Your public IP address

What is my IP address?

Current IP

We are checking your public-facing address now.

Connection details

Connection Details

Name Address: Loading...
IPv4: Checking...
IPv6: Checking...
ISP: Checking...
IP ASN: Checking...
Browser: Detecting...

ISP and ASN are estimated from public IP registry data.

Tools

Network & security utilities

Click any tool to expand it. Most run entirely in your browser though a few lookups run server-side on this domain. Nothing you submit is logged by IPSteak.

Quick scan

Scan my connection Run a one-shot report against your own IP — blocklist, WebRTC leak, IPv6 reachability, Cloudflare colo, TLS / HTTP version.

Orchestrates the existing tools (Cloudflare /cdn-cgi/trace, /api/blocklist, ipify v6, browser RTCPeerConnection). Nothing leaves your browser except the lookups you'd run manually anyway.

IP & network

IP / host lookup Geolocation, ASN, network prefix, abuse contact, reverse DNS.

Network & geo data: RIPEstat (RIPE NCC). Reverse DNS via RIPEstat PTR endpoint.

WHOIS / RDAP Registration, registrar, name servers, status, dates.

RDAP via rdap.org, proxied by our /api/whois endpoint. No queries are logged.

ASN browser Announced prefixes, BGP neighbours, type — all from RIPEstat.

Data via RIPEstat (RIPE NCC) JSONP — same source as the IP lookup. Runs in your browser.

Blocklist check Cross-references against abuse.ch FeodoTracker, DShield, and the Tor exit list.

Feeds: abuse.ch FeodoTracker (CC0), DShield top sources, Tor exit list. Cached at the edge for 1 hour.

DNS & email

DNS lookup A, AAAA, MX, TXT, NS, CNAME, SOA, CAA over DNS-over-HTTPS, with DNSSEC AD flag.

DNS-over-HTTPS: Cloudflare 1.1.1.1, with Google fallback. Both permit ad-supported commercial use.

Reverse DNS (PTR) lookup Turn an IPv4 or IPv6 address into its PTR record, with the full .arpa query name and TTLs.

DNS-over-HTTPS: Cloudflare 1.1.1.1, with Google fallback. PTR records are set by the network operator that owns the address space — not every IP has one.

DNS propagation check Query 8 unfiltered public resolvers in parallel and compare answers — useful for catching propagation lag and split-horizon DNS.

Resolvers: Cloudflare, Google, Quad9, AdGuard, DNS.SB, Mullvad, ControlD, OpenDNS — all unfiltered endpoints. Queries run via the /api/dns-propagation endpoint.

SPF / DKIM / DMARC inspector Diagnose email authentication and spoofing protection.

TXT records read via DNS-over-HTTPS (Cloudflare 1.1.1.1, Google fallback). Pairs well with the email-header analyzer below.

Security headers grader Audit a site's HTTP response headers — HSTS, CSP, frame-ancestors, Referrer-Policy, Permissions-Policy, COOP/COEP/CORP — with a letter grade.

Our /api/security-headers endpoint fetches the URL server-side and inspects response headers. Inspired by securityheaders.com; the grading rubric is open in this repo.

Certificate Transparency search Find every certificate ever issued for a domain — surfaces shadow IT and subdomains.

Data from crt.sh (Sectigo's public CT log search). Our /api/ct endpoint proxies and caches; no rate-limit auth required.

Port reachability check Test whether common TCP ports accept connections from the public internet.

Probes a small allowlist of common ports (22, 25, 53, 80, 443, 465, 587, 993, 995, 3389, 8080, 8443) from our /api/port-check endpoint. Targets behind some CDNs may return a platform-limitation note. This is not a full port scan — bring nmap for that.

TLS certificate inspector Issuer, SAN list, validity, expiry — inspected from the live TLS handshake.

Live TLS handshake performed by our /api/tls endpoint; certificate decoded locally. Some CDN-hosted hostnames return a platform-limitation note when our backend cannot complete the handshake.

Browser & client

Connection headers What your browser reveals: TLS, HTTP version, Cloudflare colo, UA, languages, client hints.

Origin-side data via Cloudflare /cdn-cgi/trace; browser data is read locally via the navigator API. Nothing is sent to a third party.

WebRTC leak test Local IPs the browser exposes through RTCPeerConnection.

Runs entirely in your browser via RTCPeerConnection. STUN servers (Cloudflare, Google) are contacted only by your browser; nothing returns to ipsteak.com.

Calculators & converters

Subnet calculator IPv4 CIDR: network, broadcast, mask, wildcard, host range, host count.

Runs entirely in your browser. Nothing leaves your device.

IPv6 expand / compress Normalize between full and compressed forms; binary; reverse-DNS arpa.

Runs entirely in your browser. Nothing leaves your device.

MAC vendor lookup OUI / MA-L vendor for any MAC address. Runs entirely in your browser.

OUI / MA-L registry data is bundled with the page from the public IEEE registry. Lookup runs in your browser.

Email triage

Email header analyzer Paste raw email headers — get the Received hop chain plus SPF / DKIM / DMARC verdicts.

Runs entirely in your browser. Nothing leaves your device. Use this for phishing triage and routing diagnostics.

Calculators & converters

IPv6 subnet calculator Prefix math, host count, /48 → /56 → /64 hierarchy.

Runs entirely in your browser. Useful when planning IPv6 delegation from an ISP-issued /48 or /56.

CIDR aggregator Collapse a list of IPv4 / IPv6 prefixes into the minimal covering set.

Runs entirely in your browser. Handles IPv4 and IPv6 in the same input — the tool sorts results by family.

Encoders & decoders Base64, Base32, URL, JSON pretty / minify, JWT decode — all client-side.

Runs entirely in your browser. JWTs are decoded but signatures are NOT verified — pasted tokens never leave your device.