Free IP Lookup Tool — Location, ASN, RDAP & 38 Blacklist Check

Check IP and Server Info

Get IP location, ASN, RDAP data, blacklist status, and DNS records in seconds.

>_
Try examples:
Server IPs Found
Data sources: DNS queries via Google DNS · IP geolocation (ipapi.is / ipwho.is) · RDAP registry data (official RIR sources) · ASN & network intelligence · Checks against 38 public blocklists (DNSBL) · Regional Internet registries (ARIN, RIPE, APNIC, LACNIC, AFRINIC)

📡 Analyze Any IP or Domain — Full Network Intelligence

Enter any IP address or domain name and instantly get a complete server intelligence report.

Every resolved IP analyzed individually — geolocation, ISP, ASN, PTR, RDAP registry data, full DNS records, and 38 live blacklist checks in a single structured report.

✅ No signup  ·  ✅ No limits  ·  ✅ IPv4 & IPv6 covered

What it delivers

What Every Report Contains

Most IP lookup tools return a single result — one IP, one location, done. This tool performs a full multi-layer analysis across every IP address a domain resolves to, whether that is one server or many distributed across different countries and network registries. Each IP is analyzed individually and presented as its own numbered entry with a complete data block.

The report is structured so that nothing is merged, averaged, or hidden. Every field shown below is present for each server found — no assumptions, no placeholders, no estimated data.

📍 Location Country, city, state or region, continent, timezone, and GPS coordinates of the server's registered physical location.
🏢 ISP & Organization The internet service provider routing the IP, the owning organization, and CDN provider when one is detected behind the address.
🔗 ASN & Routing Autonomous System Number and BGP route prefix that identify how this IP block is announced on the global routing table.
↩️ Reverse DNS (PTR) The hostname that maps back to the IP. A missing PTR record is flagged — essential for mail server reputation and spam filter compliance.
🏷️ Infrastructure Type Three direct flags — Datacenter (Yes/No), VPN/Proxy (Yes/No), Tor Node (Yes/No) — answered individually for every IP.
📮 Abuse Contact Official abuse reporting email pulled from the RDAP registry record for that specific IP block — not guessed, not generic.
Per-server detail

🧠 One Entry Per Server — No Data Grouped or Hidden

When a domain resolves to multiple IP addresses — whether two servers or twenty distributed globally — the report creates a separate numbered entry for every single one. Each entry is fully independent: its own location, ISP, ASN, route prefix, PTR record, infrastructure flags, abuse contact, RDAP registry block, and complete set of 38 blacklist results.

IPv4 and IPv6 addresses are both resolved and both included. Servers are labeled sequentially — SERVER #1, SERVER #2, SERVER #3 — so you can navigate the full list without any IP being skipped or summarized. If two servers share the same ASN or belong to the same organization, they still appear as separate entries with their own individual IP-level data.

The report header shows the target queried, the timestamp of the analysis, and the total number of IPs found — giving you an immediate summary before the per-server details begin.

Registry data

📜 Official Registry Data (RDAP)

For every IP in the report, the tool queries the authoritative regional internet registry directly — ARIN for North America, RIPE NCC for Europe and the Middle East, LACNIC for Latin America and the Caribbean, APNIC for Asia-Pacific, and AFRINIC for Africa. The RDAP block returned is the official allocation record, the same source used by network operators and legal teams for IP attribution.

Each RDAP block includes: the Network Name as registered with the authority; the Handle or unique record ID in the registry database; the full CIDR range showing the first and last address in the allocated block; the name of the registry holding the record; the date the block was officially allocated; the legal name of the owning organization; the official abuse email address; and the abuse phone number on file.

IPv4 and IPv6 addresses return entirely separate RDAP records and may show different network names, handles, registries, and contacts even when owned by the same organization. The report displays the correct record for each IP without merging data across entries.

DNS zone

🌐 Full DNS Record Lookup

At the end of every report, the complete DNS zone for the queried domain is appended. This section shows every record type published by the domain, queried from its authoritative name servers in real time.

NS records show every name server responsible for the domain. MX records show the mail server hostname and priority value — the server that receives email for that address. SOA shows the primary name server, administrator contact, and zone timing parameters. CAA records restrict which certificate authorities may issue SSL and TLS certificates. TXT records are shown in full — including SPF policies that govern authorized mail senders, domain verification tokens from third-party services, and S/MIME certificate validation strings.

These are the exact records that mail servers, browsers, CDN providers, and security scanners query when interacting with the domain — displayed here so you can audit the full published configuration in one place.

Live blacklist scan

🚫 38 Blacklist Checks — Real-Time, Per IP

Every IP in the report is checked simultaneously against 38 DNS-based blacklists — not one after another, but all in parallel so results are ready alongside the rest of the server data. Each list returns CLEAN or LISTED, with the raw response code shown when a listing is found so you can identify the specific category of the flag.

📧 Spam Sources Spamhaus ZEN, SpamCop, PSBL, RATS Spam, Nordspam BL, MailSpike BL, 0SPAM, SEM Black
⚠️ Abuse & Exploits Abusix Blacklist, Abusix Exploit, Blocklist.de, IBM DNSBL, Imp Spam, Imp Worm, IcM Forbidden
↩️ Backscatter Backscatterer, SEM Backscatter, MailSpike Z
🌐 Policy-Based UCEPROTECT L1/L2/L3, Barracuda, Hostkarma Black, Lashback, Swinog, Suomispam, Truncate, Interserver, NetherRelays, NetherUnsure
🛡️ Infrastructure Cymru Bogons, SPFBL DNSBL, s5h.net, RATS Dyna, RATS NoPtr, Anonmails, Drone BL, Drmx / WPBL

⚠️ A listing on a policy-based list does not always indicate malicious activity — it may reflect shared subnet or ASN associations. The report shows the raw result and response code so you can make an informed judgment.

Use cases

👥 Who Uses This Tool

✉️
Email administrators — verify that a mail server IP is clean across all 38 blacklists before sending campaigns. A single listing on Spamhaus or SpamCop can cause silent rejection by Gmail, Outlook, and Yahoo with no bounce returned to the sender.
🛡️
Security analysts — investigate suspicious IPs from server logs or firewall alerts. The RDAP block confirms the legal owner of the network, the infrastructure flags confirm whether the connection came from a datacenter or residential address, and the 38 blacklist results reveal any existing abuse history.
🔒
VPN users — check what a VPN exit IP actually reveals: real geolocation, ISP, datacenter or proxy classification, and whether it is already flagged on blacklists that online services query before granting access.
🖥️
DevOps & sysadmins — audit IPs after a server migration, verify PTR records are properly configured, confirm new IPs carry a clean reputation across all databases, and check that CDN nodes resolve to the expected locations.
🔍
Researchers & fraud analysts — trace the true network owner of any IP using official RDAP records from the authoritative regional registry — the same source used by ISPs and network operators for attribution.
✏️ Last Updated:
✅ Success!

Comments

Post a Comment