IPInfo

API Documentation

GET /my

Returns the client's detected IP address as plain text. Useful for programmatic access.

$ curl https://ipinfo.is/my 203.0.113.42

GET /{ip_address} FREE

Returns detailed geolocation and network information for a single IP address. Supports both IPv4 and IPv6.

Rate limit: 6 requests per 60 seconds per IP.

$ curl https://ipinfo.is/8.8.8.8 { "ip": "8.8.8.8", "country": { "short_name": "US", "long_name": "United States of America" }, "region": "California", "city": "Mountain View", "isp": "Google LLC", ... }

GET /{ip_address} API KEY

Authenticated requests using an API key receive a higher rate limit based on the allocation assigned to the key. Include the key in the x-api-key header.

Expired or invalid keys will receive a 401 Unauthorized response.

$ curl -H "x-api-key: ak_your_key_here" https://ipinfo.is/8.8.8.8 { "ip": "8.8.8.8", "country": { "short_name": "US", "long_name": "United States of America" }, "region": "California", "city": "Mountain View", ... }

POST /batch API KEY BATCH

Look up multiple IPs in a single request. Send a JSON array of IP address strings in the request body. Requires a valid API key. Maximum 50 IPs per request.

$ curl -X POST https://ipinfo.is/batch \ -H "x-api-key: ak_your_key_here" \ -H "Content-Type: application/json" \ -d '["8.8.8.8", "4.4.4.4"]' [{ "ip": "8.8.8.8", "country": { "short_name": "US", ... }, "city": "Mountain View", ... }, { "ip": "4.4.4.4", "country": { "short_name": "US", ... }, "city": "...", ... }]

POST /regenerate API KEY

Regenerate your API key. The old key is immediately invalidated and a new key is returned with the same rate limit and expiry. Authenticate with the current key via the x-api-key header.

$ curl -X POST -H "x-api-key: ak_old_key_here" https://ipinfo.is/regenerate { "old_key": "ak_old_key_here", "new_key": "ak_9f3a1b7c...", "requests_per_window": 100, "window_secs": 60, "expires_at": "2027-02-11 16:41:00" }

POST /forgot

Recover your API key. Provide the email address associated with your purchase and your active API key(s) will be sent to that email. The response is always the same regardless of whether the email exists, to prevent enumeration.

$ curl -X POST -H "Content-Type: application/json" \ -d '{"email": "[email protected]"}' https://ipinfo.is/forgot { "message": "If an active API key exists for this email, it has been sent." }

POST /receipt API KEY

Request a receipt for your purchase. A formatted invoice will be emailed to the address associated with your API key.

$ curl -X POST -H "x-api-key: ak_your_key" https://ipinfo.is/receipt { "message": "Receipt INV-00001 has been sent to your email.", "invoice_id": "INV-00001" }

Privacy Policy

Last updated: February 2026

TL;DR — We do not track you, sell your data, or use analytics. IPInfo is a simple IP lookup tool that respects your privacy.

1. Information We Process

When you use IPInfo, the following data is processed transiently to serve your request:

Your IP address — used to detect your IP and perform geolocation lookups. This is not stored or logged beyond what is necessary for the request.
IP addresses you look up — processed in real-time against our local geolocation database. Lookup queries are not stored or logged.
API keys — if you use an API key (via the x-api-key header), the key is validated against our local database for rate limiting purposes. API key usage counts are held in memory only and are not persisted.

1a. Premium Purchases

If you purchase a Premium API key, the following additional data is collected and stored:

Email address — your PayPal email address is stored alongside your API key to enable key delivery, key recovery (via POST /forgot), receipt delivery, and expiry reminders.
Payment records — we store the PayPal order ID, capture ID, amount paid, tier purchased, and payment date. This is required for receipt generation and record-keeping.

2. Data We Do NOT Collect

We do not use any analytics or tracking services (no Google Analytics, no Plausible, no Matomo, etc.)
We do not log your search queries or lookup history
We do not store your IP address in any database or log file
We do not use advertising or share data with third parties
We do not fingerprint your browser or device

3. Cookies

IPInfo itself does not set any cookies. However, the Cloudflare Turnstile widget (used to protect the web lookup from automated abuse) may set cookies as part of its bot-detection mechanism.

These cookies are managed entirely by Cloudflare and are used solely for security purposes. They include:

cf_clearance — set by Cloudflare to record that you have passed a security challenge. This cookie is strictly necessary for the service to function.
__cf_bm — a Cloudflare bot management cookie used to distinguish humans from bots. It expires after 30 minutes of inactivity.

For more details on Cloudflare's cookie practices, see Cloudflare's Cookie Policy.

4. Cloudflare Turnstile

We use Cloudflare Turnstile as a CAPTCHA alternative to protect the web-based lookup form from automated abuse. Turnstile runs a lightweight, non-intrusive challenge in the background.

When Turnstile is active, Cloudflare may process:

Your IP address (for bot detection)
Browser environment signals (not stored by us)

Turnstile is only invoked on the web UI lookup. Direct API access via GET /<ip_address> does not use Turnstile.

Cloudflare's processing of this data is governed by the Cloudflare Privacy Policy.

5. Rate Limiting

To prevent abuse, API requests are rate-limited per client IP address. Rate limit counters are held in memory only and are automatically cleared when the server restarts. No persistent record of request counts or IP addresses is maintained.

Authenticated requests using an API key are rate-limited per key rather than per IP.

6. Geolocation Database

All IP lookups are performed against a local, self-hosted geolocation database (IP2Location). No lookup data is sent to any external service. The database runs entirely on our infrastructure.

7. Data Retention

For free lookups, we retain no user data. There are no databases of user activity, no log files of queries, and no session records.

For Premium users, we store: your email address, API key, rate limit configuration, and payment transaction records. This data is retained for the lifetime of your API key (1 year) and is required for key delivery, recovery, receipts, and expiry reminders. We do not store usage history or lookup queries for any user.

8. Third-Party Services

The following third-party services are used:

Cloudflare — Turnstile (bot protection on the web UI) and DNS/CDN (if deployed behind Cloudflare). See Cloudflare Privacy Policy.
PayPal — payment processing for Premium API key purchases. PayPal handles all financial transactions. See PayPal Privacy Policy.
Resend — transactional email delivery (API key delivery, receipts, expiry reminders). Only your email address and the email content are shared with Resend. See Resend Privacy Policy.

No analytics, advertising, or tracking services are used.

9. Your Rights

For free users, we do not collect or store personal data, so there is nothing to access, correct, or delete.

Premium users may request deletion of their email address and payment records by contacting us. Deleting an API key via the CLI also removes associated payment records. You can recover your API key at any time via POST /forgot using your email address.

If you have any questions or concerns, feel free to reach out.

10. Changes to This Policy

We may update this policy from time to time. Any changes will be reflected on this page with an updated date.

IP Address Lookup

API Documentation

Privacy Policy

1. Information We Process

1a. Premium Purchases

2. Data We Do NOT Collect

3. Cookies

4. Cloudflare Turnstile

5. Rate Limiting

6. Geolocation Database

7. Data Retention

8. Third-Party Services

9. Your Rights

10. Changes to This Policy

Premium API Access

Payment Successful!

IP Address Lookup

API Documentation ×

Privacy Policy ×

1. Information We Process

1a. Premium Purchases

2. Data We Do NOT Collect

3. Cookies

4. Cloudflare Turnstile

5. Rate Limiting

6. Geolocation Database

7. Data Retention

8. Third-Party Services

9. Your Rights

10. Changes to This Policy

Premium API Access ×

Payment Successful!

API Documentation

Privacy Policy

Premium API Access