Data Sources

What each field represents, and where it comes from.

Libreprobe surfaces data from two sources: your HTTP request headers (read by a Cloudflare Worker) and Cloudflare's edge metadata. The fields are grouped below by what they actually describe — your connection, your network provider, your estimated location, or Cloudflare's infrastructure.

Last updated: 4 March 2026 · Open an issue on GitHub

Every data point shown in the UI is derived at request time from your connection's headers or from Cloudflare's edge metadata. Nothing is enriched from third-party data brokers, no lookups are made on your behalf after the response is sent, and no data is retained.
Connection Data
IP address, TLS version, HTTP version, and Ray ID describe the HTTP connection itself, read directly from request headers.
Network / ISP Data
ASN and organisation name describe the network that owns the IP prefix, derived from BGP routing tables.
Estimated Location
City, region, country, continent, and timezone are inferred from IP geolocation. These are estimates, not verified positions.
Cloudflare Edge
PoP code, edge city, and edge country describe Cloudflare's infrastructure — the data centre that handled your request, not your location.
Connection Data

These fields describe the HTTP connection itself. They are read directly from the inbound request by the Cloudflare Worker and returned verbatim. No external call is made to resolve any of them.

IP Address cf-connecting-ip — the public IPv4 or IPv6 address of the client as seen by Cloudflare's edge.
TLS Version cf-visitor (parsed) or request.cf.tlsVersion — the TLS protocol version negotiated for this connection (e.g. TLSv1.3).
HTTP Version request.cf.httpProtocol — the HTTP version used for this request (e.g. HTTP/2, HTTP/3).
Ray ID cf-ray — Cloudflare's unique identifier for this request, formatted as a hex string followed by a PoP code (e.g. 7f2e1a3b4c5d6e7f-LHR).

IP address, TLS version, HTTP version, and Ray ID are exact values derived directly from the connection. They are not estimated.

Network / ISP Data

These fields describe the network that owns the IP prefix your connection originates from. Autonomous System Numbers (ASNs) are allocated by regional internet registries (ARIN, RIPE, APNIC, etc.) and are publicly announced via BGP. Cloudflare resolves the ASN and registered organisation name for the source IP before passing the request to the Worker.

ASN request.cf.asn — the numeric autonomous system number for the IP's announced prefix (e.g. AS15169).
Organisation request.cf.asOrganization — the registered organisation name for that ASN as listed in the relevant RIR's WHOIS database.

ASN data is generally reliable and changes infrequently. It reflects the network operator — your ISP, a cloud provider, a university, a corporate network, or a VPN service — not necessarily your end employer or physical location.

Estimated Location

These fields are inferred from IP geolocation — they represent Cloudflare's best estimate of where your IP address is registered, not a verified physical position. Geolocation is resolved by Cloudflare at the edge before the request reaches the Worker; no separate lookup is made.

City request.cf.city — estimated city associated with the IP. Accuracy degrades for mobile, satellite, and shared-infrastructure IPs.
Region request.cf.region — subdivision (state, province, county). May be absent for some IP ranges.
Country request.cf.country — ISO 3166-1 alpha-2 country code. Reliably accurate at the country level for most IPs.
Continent request.cf.continent — two-letter continent code (e.g. EU, AS).
Timezone request.cf.timezone — IANA timezone string inferred from the IP's geographic region (e.g. America/New_York).

GeoIP accuracy is highest at the country level (~99 %) and decreases at city level (~80–85 % within 50 km). VPN, Tor, satellite, and mobile carrier IPs will often resolve to a location that does not match your physical position.

Cloudflare Edge

These fields describe Cloudflare's infrastructure — specifically, the Point of Presence (PoP) that physically handled your request. They say nothing about your location. Cloudflare operates hundreds of PoPs worldwide, each identified by a three-letter IATA airport code (e.g. LHR for London Heathrow, NRT for Tokyo Narita). Libreprobe extracts the PoP code from the Ray ID and resolves it to a city and country using a bundled lookup table.

PoP Code Extracted from the first three characters of the cf-ray header suffix (e.g. …-LHR).
Edge City Resolved via a static IATA-to-city mapping bundled with the Worker. Updated periodically as Cloudflare opens new PoPs.
Edge Country ISO 3166-1 country derived from the same IATA lookup. Reflects the country of the data centre, not your location.

The PoP serving your request is determined by Cloudflare's anycast routing — typically the geographically closest PoP with available capacity, though traffic engineering and network conditions can route you to a more distant node. A PoP in a different country from your own is not unusual.

Accuracy & Caveats

Different fields have meaningfully different reliability characteristics:

  • Exact — IP address, TLS version, HTTP version, Ray ID, ASN, PoP code. These are read directly from the connection and are not estimated.
  • Usually accurate — Country, continent, organisation name. Country-level GeoIP and ASN data are reliable for the vast majority of IPs.
  • Approximate — City, region, timezone. These are inferred from the IP prefix and degrade in accuracy for mobile, satellite, and shared infrastructure IPs.
  • Indirect — Edge city and country. These reflect Cloudflare's infrastructure geography, not yours.

If a field shows an unexpected value — especially city or region — the most common explanations are: using a VPN or proxy, connecting via a mobile carrier that routes traffic through a central gateway, or connecting through a corporate network with centralised internet egress.

Upstream & Third Parties

Libreprobe does not query any external API to enrich the data shown. All fields originate from Cloudflare's edge platform at request time.

Cloudflare's geolocation and ASN data is compiled by Cloudflare from multiple upstream sources including regional internet registry WHOIS data, BGP routing tables, and commercial geolocation databases. The accuracy and methodology of that underlying data is governed by Cloudflare. See Cloudflare's Privacy Policy and their developer documentation for further detail.

The IATA PoP lookup table is maintained by the Libreprobe project. It originates from tobilg/cloudflare-edge-locations and has been verified, corrected, and extended against Cloudflare's own published PoP list. Where the two sources disagreed, Cloudflare's data was treated as authoritative. If you notice an incorrect PoP mapping, please open an issue.

Privacy Policy Open an issue