You can get your usage over the last 24hrs from the
count field returned in all API responses. To get your usage over a period greater than 24hrs you can submit a request to firstname.lastname@example.org. We are actively developing a dashboard to make this data more accessible and account management better.
Rate limiting is on a rolling 24 hr window, this way you get the most out of your daily quota. Your quota renews 24hrs after you make your first call. For example if you sign up and make your first call at 10 am. Your quota will from then on renew at 10am every day. A simple trick to change this time is to not make any calls for a 24hr period then whatever new time at which you make your first call will be the new time your quota resets.
You can make up to 1500 requests daily with your free API key. Note that commercial use is restricted on the free tier, also the data provided on the free tier will be pared down in future. We do not have any plans to limit the length of the free tier at the moment.
On the free tier all further requests are blocked and you receive an email notification. On paid plans you receive a limit warning when you have used 90% of your quota. We also pad your account by 10% of your plan.
An edge case exists where you might not receive a limit warning email if you upgrade a free key after getting a limit warning and go on to exhaust your new upgraded quota in a short space of time after that.
We make checks for changes in IP Address allocations daily and aggregate changes bi-weekly. Our threat data is updated every 15mins and aggregated hourly, that is the data changes every 15 minutes and we aggregate and publish those changes hourly.
This can be particularly frustrating especially when your Google Analytics data doesn't match your usage. We can help you trace the origin of the traffic from our end. The reasons for this include;
Calling the API on every page view. We recommend calling the API once per user session and storing the response in a cookie.
Internal usage, you might have set your organisation's internal network to be excluded from Google Analytics and builds or automatic test suites running from that range are generating excessive requests
Bots and scrapers
Some Solutions for this;
Reaching out to us to help you trace the source of your traffic (paid users)
Identifying bots from the user agent and not calling the API when it's a bot
Caching user location per session to avoid excessive calls to the API
Restricting use of your API Key to a whitelist of server IP Addresses or specific domains. This is the most secure way to access the API (paid users)
Yes. We act as data processors for the IP Address data you send us. Also note that we do not keep records of the IP Addresses you look up. We do however keep track of IP Addresses that make calls to our API for rate limiting purposes and then only for 24hrs. We may keep IP Addresses for longer if we have banned them. To get a copy of our DPA, send a request to email@example.com.
Yes you can.
If you are on the free tier, just sign up for any paid plan at https://ipdata.co/pricing.html with the same email address you used when you signed up for your free key and we will automatically upgrade your free key to a paid key.
On paid plans simply send a request to firstname.lastname@example.org and we will upgrade you from our end with no further action by you. Be sure to send the request from the email address you signed up with.
ipdata was built for high scalability, we run out of 11 AWS Data centers globally from Virginia to London to Sydney and can scale to billions of calls a day. You can learn more about our infrastructure from our feature on the AWS Startups Blog.