What Your IP Address Reveals — and What a VPN Changes

Every reply from a server has to find its way back to you, so every request you send carries a return address. That return address is your public IP, and it is the single most misunderstood number in consumer privacy — treated by some as a harmless routing detail and by others as a home address printed on your forehead. Neither is right. This guide walks through what an IP genuinely discloses, who gets to read it, and where a VPN helps versus where it does nothing at all.

The number on the envelope

Think of the IP as the sender line on an envelope, not the letter inside. It exists so packets can be routed and answers returned; it is visible to anyone who handles the mail. A typical home connection presents a single public IPv4 address — something like 203.0.113.42 — shared by every device in the house through NAT, plus possibly an IPv6 address per device if your ISP routes it. You can see exactly which addresses you present with What Is My IP; the value there is the one the whole internet reads.

What the address is bound to matters more than the digits. Public IP ranges are allocated in blocks to organisations and recorded in regional registry databases (APNIC for our region, ARIN for North America, RIPE for Europe). A whois on the block returns the holder — nearly always an ISP or hosting company, occasionally a large employer. That registry link is the honest core of what your IP reveals: the network you are on, and roughly where that network terminates you.

What geolocation can actually resolve

Geolocation providers — MaxMind, IP2Location, IPinfo and friends — build tables that map address ranges to a location. They do not have a satellite on you. They infer position from registry data, ISP-published routing hints, latency triangulation, and correction feedback from apps that also know GPS. The result is a guess with an explicit confidence radius, and the accuracy collapses as you zoom in:

Field resolvedTypical accuracyWhy
Country95–99%Registry allocation is country-level and reliable
Region / state~80%Usually inferable from the ISP’s regional POPs
City50–75%Depends on ISP density; often the POP, not you
Postcode20–50%Mostly a guess extrapolated from city centroid
Street address~0%Not encoded anywhere in the IP system

The trap is the map pin. A provider returns latitude, longitude and an accuracy radius — say 20 km — but consumer maps render only the pin. So a service confidently drops a marker on a street corner that is really the centre of a 1,250 km² circle of uncertainty. When you read that an IP “located” someone, what actually happened is a city-ish centroid dressed up as precision.

Worked example: one address, three viewers

Take the connection presenting 203.0.113.42 from a customer of a mid-size Australian ISP. Here is what each party in the chain genuinely learns.

A geolocation lookup on that address might return:

{
  "ip": "203.0.113.42",
  "country": "AU",
  "region": "New South Wales",
  "city": "Sydney",
  "latitude": -33.8688,
  "longitude": 151.2093,
  "accuracy_radius_km": 20,
  "asn": "AS7545",
  "org": "TPG Telecom Limited"
}

Read that honestly: country and state are solid; “Sydney” is really “somewhere inside greater Sydney”, and the coordinates are the CBD centroid — a placeholder, not the subscriber. The genuinely certain fields are the last two: the autonomous system number and the ISP name. That is the real yield.

The website you visited sees the raw 203.0.113.42, runs the same lookup, and can now (a) show region-appropriate content, (b) apply a geo-block, and crucially (c) join today’s visit to every past visit from the same address. The IP is a linkage key.

Your ISP sees the other half of the picture. It knows exactly which account 203.0.113.42 was leased to at 14:07, and it sees every destination you connect to — because even when the content is encrypted by HTTPS, the addresses and often the hostnames are not. That last point is why a DNS lookup is worth understanding: unless you use encrypted DNS, your resolver (often your ISP) watches you translate my-health-clinic.example to an address before any TLS handshake begins.

So one address, three very different disclosures: an approximate location to a website, a durable tracking key to advertisers, and a full destination log to your ISP.

What a VPN moves — and what it doesn’t

A VPN routes your traffic through an encrypted tunnel to an exit server and presents that server’s IP to the world. Concretely, it swaps the parts of the example above:

That is a real and meaningful shift. But a VPN is a proxy for one signal, and sites identify you by many. It does not touch:

Do you actually need one?

Honestly, most people don’t need one running all day, and some are sold on fears a VPN doesn’t address. A short decision guide:

If you do choose one, the property that matters is a credible no-logs stance, ideally audited, and a business model that isn’t reselling your traffic. The strongest reputations in this space are earned on that point: Mullvad takes cash and account numbers instead of email and has been audited repeatedly — worth naming precisely because we earn nothing from it. Weigh any paid pick against that bar rather than against marketing.

What to do next

Start by seeing your own exposure. Open What Is My IP, note the address and ISP, then run a geolocation lookup on it to check how close the “location” really lands — usually a city centroid, not you. Turn a VPN on and check again: the address, ISP and city should all change, which confirms the tunnel is carrying your traffic. Then run a DNS lookup on a site you use to see the naming layer your resolver watches, and consider encrypted DNS so that log closes too. The IP is one signal among many — worth understanding precisely so you spend effort where it actually moves the needle.