The Full Data Profile Behind an IP Address
Every time you connect to a website, your IP address arrives in the server's access log. What looks like a simple number — say, 98.114.55.22 — is actually a key that unlocks a surprisingly detailed data profile. Here's a complete breakdown of what can be derived from an IP address using commercially available databases and public data sources:
- ISP / Network Provider: The organization that assigned the IP (e.g., Comcast AS7922). Pulled from BGP routing tables and WHOIS records.
- Country: 95–99% accurate. Required for any geo-IP application.
- Region/State: 70–85% accurate for residential broadband.
- City: 50–75% accurate within 25 miles; less accurate for mobile and CGNAT connections.
- Postal Code: Accuracy varies significantly by country and ISP.
- Coordinates (latitude/longitude): A confidence-scored estimate, not a precise pin. Never street-level accurate from IP alone.
- Timezone: Inferred from geographic location. Accurate at region level.
- Connection type: Residential, corporate, mobile, datacenter, satellite, or proxy.
- IP type classification: Clean residential, known VPN, Tor exit node, known proxy, botnet-flagged.
- Fraud score: Calculated risk score based on abuse history, proxy detection, and behavioral signals.
Run a full IP lookup to see what profile your current IP is generating right now.
How Advertisers Use IP Data
Advertising technology platforms use IP addresses as a first-party identifier when cookies aren't available. This happens in several scenarios: when you've cleared cookies, when you're using a browser that blocks third-party cookies, or when you're on a connected TV or gaming console without a traditional browser cookie jar.
IP-based advertising workflows include:
- Geotargeting: Serving ads relevant to your apparent location — local business ads, region-specific promotions, language-appropriate creatives
- Household targeting: All devices sharing a home router share an IP. Advertisers use this to coordinate cross-device campaigns — show an ad on your phone, retarget on your TV
- ISP-level targeting: Some ad platforms target users of specific ISPs, useful for telecom and B2B campaigns
- IP segment targeting: Data brokers maintain IP-to-demographic mappings derived from household purchase data, voter records, and other consumer databases. Your IP can be matched to income brackets, age groups, or interest segments without any cookies
The combination of IP-based household targeting and browser fingerprinting allows advertisers to track you even when you've blocked all cookies and use incognito mode. This is why cookie consent dialogs, while legally required under GDPR, don't stop all tracking — IP-based tracking continues regardless of cookie consent state.
Fraud Detection and Risk Scoring
Commercial fraud prevention platforms like MaxMind, IPQualityScore, and Sift Science build enriched risk profiles for every IP address they encounter. When you make a purchase, create an account, or take any significant action on a platform using one of these services, your IP is scored in real time.
Fraud scoring factors include:
- Is this IP a known VPN, proxy, or Tor exit node?
- Has this IP been associated with fraudulent transactions in other merchants' data?
- Does the IP's geolocation match the billing address provided?
- Is this IP flagged in abuse databases (Spamhaus, AbuseIPDB)?
- How many different user accounts have been created from this IP recently?
- Is the connection type consistent with the stated user context (e.g., datacenter IP on a consumer checkout)?
A high fraud score can result in declined transactions, manual review holds, account creation blocks, or additional verification steps — all without any notification to you as the user. If you're using a VPN and experiencing checkout problems or account creation friction, a high fraud score on your VPN's IP is often the cause. Check your IP's reputation with our IP lookup tool.
See Your Full IP Data Profile Right Now
Check your IP address, geolocation, ISP, and connection type with one free lookup.
Hide My IP NowWhat Your IP Exposes to Your ISP
Everything above describes what external sites can learn about your IP. Your ISP can learn even more — and they learn it from the inside. Your ISP sees:
- Every domain you DNS-query: Even if you switch to Google's 8.8.8.8 or Cloudflare's 1.1.1.1, your ISP can see the DNS queries unless you use DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT)
- The IP addresses you connect to: Even with HTTPS, your ISP sees which servers you're communicating with and how much data you transfer
- TLS SNI (Server Name Indication): When your browser initiates an HTTPS connection, the target domain is included in the TLS handshake in plaintext — visible to your ISP unless you use Encrypted Client Hello (ECH)
- Connection metadata: Timing, frequency, and volume of connections can reveal behavior patterns even without content inspection
In the United States, ISPs can sell anonymized browsing data to advertisers. While "anonymized" is supposed to mean individually non-identifiable, IP-based datasets are rarely truly anonymous — re-identification from ISP datasets has been demonstrated in academic research repeatedly. Using a VPN with a reputable no-log provider moves this visibility from your ISP to the VPN provider. Run a DNS leak test to confirm your DNS queries are actually routing through the VPN.
Reducing Your IP Data Footprint
Based on the data exposure profile above, here's a prioritized list of actions that meaningfully reduce what your IP reveals:
- Use a no-log VPN: Replaces your ISP-assigned IP with the VPN server's IP for all external connections. Eliminates ISP-level traffic analysis. Verify with DNS leak test.
- Enable DNS-over-HTTPS: Encrypts DNS queries to prevent ISP DNS snooping. Configurable in Firefox (Settings > Privacy > DNS over HTTPS), Chrome (Settings > Security > Use Secure DNS), and most VPN clients.
- Use Encrypted Client Hello (ECH): Firefox supports ECH for supported domains, hiding the SNI from network observers. Enable in
about:configwithnetwork.dns.echconfig.enabled = true. - Rotate your IP periodically: Request a new DHCP lease from your ISP to change your dynamic IP. This breaks long-term IP-based behavioral profiles.
- Combine VPN with uBlock Origin: Blocks third-party tracking pixels and scripts that combine IP data with cookie-based tracking.
Frequently Asked Questions
Can websites see my actual device from my IP address?
No, not from the IP address alone. Your IP identifies the connection, not the specific device. However, combined with browser User-Agent strings, fingerprinting APIs, and cookies, websites can often identify the specific device and browser, and track it across sessions even without cookies.
Does changing my IP address stop all tracking?
No. IP tracking is one of many tracking mechanisms. Browser fingerprinting, cookies, login sessions, and behavioral patterns all persist through IP changes. Changing your IP while maintaining the same browser fingerprint and logged-in accounts provides minimal additional privacy.
What is an IP reputation score?
Fraud prevention services maintain reputation databases for IP addresses, scoring them based on their history of suspicious activity, whether they're flagged as VPN/proxy/Tor IPs, how many accounts have been created from them, and whether they appear in abuse reports. A low reputation score can trigger friction on e-commerce sites, content platforms, and SaaS signups.
How do data brokers know my home address if my IP only shows a city?
Data brokers don't derive home addresses from IP addresses. They compile home addresses from public records (voter rolls, property records), retail loyalty programs, warranty registrations, app permissions, and data purchases from other brokers. They then correlate these with IP addresses to create enriched household profiles. The IP is just one of many data inputs.
