Quickstart
Make one API Request to see it in action, lookup any IP address
Documentation
API Access Key & Authentication
After signing up, every user is assigned a personal API access key, a unique combination of letters and digits provided to access to our API endpoint. To authenticate with the IpXapi API, simply include your bearer token in the Authorization header.
Headers
| Header | Description |
|---|---|
Authorization
|
[Required] Should be Bearer access_key. See "Your API Access Key" above. |
API Features
| Object | Description |
|---|---|
IP address
|
[Required] IP to look up using ipXapi. |
Example API Request:
curl 'https://ipxapi.com/api/ip?ip=3.138.109.3' -X GET -H 'Accept: application/json' -H 'Authorization: Bearer YOUR_ACCESS_KEY'Example API Response:
{
"status": "success",
"country": "United States",
"countryCode": "US",
"region": "CA",
"regionName": "California",
"city": "Mountain View",
"zip": "94043",
"lat": 37.427,
"lon": -122.097,
"timezone": "America/Los_Angeles",
"isp": "MailChimp",
"org": "MailChimp",
"as": "AS14782 MailChimp",
"query": "148.105.12.120",
"areaCode": "",
"dmaCode": "",
"inEU": 0,
"euVATrate": false,
"continentCode": "NA",
"continentName": "North America",
"locationAccuracyRadius": "1000",
"currencyCode": "USD",
"currencySymbol": "$",
"currencySymbol_UTF8": "$",
"currencyConverter": 0,
"flag": "🇺🇸",
"callingCode": "1",
"languageCode": null,
"security": {
"is_proxy": false,
"proxy_type": null,
"is_tor": false,
"is_tor_exit": false,
"threat_level": "Low",
"threat_score": "13",
"is_abuser": false,
"is_attacker": false,
"is_bogon": false,
"is_cloud_provider": false,
"is_relay": false,
"is_vpn": false,
"is_anonymous": false,
"is_threat": false
},
"classType": "class B",
"application": "Medium networks"
}
API Response Objects:
| Response Object | Description |
|---|---|
status |
Status of the response. |
country |
Country name. |
countryCode |
ISO Country code. |
region |
Region code. |
regionName |
Region name. |
city |
City. |
zip |
ip code. |
lat |
Latitude. |
lon |
Longitude. |
timezone |
Time zone. |
isp |
Internet Service Provider. |
org |
Organization |
as |
Autonomous System (AS). |
query |
Queried IP address. |
areaCode |
Area code. |
dmaCode |
Designated Market Area code. |
inEU |
Indicator if the location is within the European Union. |
euVATrate |
Indicator if the location has EU VAT rate. |
continentCode |
Continent code. |
continentName |
Continent name. |
locationAccuracyRadius |
Location accuracy radius in meters. |
currencyCode |
Currency code. |
currencySymbol |
Currency symbol in standard format. |
currencySymbol_UTF8 |
Currency symbol in UTF-8 format. |
currencyConverter |
Currency converter rate. |
flag |
Emoji representation of the country flag. |
callingCode |
Country calling code. |
languageCode |
Language code. |
security.is_proxy |
Indicator if the IP is a proxy. |
security.proxy_type |
Type of proxy (if applicable). |
security.is_tor |
Indicator if the IP is part of the Tor network. |
security.is_tor_exit |
Boolean indicating whether the IP Address is a Tor relay: exit relay node, middle relay node, or a bridge. |
security.threat_level |
Threat level (e.g., Low, Medium, High). |
security.threat_score |
Threat score (numeric representation of threat level). |
security.is_abuser |
Boolean indicating whether the IP Address is a known source of abuse (e.g., spam, harvesters, registration bots). |
security.is_attacker |
Boolean indicating whether the IP Address is a known source of malicious activity (e.g., attacks, malware, botnet activity). |
security.is_bogon |
Boolean indicating whether the IP Address is a Bogon: an unassigned, unaddressable IP address. |
security.is_cloud_provider |
Boolean indicating whether the IP address is used for hosting purposes (e.g., a node from Akamai, Cloudflare, Google Cloud Platform, Amazon EC2, and more). |
security.is_relay |
Boolean indicating whether the IP Address is a known relay. Relay IP addresses are not designed to bypass geo-controls but instead pool multiple users behind the same IP. At this time, only Apple Private Relay IP addresses are detected. |
security.is_vpn |
Returns true when the IP address under search is used by a Virtual Private Network (VPN), false otherwise. VPNs encrypt internet traffic and disguise online identity. |
security.is_anonymous |
Boolean with a true value if `is_proxy`, `is_tor`, or `is_vpn` is satisfied. |
security.is_threat |
Boolean with a true value if `is_abuser` or `is_attacker` is satisfied. The field `is_cloud_provider` is not considered. It is up to you to combine this last field with a logical OR or not. |
classType |
Class type (e.g., “class A”). |
application |
Application type (e.g., “Very large networks”). |
Examples
PHP cURL
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://ipxapi.com/api/ip?ip=8.8.8.8",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_HTTPHEADER => array(
"Accept: application/json",
"Authorization: Bearer YOUR_ACCESS_KEY",
"Content-Type: application/json",
"cache-control: no-cache"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
Java OkHttp
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import java.io.IOException;
public class Main {
public static void main(String[] args) {
OkHttpClient client = new OkHttpClient();
// Build the GET request
Request request = new Request.Builder()
.url("https://ipxapi.com/api/ip?ip=8.8.8.8")
.get() // Use GET method without a body
.addHeader("Authorization", "Bearer YOUR_ACCESS_KEY")
.build();
// Execute the request
try (Response response = client.newCall(request).execute()) {
if (response.isSuccessful()) {
// Handle the response in case of a successful request
String responseData = response.body().string();
System.out.println(responseData);
} else {
// Handle errors
System.out.println("Request error: " + response.code());
}
} catch (IOException e) {
// Handle I/O exceptions
e.printStackTrace();
}
}
}
Python
import requests
url = "https://ipxapi.com/api/ip?ip=8.8.8.8"
headers = {
'Accept': "application/json",
'Content-Type': "application/json",
'Authorization': "Bearer YOUR_ACCESS_KEY",
'cache-control': "no-cache"
}
response = requests.request("GET", url, headers=headers)
print(response.text)
JavaScript Jquery AJAX
var settings = {
"async": true,
"crossDomain": true,
"url": "https://ipxapi.com/api/ip?ip=8.8.8.8",
"method": "GET",
"headers": {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_ACCESS_KEY",
"cache-control": "no-cache"
},
"processData": false
}
$.ajax(settings).done(function (response) {
console.log(response);
});
JavaScript XHR
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function() {
if(this.readyState === 4) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://ipxapi.com/api/ip?ip=8.8.8.8");
xhr.setRequestHeader("Authorization", "Bearer YOUR_ACCESS_KEY");
Node.js Axios
var axios = require('axios');
var config = {
method: 'GET',
url: 'https://ipxapi.com/api/ip?ip=8.8.8.8',
headers: {
'Authorization': 'Bearer YOUR_ACCESS_KEY
},
};
axios(config).then(function (response) {
console.log(JSON.stringify(response.data));
})
.catch(function (error) {
console.log(error);
});
Go Lang Example
package main
import (
"fmt"
"net/http"
"io/ioutil"
)
func main() {
url := "https://ipxapi.com/api/ip?ip=8.8.8.8"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Authorization", "Bearer YOUR_ACCESS_KEY")
req.Header.Add("Cookie", "XSRF-TOKEN=")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
Ruby Net::HTTP
require "uri"
require "net/http"
url = URI("https://ipxapi.com/api/ip?ip=8.8.8.8"))
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::GET.new(url)
request["Authorization"] = "Bearer YOUR_ACCESS_KEY"
response = http.request(request)
puts response.read_body
C# RestSharp
var client = new RestClient("https://ipxapi.com/api/ip?ip=8.8.8.8");
client.Timeout = -1;
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "Bearer YOUR_ACCESS_KEY");
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
Shell HTTPie
http --follow --timeout 3600 GET 'https://ipxapi.com/api/ip?ip=8.8.8.8' \
Authorization:'Bearer YOUR_ACCESS_KEY
The batch IP lookup endpoint allows you to group up to 1024 IP search requests into a single request (you can mix up IPv4 and IPv6 addresses). This can really speed up the processing of bulk IP lookup.
JSON array as POST body
To make a batch request you can POST a JSON array containing all IP addresses you'd like to get the data for. Here's an example that uses cURL and the batch endpoint to get information about 2 different IP addresses with a single API call:
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://ipxapi.com/api/batch-ip',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS =>'[
"66.165.2.7",
"190.191.2.241"
]',
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer YOUR_ACCESS_KEY',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
A batch IP lookup request costs as many credits as IP addresses specified plus one. For instance, the example above costs 3 credits and not 2.