Will your network get your
Codex account banned?
This is not a generic IP lookup. It analyzes your exit network specifically through the lens of how OpenAI detects and bans accounts: mainland China IPs, datacenter ranges, WebRTC leaks, API reachability, and timezone mismatches — scored 0–100 with copy-paste fix commands.
Checks take approximately 10–15 seconds. Keep your network active.
Why do these metrics affect account ban risk?
OpenAI's risk detection system doesn't simply block individual IP addresses. It evaluates behavioral patterns across your entire network context. Understanding this mechanism is the only way to genuinely reduce ban risk rather than just masking surface signals.
1. Exit IP country — the most critical factor
OpenAI's Terms of Service explicitly list restricted regions. When your exit IP geolocates to a restricted area, the automated system triggers the highest-level geographic restriction check. This is the first gate — it doesn't matter how long you've had your account, how much you've spent, or how well-behaved your usage has been. Geographic detection is automated and non-negotiable. Users in restricted regions must route all traffic through an overseas proxy exit node.
2. Datacenter IPs — guilt by association
From a technical standpoint, residential IPs (home broadband) and datacenter IPs (VPS, cloud servers, hosting proxies) are fully distinguishable. Datacenter IP blocks are simultaneously shared by hundreds or thousands of users — including abusers, scrapers, automation bots, and ToS violators. OpenAI's risk model assigns credit scores at the IP range level: a single bad actor on the same /24 subnet can pull down the score for every account in the block. Even if your own behavior is pristine, you may face increased scrutiny simply because of your IP neighbors. Vultr, DigitalOcean, Linode, Hetzner, OVH, AWS, Google Cloud, Azure, Tencent Cloud, Alibaba Cloud, and similar providers all fall into this category. The risk is meaningfully higher than residential IPs.
3. WebRTC leaks — the fatal proxy blind spot
WebRTC (Web Real-Time Communication) is a browser-native P2P protocol. Even when you have a proxy configured, WebRTC connections default to your system's actual IP, completely bypassing the proxy layer. This means: while your HTTP requests show the proxy IP, WebRTC simultaneously reveals your true IP. Modern browser fingerprinting captures this contradiction. If your proxy IP is in Japan but WebRTC shows a mainland China address, that signal is exactly what automated risk systems look for. Note that Codex CLI runs in your terminal and is unaffected by WebRTC — this check matters specifically for browser-based authentication flows.
4. API reachability — the direct Codex CLI dependency
api.openai.com is Codex CLI's sole communication endpoint. If your terminal cannot reach this address — due to DNS pollution, connection timeout, or firewall interception — Codex CLI will enter an endless Reconnecting loop and never complete a request. This check gives you an immediate, practical answer: "can my command-line tool actually run right now?" It's the most directly actionable pre-flight check before starting a Codex session.
5. Timezone consistency — the anti-evasion signal
Risk systems cross-reference IP geolocation against browser system timezone. If your IP indicates you're in California but your browser reports Asia/Shanghai as the local timezone, that contradiction is textbook "forgot to set timezone after enabling proxy" behavior. This pattern is catalogued as an anomaly signal. Individually it carries low weight, but combined with other anomalies — a datacenter IP, an inconsistent language setting, or unusual usage hours — the compounding effect significantly increases the probability of triggering a manual review flag.
Bottom line: The safest setup is a residential IP exit node in Japan, Singapore, or the US — combined with a system timezone matching that region, WebRTC disabled, and correctly configured terminal proxy environment variables. This combination carries extremely low ban risk.
Common questions about this checker
Why does a mainland China IP get accounts banned?
OpenAI's Terms of Service explicitly restrict usage in certain regions, mainland China included. When your exit IP geolocates there, automated systems trigger the highest-level geographic restriction — regardless of account standing or usage history. You must route through an overseas proxy to use OpenAI services.
What's the difference between datacenter and residential IPs?
Datacenter IPs (cloud servers, VPS, hosting proxies) are shared among thousands of simultaneous users including bad actors. OpenAI assigns risk scores at the IP range level — a single violator on the same subnet raises the score for everyone in that block. Residential IPs belong to individual households, are independently assigned, and carry far lower risk. If your proxy exit comes from Vultr, DigitalOcean, Alibaba Cloud, etc., consider upgrading to a residential IP proxy service.
Does the WebRTC leak affect Codex CLI itself?
No — WebRTC leaks are a browser-only concern. Codex CLI runs in your terminal and is completely unaffected. However, if you authenticate via a browser (logging into ChatGPT to get a session token), a WebRTC leak during that authentication step can expose your real IP and influence account risk scoring on the server side.
Is this tool safe? Does it upload my data anywhere?
Completely safe. Every check runs locally in your browser — no backend server is involved at any point. IP data is fetched directly from the public ipapi.co API by your browser, not proxied through our servers. We do not collect, store, or transmit any of your detection results.
Found issues? Fix them with the guide
Proxy setup, environment variables, timezone configuration — every step has copy-paste commands and clear explanations.