API Reference
All endpoints return a data + meta envelope. Cache state is exposed via
X-Cache (hit / miss / stale), X-Cache-Expires and
X-Query-Time-Ms headers.
https://one.gy
The JSON API is a paid feature (Pro and Max plans). Authenticate every
/api/v1 request with your API key, sent as an
X-API-Key header or an Authorization: Bearer
token. Create keys on your account page and see
pricing for plans. Requests without a key from a
paid plan return 401/403.
curl https://one.gy/api/v1/ip/8.8.8.8 -H 'X-API-Key: YOUR_KEY'
The examples below omit the header for brevity — add it to every
/api/v1 call. The open utility endpoints
(/me, /stats, /data-quality,
/geoip/status, /search/fields,
/prompts) do not require a key.
Every successful response wraps the payload in this shape.
{
"data": { ... },
"meta": {
"cached": true,
"stale": false,
"cache_expires_at": "2026-03-25T12:00:00Z",
"source": "cache",
"query_time_ms": 12
}
}
X-Cache—hit,miss, orstaleX-Query-Time-Ms— server-side processing time in millisecondsX-Cache-Expires— RFC3339 expiry when a cache TTL is knownX-Request-Id— opaque correlation id (echoed back if supplied)X-RateLimit-Remaining— tokens left in the global bucket
Checks the database and upstream RIPE Stat reachability.
curl https://one.gy/health
data.statusdata.databasedata.upstream
Returns the matched prefix, origin ASN list and geo for a single IP.
curl https://one.gy/api/v1/ip/8.8.8.8
data.ipdata.prefixdata.asns[]data.country_codedata.geo
Returns the caller's public IP as resolved from the socket or trusted reverse-proxy headers, plus lookup data when available.
curl https://one.gy/api/v1/me
data.ipdata.lookup.prefixdata.lookup.reputation
Lookup up to 100 IPs in one request; returns successes plus per-IP errors.
curl -X POST https://one.gy/api/v1/ip/bulk \ -H 'Content-Type: application/json' \ -d '{"ips":["8.8.8.8","1.1.1.1"]}'
data.results[]data.errors[]
Returns RIR authority records and IRR records for the IP.
curl https://one.gy/api/v1/ip/8.8.8.8/whois
data.resourcedata.authorities[]data.records[]data.irr_records[]
Returns multi-source abuse intelligence, including Tor, known-proxy, blocklist/DNSBL, and threat-feed signals.
curl https://one.gy/api/v1/ip/8.8.8.8/reputation
data.scoredata.verdictdata.flags.is_proxydata.sources[]
Accepts a plain number or AS-prefixed value. Includes registry block and routing summary.
curl https://one.gy/api/v1/asn/15169
data.asndata.holderdata.org_namedata.as_namedata.announceddata.blockdata.routing
Per-ASN list of announced prefixes with timelines (gzip recommended).
curl https://one.gy/api/v1/asn/15169/prefixes
data.asndata.resourcedata.prefixes[]
Neighbour counts and observed peer relationships.
curl https://one.gy/api/v1/asn/15169/peers
data.asndata.neighbour_countsdata.neighbours[]
Use <prefix>/<cidr> in the URL path. Returns origin ASN set and country code.
curl https://one.gy/api/v1/prefix/8.8.8.0/24
data.prefixdata.asns[]data.country_code
Structured, boolean search over observed hosts and services. Supports field filters (port, product, banner, TLS cert, vuln, geo, and more), ranges, sets, and facets. See the query syntax reference and /api/v1/search/fields for the full field catalog.
curl 'https://one.gy/api/v1/search?q=product:nginx%20country:US'
data.totaldata.countdata.hits[]data.facets
Counters for hits, misses, stale serves, fallbacks, and cache sizes.
curl https://one.gy/api/v1/stats
data.cache_hitsdata.cache_missesdata.hit_ratiodata.total_cache_entries
API-key gated JSON list of consensus-scored proxies. Supports protocol, country, ASN, anonymity, egress, reliability, success, latency, sort, and limit filters. The protocol, country, ASN, anonymity, and egress filters accept a comma-separated list (e.g. protocol=http,socks5) to match any of several values; a single value still works.
curl 'https://one.gy/api/v1/proxies/good?protocol=http,socks5&country=US,DE' -H 'X-API-Key: <key>'
data[].hostdata[].portdata[].protocoldata[].reliabilitydata[].egress_label
First-party node ingest endpoint for absolute per-proxy counters. Requires a per-node credential from the unified node registry (enroll + admin approval).
curl -X POST https://one.gy/api/v1/proxies/stats -H 'Authorization: Bearer <node-token>' -H 'Content-Type: application/json' -d '{"node":"node-1","install_id":"epoch-1","count":1,"proxies":[{"host":"8.8.8.8","port":8080,"protocol":"http","total_checks":5,"success_count":4,"failure_count":1,"consecutive_failures":0,"last_checked_at":1760000000}]}'
data.accepteddata.rejecteddata.node
Prometheus text format. Suitable for direct scrape.
curl https://one.gy/metrics
asn_api_requests_totalasn_api_request_duration_secondsasn_api_upstream_errors_totalasn_api_cache_events_total
400invalid input (malformed IP, ASN, prefix, or empty/oversized search)404route not found or upstream confirms the resource does not exist429rate limit exceeded;Retry-After: 1always supplied502upstream temporarily unavailable503upstream circuit breaker open500internal error (logged with request id)
- IP lookups fall back from RIPE Stat to Team Cymru on failure.
- ASN lookups enrich from PeeringDB and serve from cache when RIPE is degraded.
- Stale cache entries are served while a background refresh fires (
X-Cache: stale). - Concurrent identical requests are coalesced into one upstream call.
- All responses honour
Accept-Encoding: gzip, br.