← ipinfo.app

// API Reference

Most ipinfo.app services expose free, unauthenticated JSON APIs. Some Blackbox endpoints require a RapidAPI subscription.

// Global Notes
All endpoints return Content-Type: application/json (where applicable) and include Access-Control-Allow-Origin: * — safe to call from any browser or script. Responses are cached at the Cloudflare edge; cache duration varies by service. Most endpoints require no authentication. Blackbox has free tiers as well as paid plans via RapidAPI for higher volume use.
// Services
ASN Lookup asn.ipinfo.app

ASN details, CIDR prefix lists, and firewall-ready output in 11 formats including ipset, iptables, nginx, Cisco, and Juniper.

GET/api/json/details/:as
GET/api/json/search/:q
GET/lists/:as/ipset
View full docs →
Blackbox blackbox.ipinfo.app

IP reputation scoring — proxy, VPN, Tor, cloud, hosting, and Spamhaus classification for any IP address.

GET/api/v2/:ip
GET/api/v1/:ip
View full docs →
IP to ASN ip2asn.ipinfo.app

Resolve any IP address to its Autonomous System Number and organisation name. Supports a self-lookup shortcut.

GET/api/v1/:ip
GET/api/v1/@me
View full docs →
Net Atlas ip2country.ipinfo.app

Full IP-to-country and IP-to-ASN resolution. The internal data backbone for the whole suite. Supports hostname lookups.

GET/api/v2/ip/:ip
GET/api/v2/asn/:as
GET/api/v1/country/:ip
View full docs →
StopForumSpam sfs.ipinfo.app

Download pre-built nginx and Apache blocklists generated from the StopForumSpam database, filtered by time window.

GET/api/downloads/nginx/:period
GET/api/downloads/htaccess/:period
View full docs →
// Common Behaviour
CORSAccess-Control-Allow-Origin: * on all JSON endpoints — call from any origin.
AuthNo API key required for most services. Blackbox has free tiers; higher-volume access requires a RapidAPI key.
CachingResponses are cached at Cloudflare's edge. Most IP lookups cache for 1 week (max-age=604800). Search results are shorter-lived.
Rate limitsNo hard limits for reasonable use. Search endpoints on ASN Lookup apply a soft limit of 30 req/min per IP.
IPv4 vs IPv6Use ipv4.my.ipinfo.app or ipv6.my.ipinfo.app to force a specific protocol version when fetching your own IP.
ErrorsNon-200 responses include a JSON body with an error string where applicable. 410 Gone is returned for removed endpoints. Always check the HTTP status code before applying output — do not pipe responses directly into configs without a status check.
Empty responsesASN format endpoints (ipset, nginx, iptables, etc.) return HTTP 200 with an empty body when the requested ASN has no data. This prevents error strings from landing in firewall configs. 502 is still returned for upstream failures and should be treated as a hard error.