How to Track an IP Address for Free — Exact Location Guide

Updated February 22, 2026 | 16 min read | Guides
Home / Blog / How to Track an IP Address

A small business owner gets a chargeback notification from a "customer" who claims they never placed an order. A freelancer discovers their portfolio photos reposted on a site they've never heard of. A parent receives a threatening message on their child's gaming account. Different situations, same first question: can I find out where this came from?

The answer is usually yes — to a point. Every device that connects to the internet broadcasts an IP address, and that address can be traced to an approximate geographic location, an ISP, and a network type. It won't give you a street address or a name, but it will tell you the country, often the city, and whether the connection comes from a residential ISP, a data center, or a mobile carrier. For many situations, that's enough to act on.

Most guides on this topic either oversell it ("track anyone's exact location!") or undersell it ("IP addresses are meaningless"). Neither is true. This guide covers the five methods that actually work in 2026, with real accuracy data, the modern complications that most guides skip, and practical advice on what to do with the results.

What an IP Address Actually Tells You

An IP address identifies a network connection, not a person and not a precise location. When you look up an IP, a geolocation database maps it to an approximate area based on how internet service providers allocate address blocks to their infrastructure.

Here's what a typical lookup returns:

Here's what an IP address does not tell you:

The distinction between "city-level" and "street-level" matters. When a database says an IP is in "Chicago," it could mean anywhere in the greater Chicago metro area — a region spanning thousands of square kilometers.

Real Accuracy Numbers (With Sources)

Most IP tracking guides say geolocation is "approximate" without quantifying what that means. Here are the actual numbers.

65%
of US IP addresses are correctly geolocated within 50 km of the actual user, according to MaxMind's own accuracy data. That means 35% are off by more than 50 km — for the United States alone.

MaxMind publishes accuracy statistics for their GeoIP2 City database, measured against known user IP-location pairs. The results vary significantly by country:

CountryWithin 50 kmHas city data but >50 km offNo city data at all
United States65%29%7%
Canada75%21%5%
Germany71%27%2%
United Kingdom68%24%8%
France50%13%36%
Australia65%33%2%
India56%42%2%
Japan54%8%39%
Source: MaxMind GeoIP2 City Accuracy. Accuracy tested against known web user IP-location pairs.

The industry-wide consensus, drawing from multiple independent studies, breaks down like this:

Accuracy LevelTypical Accuracy
Country level92–99%
Region/state level55–80%
City level (within 50 km)50–75%
Neighborhood level (within 10 km)15–35%
Sources: ipapi.is accuracy study, AbstractAPI research

A key finding from the ipapi.is comparative study (ongoing since January 2026): the 75th percentile deviation across all major providers ranges from 128 to 288 km. Meaning one in four lookups is off by at least 80–180 miles.

Country-level identification is reliable. City-level is a coin flip in some countries. Anything below city level is educated guesswork. Plan accordingly.

There's also a significant gap between IPv4 and IPv6 accuracy. IPv4 addresses have been mapped for decades and have richer data. IPv6, which is newer and assigned in enormous blocks, is dramatically less accurate — around 40–60% at the country level compared to 90%+ for IPv4.

5 Methods to Track an IP Address

Here are the practical methods, ordered from simplest to most involved.

Method 1: IP Geolocation Lookup (Instant)

How it works

Enter any IP address into a geolocation tool. The tool queries a commercial database (DB-IP, MaxMind, or IP2Location) and returns the location, ISP, and network information.

You can do this right now — enter any IP address on our homepage and get instant results including country, city, ISP, ASN, timezone, and coordinates.

Best for: Quick one-off lookups. You have an IP from a log file, an email, or a suspicious connection and want to know where it's coming from.

Accuracy context: You'll get country-level right ~95% of the time. City-level, expect 50–75% accuracy depending on the country.

Method 2: Email Header Analysis

How it works

Every email passes through multiple servers on its way to your inbox. Each server adds a "Received:" header containing IP addresses. By extracting the originating IP — the first external server in the chain — you can trace where the email was sent from.

Our email header analysis tool automates this: paste the full email headers, and it extracts all IPs with geolocation data for each hop.

The catch: Major webmail providers (Gmail, Outlook.com, Yahoo) strip the sender's IP address from headers. You'll see Google's or Microsoft's servers, not the sender's actual IP. This method works best with emails sent from corporate mail servers, self-hosted email, or smaller providers.

Best for: Investigating phishing emails, verifying whether an email actually came from the claimed country, tracing spam sources.

Method 3: Tracking Links and Pixels

How it works

A tracking link is a URL that redirects to a destination while logging the visitor's IP, user agent, and other data. A tracking pixel works the same way but invisibly — it's a 1x1 transparent image embedded in an email or webpage.

Our IP Logger creates both types. When someone clicks the link or loads the pixel, you get their IP address with full geolocation data, plotted on an interactive map.

Best for: When you need to capture someone's IP proactively rather than retroactively. Common use cases include verifying who's accessing shared documents, tracking email opens, and security investigations.

Important: Only use tracking links for legitimate purposes. Sending deceptive links to harvest IP addresses for harassment is both unethical and potentially illegal.

Method 4: Server Logs and Analytics

How it works

Every web server records the IP address of every visitor in its access logs. If you run a website, you already have this data.

Apache logs (typically at /var/log/httpd/access_log):

203.0.113.45 - - [05/Feb/2026:10:23:15 +0000] "GET /page HTTP/1.1" 200 4523

Nginx logs follow the same format. You can feed these IPs into a geolocation tool or API to map your visitor locations.

Best for: Website owners who want geographic analytics, identifying bot traffic patterns, or investigating suspicious access to their servers.

Method 5: Command Line Tools

How it works

Built-in command line tools can reveal IP addresses and network paths, though they don't provide geolocation on their own.

Find a website's IP:

nslookup example.com

Trace the network path to a server:

traceroute example.com # macOS/Linux tracert example.com # Windows

See active network connections:

netstat -an | grep ESTABLISHED

These tools tell you what IPs you're connected to, but to geolocate them you'll still need to run them through a lookup service.

Best for: Network troubleshooting, identifying which servers your computer is communicating with, diagnosing routing issues.

Can You Track an IP Address to an Exact Location?

This is the most common question people have about IP tracking, so let’s be direct: you cannot track an IP address to a street address or specific building. But you can often get surprisingly close — depending on the circumstances.

What “exact location” actually means with IP tracking

When geolocation databases return a latitude and longitude for an IP address, that coordinate represents the estimated center of the area the IP serves. Think of it as the middle of a circle, not a pinpoint on a map.

50 km
is the accuracy threshold used by MaxMind to measure “correct” city-level geolocation. An IP geolocated to downtown Denver could belong to anyone within a 50 km (31 mile) radius — that covers Boulder, Aurora, and most of the Front Range.

When IP geolocation gets close

Some scenarios produce more precise results than others:

When IP geolocation fails completely

The bottom line: treat IP geolocation as city-level or regional, never as a GPS coordinate. For investigations that require precise location data, IP tracking is one signal that must be combined with other evidence.

The Modern Complications Nobody Talks About

Most IP tracking guides were written as if it's 2015. The internet's infrastructure has changed significantly, and several developments have made IP tracking less reliable than it used to be.

VPN usage has gone mainstream

~2B
people worldwide now use VPNs, according to estimates from Security.org and DemandSage. In some countries it's the majority: Indonesia (~55%), Qatar (~59%), the UAE (~38%). In the US, roughly 42% of internet users report using a VPN.

When someone uses a VPN, their IP address belongs to the VPN provider's server — typically in a different city or country entirely. Geolocation returns the VPN exit node's location, not the user's. There's no way around this from the IP alone.

This isn't a niche concern. With roughly a third of global internet users on VPNs, any IP-based analysis needs to account for the fact that a substantial chunk of the data points to VPN servers rather than actual user locations. Tools like our VPN Detector can identify when an IP belongs to a known VPN provider, which at least tells you the location data is unreliable for that user.

Carrier-grade NAT: One IP, thousands of users

Mobile carriers don't assign each phone a unique public IP address. Instead, they use Carrier-Grade NAT (CGNAT), which puts hundreds or thousands of subscribers behind a single public IP. The geolocation for that IP points to the carrier's regional hub, which could be in a different city entirely.

If you're tracking a mobile user in suburban New Jersey, the IP might resolve to a T-Mobile facility in Manhattan. The geolocation is technically "correct" — that is where the IP is registered — but it's useless for locating the actual user.

CGNAT is now the default for most mobile internet worldwide, and it's increasingly used by home ISPs in regions facing IPv4 exhaustion. This means a growing percentage of IPs simply cannot be geolocated to individual users.

Starlink breaks the model entirely

Starlink, with over 5 million subscribers, routes traffic through satellites to whichever ground station has line-of-sight at that moment. A user in Orlando might route through a ground station near Atlanta, and the geolocation will show Georgia instead of Florida.

This is such a systemic problem that APNIC Labs has started overriding Starlink's geolocation data for 20 affected countries. As satellite internet grows, this will only get worse. There's no software fix for the fundamental physics of satellite routing.

MaxMind is returning less data, not more

In a notable shift, MaxMind began blanking out city, subdivision, and postal code data more frequently starting December 2025 for networks where "end users are dispersed all over the country." The industry's largest geolocation provider is essentially admitting that for certain IP ranges, claiming a city-level location would be misleading.

The trend is toward less granular IP geolocation, not more. Databases are getting more honest about their limitations rather than guessing and being wrong.

Looking up an IP address in a geolocation database is legal everywhere. It's publicly available data, and the lookup itself reveals no personal information — just an approximate location and ISP name.

But the legal landscape gets more complex when you're collecting IP addresses or trying to identify who's behind one.

In the EU: IP addresses are personal data

The European Court of Justice ruled in Breyer v. Germany (Case C-582/14) that even dynamic IP addresses constitute personal data under GDPR when the data controller has the legal means to identify the person — for example, by requesting subscriber information from the ISP. If you operate a website serving EU users and log IP addresses, you need a lawful basis under GDPR (typically "legitimate interests" for security logging, but this requires a documented assessment).

In the US: it depends on context

Under California's CCPA/CPRA, whether an IP address counts as "personal information" depends on context. An IP on its own may not qualify, but combined with other data (browsing behavior, account information), it can. The California Attorney General calls this a "fact-specific and contextual" determination.

Worth knowing: There's been a surge of lawsuits under California's Invasion of Privacy Act (CIPA) — a 1967 wiretap law — targeting companies that collect IP addresses through website tracking technologies. Courts are testing whether tracking pixels and analytics scripts constitute "pen register" or "trap and trace" devices under the law. This area of law is actively evolving.

Identifying the person behind an IP

This is the critical line: looking up where an IP is located is one thing. Figuring out who is using that IP requires ISP cooperation, which requires a subpoena or court order. Private individuals and companies cannot compel an ISP to reveal subscriber information. Only law enforcement, through proper legal channels, can connect an IP address to a specific person.

This is why IP tracking is useful for understanding where traffic comes from (country, city, ISP), but it's not a way to identify or locate specific individuals.

Making Sense of IP Data

Given all of the above, here's a realistic framework for using IP geolocation effectively:

High confidence: Country identification (92–99% accurate), ISP identification, connection type (residential vs. hosting vs. cellular), VPN/proxy detection.

Moderate confidence: State/region (55–80%), city in well-mapped countries like Germany or Canada.

Low confidence: City-level in poorly-mapped regions, anything below city level, any mobile/Starlink IP, any IP flagged as VPN/proxy.

The practical approach is to treat IP geolocation as one signal among several. Combine it with timezone data, Accept-Language headers, and other contextual information rather than relying on it as a sole source of truth.

For security investigations, the ISP and ASN data is often more valuable than the location data. Knowing that traffic comes from a hosting provider (suggesting a bot or proxy) versus a residential ISP (suggesting a real user) is frequently more actionable than knowing the approximate city.

IP geolocation is most useful when you ask "what country and ISP?" and least useful when you ask "what street address?" Use it for what it's good at, and you'll rarely be disappointed.

Free IP Tracking Tools

You don’t need paid software to track IP addresses. Here are the free tools that cover every common use case:

IP Address Lookup

Enter any IP and instantly see its city, country, ISP, ASN, timezone, and coordinates. Powered by a commercial-grade geolocation database. No signup, no limits on lookups.

IP Logger & Grabber

Create trackable links or invisible pixels. When someone clicks, their IP is captured and plotted on an interactive map with full geolocation details.

Email Header Analyzer

Paste email headers to trace the sender’s IP through every mail server hop. Detects spoofing, checks SPF/DKIM/DMARC, and geolocates each server.

VPN & Proxy Detector

Check whether an IP belongs to a VPN, proxy, or Tor exit node. Useful for verifying whether geolocation data is reliable for a given IP.

All four tools work in your browser with no account, no download, and no usage limits for standard lookups.

Frequently Asked Questions

Can you track someone’s exact location from their IP address?

Not precisely. IP geolocation identifies the approximate city or region (50–75% accuracy within 50 km) but cannot pinpoint a street address or building. Country-level identification is 92–99% accurate, but anything below city level is unreliable. Mobile users on CGNAT, VPN users, and Starlink subscribers will show locations far from where they actually are.

How do I track an IP address for free?

Enter any IP address on iptrackeronline.com for instant geolocation results including city, country, ISP, and coordinates. For tracking clicks, use the free IP Logger to create trackable links. For email investigations, use the free Email Header Analyzer to extract sender IPs. All tools are free with no signup required.

Is it legal to track an IP address?

Looking up an IP address in a geolocation database is legal everywhere. However, in the EU, IP addresses are classified as personal data under GDPR, meaning collecting and storing them requires a lawful basis. In the US, legality depends on context and state laws like California’s CCPA. Only law enforcement can compel an ISP to reveal the identity behind an IP address.

Can a VPN prevent IP tracking?

Yes. When someone uses a VPN, geolocation tools see the VPN server’s IP address and location, not the user’s actual IP or location. With roughly 2 billion VPN users worldwide, this is a significant limitation of IP tracking. VPN detection tools can identify when an IP belongs to a known VPN provider, but cannot reveal the user’s real location behind it.

Try It Yourself

Enter any IP address and see country, city, ISP, ASN, timezone, and coordinates — powered by commercial-grade geolocation data.

Look Up an IP Address

Accuracy data cited in this article comes from MaxMind's published GeoIP2 accuracy statistics, IP2Location's accuracy page, the ipapi.is comparative study, AbstractAPI's accuracy research, and WhoisXMLAPI's IPv6 geolocation analysis. All links are provided inline. Data is current as of February 2026.

Need more lookups? View Pricing