Get detailed geolocation and network information for any IP address
6 requests per 60 seconds per IP.
x-api-key header.
401 Unauthorized response.
50 IPs per request.
x-api-key header.
TL;DR — We do not track you, sell your data, or use analytics. IPInfo is a simple IP lookup tool that respects your privacy.
When you use IPInfo, the following data is processed transiently to serve your request:
x-api-key header), the key is validated against our local database for rate limiting purposes. API key usage counts are held in memory only and are not persisted.If you purchase a Premium API key, the following additional data is collected and stored:
POST /forgot), receipt delivery, and expiry reminders.IPInfo itself does not set any cookies. However, the Cloudflare Turnstile widget (used to protect the web lookup from automated abuse) may set cookies as part of its bot-detection mechanism.
These cookies are managed entirely by Cloudflare and are used solely for security purposes. They include:
cf_clearance — set by Cloudflare to record that you have passed a security challenge. This cookie is strictly necessary for the service to function.__cf_bm — a Cloudflare bot management cookie used to distinguish humans from bots. It expires after 30 minutes of inactivity.For more details on Cloudflare's cookie practices, see Cloudflare's Cookie Policy.
We use Cloudflare Turnstile as a CAPTCHA alternative to protect the web-based lookup form from automated abuse. Turnstile runs a lightweight, non-intrusive challenge in the background.
When Turnstile is active, Cloudflare may process:
Turnstile is only invoked on the web UI lookup. Direct API access via GET /<ip_address> does not use Turnstile.
Cloudflare's processing of this data is governed by the Cloudflare Privacy Policy.
To prevent abuse, API requests are rate-limited per client IP address. Rate limit counters are held in memory only and are automatically cleared when the server restarts. No persistent record of request counts or IP addresses is maintained.
Authenticated requests using an API key are rate-limited per key rather than per IP.
All IP lookups are performed against a local, self-hosted geolocation database (IP2Location). No lookup data is sent to any external service. The database runs entirely on our infrastructure.
For free lookups, we retain no user data. There are no databases of user activity, no log files of queries, and no session records.
For Premium users, we store: your email address, API key, rate limit configuration, and payment transaction records. This data is retained for the lifetime of your API key (1 year) and is required for key delivery, recovery, receipts, and expiry reminders. We do not store usage history or lookup queries for any user.
The following third-party services are used:
No analytics, advertising, or tracking services are used.
For free users, we do not collect or store personal data, so there is nothing to access, correct, or delete.
Premium users may request deletion of their email address and payment records by contacting us. Deleting an API key via the CLI also removes associated payment records. You can recover your API key at any time via POST /forgot using your email address.
If you have any questions or concerns, feel free to reach out.
We may update this policy from time to time. Any changes will be reflected on this page with an updated date.
Unlock higher rate limits and batch lookups for your applications.
POST /regeneratePOST /forgotYour API key has been generated and sent to your email.
Your API Key
Save this key — it's also been emailed to