AI Super Tools
Log in
Free · Network Tools

IP Purity Check

Risk score, shared-user estimate, blacklists, proxy/VPN/Tor detection

★★★★★ Loved by thousands 🔒 Private by design ⚡ Instant results

🖥️ Browser environment check

WebRTC leak

WebRTC can reveal your real IP even behind a VPN. If an IP appears here that differs from above, your VPN is leaking.

Browser fingerprint

A hash of your browser traits. The more unique it is, the more trackable you are across sites.

How the risk score works

We query multiple independent data sources in parallel — geolocation and ASN data, commercial proxy/VPN databases, authoritative RDAP registry records from the five RIRs, the official Tor exit list, and DNS-based blacklists (Spamhaus ZEN, SpamCop, Barracuda). Each confirmed signal adds weighted points to a 0–100 risk score: anonymization networks and blacklist entries weigh most; datacenter hosting, anycast CDN egress and broadcast (non-native) announcements weigh moderately; carrier NAT adds a small informational weight. The purity value is simply 100 minus the risk score. Unavailable sources never count against an IP.

Data sources: ip-api.com, proxycheck.io, ipwho.is, RDAP registry data (ARIN/RIPE/APNIC/LACNIC/AFRINIC), Spamhaus ZEN, SpamCop, Barracuda, Tor Project exit list. Sources that fail or time out are marked unavailable and excluded from scoring.

Frequently asked questions

What is IP purity and why does it matter?

IP purity describes how "clean" an IP address looks to risk-control systems: whether it appears on spam or abuse blacklists, whether it belongs to a datacenter, proxy, VPN or Tor network, and how many users share it. Streaming services, e-commerce sites, ad platforms and sign-up flows all score incoming IPs — a low-purity IP gets more CAPTCHAs, verification steps, feature blocks or outright bans.

What is a good risk score?

0–19 is excellent and behaves like a normal home connection. 20–39 is good with only minor signals. 40–59 will trigger extra verification on strict platforms. 60+ means the IP is flagged as a proxy/VPN/datacenter address or blacklisted, and many services will restrict it.

How accurate is the shared-user estimate?

It is a statistical range, not an exact count. We derive it from the IP type (residential, mobile, datacenter), carrier NAT behavior and proxy/VPN signals. A clean home IP is typically 1–5 people; a mobile CGNAT egress can be hundreds; a commercial VPN endpoint or Tor exit can serve thousands. Providers with device-level telemetry can narrow this further — we label every estimate with its confidence level.

Why do different checkers give different results?

Each checker uses different databases with different update cycles. We aggregate several independent sources, show you exactly which source triggered each signal, and mark any source that was unavailable, so you can judge the evidence yourself.

Is my query logged?

Lookups are cached briefly at the edge for performance, and we do not build profiles of the IPs you check. Checking your own IP sends only the IP itself to the data providers listed above.

What is a native IP vs a broadcast IP?

A native IP is registered (per the regional internet registry — ARIN, RIPE, APNIC, LACNIC or AFRINIC) in the same country where it is actually announced and geolocated. A broadcast IP is announced outside its registration country — typical of anycast CDNs, transferred address blocks and rented ranges. Many platforms treat broadcast space as lower-trust because it does not look like an ordinary local consumer connection; native residential IPs score best.

Related tools