedback loops
  • Reverse DNS hostname patterns that often contain city or region codes

The result is a mapping from IP address to approximate latitude/longitude, city, region, country, and ISP.

Method 1: Use InboxTooling's IP Reputation Tool

The IP Reputation tool provides geolocation data alongside reputation information for any IP address. Enter the IP, and you receive:

  • Country and city-level location
  • ISP and organization name
  • ASN (Autonomous System Number)
  • Blocklist status across major DNSBLs
  • Connection type (residential, data center, mobile)

This is particularly useful when you need both location and reputation data, such as when analyzing email sending infrastructure.

Method 2: Command Line Lookups

WHOIS

The whois command returns registration data directly from the RIR:

whois 198.51.100.25

The output includes the organization name, registered address, network range, and abuse contact. The address is the registrant's address, which correlates to the geographic area the IP serves but is not the end user's location.

Dig for Reverse DNS

dig -x 198.51.100.25

Reverse DNS hostnames often encode location. For example: - host-198-51-100-25.nyc.example.net suggests New York City - 198-51-100-25.dsl.sfo1.isp.com suggests San Francisco

This is not standardized, but many ISPs follow naming conventions that include airport codes, city abbreviations, or data center identifiers.

Traceroute

traceroute 198.51.100.25

The intermediate hops often have geographic identifiers in their hostnames, showing the network path and the regions the traffic traverses. The final hops indicate the destination network's location.

Method 3: Geolocation Database APIs

For programmatic lookups or bulk processing, geolocation databases offer APIs:

  • MaxMind GeoLite2: Free tier available. Provides country, city, and ASN data. Requires registration. Updated regularly.
  • IP2Location: Free lite database and paid tiers with higher accuracy. Provides country, region, city, latitude/longitude, ISP, and domain.
  • DB-IP: Free tier with city-level accuracy. Paid tiers add ISP, connection type, and higher precision.
  • ipinfo.io: REST API with a free tier (50,000 lookups/month). Returns country, region, city, coordinates, ISP, and ASN in JSON format.

Example using ipinfo.io:

curl ipinfo.io/198.51.100.25

Returns:

{
  "ip": "198.51.100.25",
  "city": "Dallas",
  "region": "Texas",
  "country": "US",
  "org": "AS12345 Example ISP Inc."
}

Understanding Accuracy Limitations

IP geolocation is an estimate, not a precise fix. Accuracy depends on the type of IP:

Enterprise and data center IPs are the most accurate. These IPs have well-maintained registration records and static assignments. City-level accuracy typically exceeds 90%.

Residential broadband IPs are moderately accurate. ISPs assign these from regional pools. City-level accuracy is generally 50-80%, but in rural areas, the IP may geolocate to the nearest major city.

Mobile carrier IPs are the least accurate. Mobile carriers route traffic through centralized gateways. A user in one city may be assigned an IP that geolocates to a different city or even a different state. Carrier-grade NAT further complicates this, as thousands of users may share a single public IP.

VPN and proxy IPs geolocate to the server location, not the user's location. If someone in London connects through a VPN server in New York, the IP geolocates to New York.

IPv6 addresses are growing in adoption. Geolocation databases cover IPv6, but accuracy is generally lower than IPv4 due to the newer allocation patterns and less historical data.

Common Use Cases

Verifying Email Origin

When you receive a suspicious email, extract the originating IP from the message headers and check its location. If a message claims to be from your bank in the United States but originates from an IP in a different country, that is a strong phishing indicator. Use the IP Reputation tool to check both location and reputation in one step.

Investigating Suspicious Account Activity

Login logs record IP addresses. If your account shows a login from an IP in a country you have never visited, it warrants investigation. Check the IP location and compare it to your known access patterns.

Geo-Compliance

Some services must restrict access by geography (licensing, regulatory requirements). IP geolocation provides the technical mechanism, though it is imperfect and should be combined with other verification methods.

Network and Deliverability Diagnostics

For email administrators, knowing where your sending IPs geolocate helps verify that your infrastructure matches your DNS records and PTR entries. Mismatches between your claimed location (in DNS) and your actual IP location can trigger filtering heuristics.

IPv4 vs. IPv6 Location Lookups

IPv4 addresses (e.g., 198.51.100.25) are the most common and best supported by geolocation databases. IPv6 addresses (e.g., 2001:0db8:85a3::8a2e:0370:7334) are fully supported by modern databases but may return less precise results.

The lookup process is identical for both. The IP Reputation tool accepts both IPv4 and IPv6 addresses.

A Note on Privacy

An IP address alone does not identify a person. It identifies a network connection point. Mapping an IP to a specific individual requires ISP cooperation and, in most jurisdictions, legal authorization. Treat IP geolocation data as approximate and contextual rather than definitive.

Stay on top of your email deliverability. Sign up for the InboxTooling newsletter for deliverability tips, tool updates, and best practices.

Related articles

IP & Network · 6 min read

How to Track an IP Address (And What You Can Actually Find)

Learn how IP tracking works, including geolocation accuracy, command line tools, email header tracing, VPN limitations, and legal considerations.
Email Deliverability · 5 min read

Domain Ownership Explained: What You Need to Know | InboxTooling

Understand how domain ownership works: registration, WHOIS records, renewal, transfer, and the rights and responsibilities that come with owning a domain name.
Email Deliverability · 4 min read

How to Ping a Server or IP Address: Complete Guide | InboxTooling

Learn how to ping an IP address on Windows, macOS, and Linux. Understand TTL, packet loss, traceroute, and when to use ping for email server troubleshooting.