Subnetcalculator

VPN / Proxy / Datacenter Detector

Check whether an IP address is a datacenter/hosting IP, belongs to a known VPN range, or is a Tor exit node. Defaults to your own IP.

Analyzing your IP address:

216.73.216.244 — This IP egresses from a datacenter (Amazon Web Services (AWS EC2)) — not a residential connection.
Datacenter / hosting IP
Amazon Web Services (AWS EC2) YES
Known VPN range
NO
Tor exit node
NO
Autonomous system (ASN)
AS16509 · Amazon.com, Inc.
Registered country
United States (US)

Local lists: Tor exits updated 2026-07-14, VPN ranges updated 2026-07-14. Nothing is sent to external services.

Need this via API? Let us know — we're gauging demand.

How this detector classifies an IP

There is no flag in an IP packet that says "this is a VPN". Detection works by asking a more answerable question: does this address belong to infrastructure rather than to a consumer ISP? This tool combines three signals, each derived from a free, public dataset cached on our servers.

The datacenter check looks up which autonomous system announces the IP in the global BGP table, then matches that ASN against a curated list of cloud, hosting, CDN, and VPN-infrastructure operators. This is the strongest single signal: virtually every commercial VPN endpoint, scraper, and bot runs on rented servers inside these networks, because nobody sells VPN service from a residential broadband line at scale.

The VPN range check matches the address against the open-source X4BNet VPN list (10,971 CIDR ranges, updated 2026-07-14), which tracks the egress ranges of major commercial VPN providers. The Tor check uses the Tor Project's own exit list (1,391 exits, updated 2026-07-14) — authoritative, since exit relays are public by design.

Typical uses: deciding whether a login attempt deserves extra verification, filtering datacenter traffic out of analytics, debugging why a site geo-blocks you (your "residential" connection may egress via CGNAT in a datacenter), and validating proxy vendor claims. Treat the result as evidence, not proof — combine it with behavioral signals before blocking anyone.

Frequently asked questions

How does VPN detection work?

Three independent checks run against locally cached datasets. Datacenter: the IP's ASN is matched against a curated list of 50+ cloud and hosting providers (AWS, Google Cloud, Hetzner, OVH, DigitalOcean, M247, and others) — VPN servers are almost always rented in these networks. VPN: the IP is matched against an open-source list of roughly 11,000 CIDR ranges used by commercial VPN services. Tor: the IP is compared with the Tor Project's official exit node list, refreshed with each deployment.

Can a VPN avoid detection?

Yes. No IP-based detector is perfect: small or self-hosted VPNs (a WireGuard server on an unlisted VPS) may only trigger the datacenter flag, and 'residential proxy' services deliberately route traffic through consumer ISP addresses that carry none of these signals. Absence of flags means no known indicators — not a guarantee.

Why does my home IP show as a datacenter?

Some ISPs route customer traffic through CGNAT or cloud-hosted security gateways, and services like Apple iCloud Private Relay egress through CDN networks (which we classify as infrastructure). If your connection goes through any of these, the egress IP genuinely belongs to a datacenter ASN even though you're at home.

Is my IP address stored when I use this tool?

No. The analysis runs server-side against local datasets, nothing is forwarded to third-party APIs, and results are not persisted. The page is also marked non-cacheable so your result is never served to another visitor.

More Network Tools

Free tools for network engineers — no signup, no rate-limit walls.