IP Geo API vs ipgeolocation.io in 2026: Bundled Endpoints, Bundled Threat-Detection, and the EU-Residency Question

5-minute read · 2026 pricing · honest assessment

If ipgeolocation.io is on your IP-geolocation shortlist in 2026, the comparison usually comes down to three things: do you actually need the bundled timezone / astronomy / currency endpoints, is threat detection part of the base plan or a separately-priced Security API, and do you need EU data residency? ipgeolocation.io has a generous 30K req/mo free tier, a Swiss-army-knife API surface, and a low $15 entry-paid tier — but its 2018-era pricing posture (Security API priced separately, USD billing, US-headquartered hosting) creates real friction for a lot of EU teams. This post lays out where each one wins, without the marketing varnish.

Looking for the full feature matrix? Jump straight to the ipgeolocation.io alternative comparison →.

The 60-second take

Pick the row that’s the dealbreaker. If two rows pull opposite directions, the row enforcing a hard architectural or compliance constraint wins — for example, “we cannot ship a paid product whose IP-threat data lives in a separately-billed US-hosted Security API” beats “we’d prefer the bundled astronomy endpoint.”

The real reasons teams switch from ipgeolocation.io to IP Geo API

The most common switch story we hear isn’t about price or latency. It’s about production realities that the 2018-era ipgeolocation.io packaging didn’t anticipate:

1. Threat detection is a separately-priced Security API. ipgeolocation.io’s is_proxy / is_tor / is_anonymous flags live behind a separate Security API SKU that doubles your monthly spend at 1M req/mo (Standard $40 + Security $40 = $80). We bundle is_vpn, is_proxy, is_tor, is_datacenter, and is_residential into every response on every tier, including free.
2. Bundled bonus endpoints inflate cognitive load. Timezone + astronomy + currency + UA parsing in one response is genuinely useful if you’d otherwise integrate 3-4 APIs — but most teams use 2 fields and ignore the rest. The bundled response payload is ~1.4KB on average; ours is ~600B. At 1M req/mo over a slow link, the wire-time delta is non-trivial.
3. EU-only data residency for regulated sectors. ipgeolocation.io is US-incorporated and uses standard cloud terms; queries can transit US-based edge nodes. For fintech, healthtech, gov-tech, and adtech under GDPR scrutiny, that’s a documented Article 44/45 transfer-assessment problem. We’re EU-only at infra (Hetzner Frankfurt + Vercel fra1), at contract, and at corporate level.
4. USD billing fatigue. Stripe/USD invoicing plus monthly FX adds 1-3% friction on every European invoice. Dutch, Belgian, German, and French finance teams flag this on every close. We bill EUR via Mollie with iDEAL, SEPA, Bancontact, and credit card as first-class methods.
5. Bronze tier looks cheap until you add Security. ipgeolocation.io’s $15/mo Bronze (150K req/mo) is genuinely cheap on raw $/req. The moment you need threat flags — and most production IP-geo workloads do — it jumps to $30+ once you bolt on the Security API. Our €29/mo Starter (100K req/mo) ships with full threat data included, so the apples-to-apples comparison at “geo + threat” volume is closer to even at the entry tier and clearly favors us at 500K+ req/mo.

If none of these hit your stack — you don’t need threat detection, you actively use the bundled astronomy or currency endpoint, you’re outside the EU residency net — ipgeolocation.io’s bundled-everything posture is genuinely good and you have no switching reason. Stay where you are.

The real reasons to not switch

We try to be straight about this — the fastest way to lose a customer is to oversell the migration.

• You actively use the bundled endpoints. If your single ipgeolocation.io call replaces a timezone API + a currency API + a UA-parser API, the bundle is real engineering savings (4 vendors → 1, 4 contracts → 1, 4 status pages → 1). We’re a focused IP-geo + threat product. We don’t do astronomy.
• Your users are spread across 50+ non-EU countries. ipgeolocation.io’s multi-region edge beats an EU-hosted REST API on median latency for non-EU clients. For a European SaaS with European users, the latency delta rarely matters. For a global consumer app with users in Asia and the Americas, it does.
• Your traffic profile is heavy at 100-200K req/mo without threat needs. The Bronze tier at $15 is the cheapest geo-only API on the market in that volume band. If you don’t need threat flags, our €29 Starter doesn’t beat it on raw $/req.
• You depend on connection_type in their format. ipgeolocation.io’s connection_type field is a derived classification (mobile / cable / dialup) that we don’t expose 1:1. We expose is_datacenter as a boolean which covers the most common decision (block hosting traffic) but not the full spectrum.
• You’re locked to a longer track record. ipgeolocation.io has been operating since 2018. We launched in 2026. Vendor risk is a fair concern. Our mitigation: full data export, open-source clients, and a documented exit path on the pricing FAQ. But “older vendor = lower risk” is a defensible heuristic.

What migration actually looks like

For most teams the move is a single base-URL flip plus a thin response-shape adapter:

- // ipgeolocation.io (api-key as query param, JSON only)
- const r = await fetch(
-   `https://api.ipgeolocation.io/ipgeo?apiKey=${KEY}&ip=${ip}`
- );
- const data = await r.json();
- const country = data.country_code2;
- const city = data.city;
+ // IP Geo API (auth-header, EU-hosted, threat bundled)
+ const r = await fetch(`https://ipgeo.10b.app/v1/lookup/${ip}`, {
+   headers: { Authorization: `Bearer ${process.env.IPGEO_API_KEY}` }
+ });
+ const data = await r.json();
+ const country = data.country.iso_code;
+ const city = data.location.city;
+ // Threat block — already there, no extra API call:
+ const isVpn = data.threat.is_vpn;

The non-obvious work is field mapping. ipgeolocation.io uses country_code2, state_prov, city, latitude/longitude, time_zone.name, plus optional Security-API-only is_proxy / is_tor flags. We use a nested-object shape: country.iso_code, location.region, location.city, location.lat/location.lng, location.timezone, with threat.is_vpn / threat.is_proxy / threat.is_tor / threat.is_datacenter / threat.is_residential always present in the same payload. Full mapping table on the ipgeolocation.io alternative comparison page.

What we recommend:

1. Dual-call for 24-48h. In the request handler, call both ipgeolocation.io and our API; log every diff to a structured store. The most common diffs are city-naming (we use canonical English; ipgeolocation.io occasionally returns local-script names) and ASN organization formatting.
2. Cache the response. Most workloads see a 60-80% IP repeat-rate within an hour. A 1-hour TTL cache (Redis, Memcached, or local LRU) cuts your billable count proportionally — and brings effective latency back below 1ms for hot IPs even on a REST API.
3. Keep the ipgeolocation.io free tier warm for 7 days as rollback insurance, then turn off the Security API SKU and remove the bundled endpoints you’re not using.

Full migration guide with curl examples is on the ipgeolocation.io alternative comparison page.

Pricing math at three common volumes

Direct apples-to-apples needs a small adjustment because ipgeolocation.io’s Security API is a separate SKU. The table below is illustrative based on 2026 public list pricing for the most common workload (city-level + threat detection):

Numbers above are list-price snapshots from ipgeolocation.io’s public pricing page on 2026-04-23. Negotiated annual contracts vary. The headline: ipgeolocation.io’s flat plans are competitive on raw geo-only $/req — but for workloads that need VPN/proxy/datacenter flags from day one (most production fraud / abuse / personalization use-cases) the apples-to-apples math is cleanly in our favour from 500K req/mo upward, and the EU-residency contractual posture is a hard constraint we win on regardless of volume.

Trust check: should you trust this comparison?

Honest disclosure: this post is on the IP Geo API blog. We have a commercial reason to suggest switching. We tried to compensate for that bias by:

• Listing ipgeolocation.io’s strengths (bundled endpoints, $15 entry tier, multi-region edge, longer track record) in the same depth as ours.
• Naming specific cases where ipgeolocation.io is the right pick (active use of timezone/astronomy/currency bundle, Bronze-tier $/req lead at 100-200K req/mo without threat needs, non-EU global user base).
• Acknowledging that vendor longevity is a defensible concern about us specifically.
• Linking ipgeolocation.io’s pricing page directly so you can verify pricing, Security-API packaging, and feature claims yourself.
• Sourcing all numbers from public pricing pages on the date stamped above.

If you spot a factual error, email hello@ipgeo.10b.app — we’ll edit and add a correction note above the fold within 48h. We’d rather be cited as accurate than aggressive.

Try IP Geo API in 5 minutes

# 1. Sign up — no credit card, 1.000 lookups/day on free tier, threat-block included
open https://ipgeo.10b.app/pricing

# 2. Test against a known IP (Google DNS) — note the bundled threat block
curl https://ipgeo.10b.app/v1/lookup/8.8.8.8 \
  -H "Authorization: Bearer $IPGEO_API_KEY"

# 3. Inspect the threat fields — no Security-API SKU upgrade required
curl https://ipgeo.10b.app/v1/lookup/8.8.8.8 \
  -H "Authorization: Bearer $IPGEO_API_KEY" | jq '.threat'

Sign up free → · Full ipgeolocation.io comparison → · API reference →

FAQ

Why is ipgeolocation.io’s separately-priced Security API such a big deal? The Security API SKU isn’t just a price increment — it’s a billing-line surprise that often hits after the architecture decision is locked in. Teams build the integration around the Geo plan, ship to production, and discover during the first abuse incident that their is_proxy / is_tor flags are restricted to the Security tier. At that point you’re either upgrading mid-quarter or shipping fraud-detection logic without the most-used signal. We bundle the threat block on the free tier so you never hit that surprise.

Is the threat data better than ipgeolocation.io’s Security API? Different upstream composition. Our is_vpn/is_proxy/is_tor/is_datacenter/is_residential classifiers run on an ensemble of public abuse feeds (Spamhaus DROP, FireHOL, AbuseIPDB-lite) plus our own passive-probe data. ipgeolocation.io’s Security-API composition is not publicly documented and the surface is similar (proxy + Tor + anonymous flags, no first-class VPN classification or residential-vs-datacenter distinction in the documented schema). Both cover the common 80% of fraud-relevant flags well; specialized fraud platforms typically run their own ML on top regardless of vendor.

Do you offer the bundled astronomy / currency / timezone endpoints? Timezone is included in our location.timezone field (IANA name + offset). Astronomy and currency are not — they’re separate domains and we’d rather be best-in-class for IP geo + threat than mediocre for 5 categories. There are excellent dedicated APIs for timezone math (e.g. timezonedb), astronomy, and currency conversion. If a single bundled call across all four matters more than EU residency + bundled threat, ipgeolocation.io stays your pick.

Will my ipgeolocation.io-shaped code work as-is with IP Geo API? Mostly the field semantics overlap, but the shape differs (their flat schema vs our nested-object schema). country_code2 → country.iso_code, state_prov → location.region, latitude/longitude → location.lat/location.lng. A thin adapter (~10 lines) covers the migration. See the field mapping table.

What happens if your API has an outage? Public status page: https://status.ipgeo.10b.app with a 90-day rolling history. Our SLA is 99.5% on Business plan (multi-region active-active across Frankfurt + Amsterdam). Most production deployments cache responses with a TTL of 1-24h, which means a brief API outage degrades to stale data, not failed lookups.

Related reading

Practical companion (highly recommended if you’ve decided to switch):

• How to Migrate from ipgeolocation.io to IP Geo API in 2026 → — step-by-step drop-in guide: field-by-field map, code diffs in Python / Node / Go, shadow mode, gradual cutover, rollback plan, and the 7 week-one gotchas.
• Migrate from IP2Location to IP Geo API — BIN/CSV/MMDB decommission + IP2Proxy SKU consolidation + USD-annual-to-EUR-monthly billing + proxy_type enum-vs-split-booleans gotchas

Drop-in migration guides for adjacent providers (in case you’re consolidating multiple sources onto IP Geo API):

• Migrate from MaxMind GeoIP2 to IP Geo API — .mmdb-to-API field map, weekly-sync pain, GeoIP2 nested-shape compatibility
• Migrate from ipinfo.io to IP Geo API — loc-string + ASN-org regex + Authorization-header gotchas
• Migrate from ipstack to IP Geo API — HTTP→HTTPS scheme flip + Security-Module paywall + connection.asn integer typing
• Migrate from ipapi.co to IP Geo API — attribution-backlink scrub + org concatenation regex + free-tier rate-limit fragmentation
• Migrate from DB-IP to IP Geo API — MMDB/CSV-download decommission + IP-to-Threat / Anonymous / Datacenter SKU consolidation + CC-BY-4.0 attribution-backlink scrub + countryCode3 ISO-3 vs ISO-2 gotchas

If you’re evaluating IP geolocation APIs against multiple providers, the other head-on comparisons in this series may help:

• IP Geo API vs ipinfo.io in 2026 — head-on with the dominant North-American incumbent
• IP Geo API vs MaxMind in 2026 — managed API vs self-hosted GeoIP2 dataset trade-offs
• IP Geo API vs ipstack in 2026 — modern EU-hosted alternative for ipstack migrations
• IP Geo API vs ipapi.co in 2026 — pricing, throughput and threat-intel comparison
• IP Geo API vs IP2Location in 2026 — REST-first vs database-download, IP2Proxy bundling, EU residency
• IP Geo API vs DB-IP in 2026 — REST-first vs MMDB-download EU-vs-EU, attribution-free free tier, threat bundling

Industry deep-dives

• IP Geolocation for Fintech — KYC, Sanctions Screening, Fraud, and EU Residency → — fintech-specific deep-dive: the three IP-control surfaces (KYC country-of-origin, OFAC/EU sanctions, payment-fraud risk), EU-hosted GDPR posture, EUR billing, ASN-level hosting detection, and ≤40 ms median EU-edge latency for 800-1200 ms PSP authorisation budgets.

• IP Geolocation for Ad-Tech — RTB Enrichment, SIVT/IVT Filtering, and Click-Fraud Attribution → — ad-tech-specific deep-dive: the three IP-control surfaces (RTB bid enrichment with ≤40 ms latency budget + OpenRTB 2.6 device.geo/device.ext, SIVT/IVT filtering with IAB-confirmed datacenter ASN block-list, click-fraud post-back attribution + risk scoring), EU-hosted GDPR + ePrivacy + IAB-TCF v2.2 posture, bundled threat fields, ASN-level granularity, and predictable EUR billing.

• IP Geolocation for iGaming — Licence-Jurisdiction Enforcement, VPN-Circumvention Scoring, and Self-Exclusion Register Routing → — iGaming-specific deep-dive: the three IP-control surfaces (licence-jurisdiction enforcement with hard-fail-closed posture across MGA/UKGC/KSA/DGOJ/ANJ/ADM/DAS, anti-circumvention scoring with residential-proxy ASN block-list covering Bright Data + Oxylabs + Smartproxy + IPRoyal, self-exclusion register routing to GamStop/CRUKS/ROFUS/Spelpaus/OASIS by IP-country), EU-hosted GDPR + EGBA posture, bundled threat fields, ASN-level granularity, and predictable EUR billing.

• IP Geolocation for SaaS Monetization — Geo-Pricing, EU-VAT/DAC7 Tax-Routing, Trial-Abuse Scoring, and OFAC/EAR Export-Controls → — SaaS-specific deep-dive: the four IP-control surfaces (PPP-anchored geo-pricing with ≤40 ms checkout-flow budget, EU-VAT-MOSS + OECD DAC7 tax-routing to the right Stripe/Adyen/Braintree/Paddle tax-id, trial-abuse detection with residential-proxy ASN block-list across Bright Data/Oxylabs/Smartproxy/IPRoyal, and OFAC SDN + EAR export-controls feature-gating), EU-hosted GDPR posture, bundled threat fields, ASN-level granularity, and predictable EUR billing.

• IP Geolocation for Streaming Media — Content Licensing, VPN-Bypass Defence, CDN POP Steering, and SSAI Ad-Insertion → — Streaming-media-specific deep-dive: the four IP-control surfaces (per-territory licensing enforcement with hard-fail-closed HTTP 451 on ambiguous resolve, VPN/proxy/Tor circumvention defence with residential-proxy ASN block-list across Bright Data/Oxylabs/Smartproxy/IPRoyal, CDN POP steering and adaptive bitrate-ladder selection across Akamai/Cloudflare/Fastly/BunnyCDN/Lumen, and SSAI ad-insertion targeting with sports blackout windows via Haversine GPS-distance), ≤40 ms session-init budget on EU edges, studio-grade 24-month audit trail, threat fields on every plan, ASN-level granularity, and EU-hosted GDPR + AVMSD (Directive 2018/1808) posture.

• IP Geolocation for E-commerce — Tax-Jurisdiction Routing, BIN-vs-IP Carding Defence, PPP-Adjusted Currency Display, and Shipping-Zone Fulfilment Routing → — E-commerce-specific deep-dive: the four IP-control surfaces (EU OSS distance-sales 27-rate map + UK VAT 20% + CH-VAT 7.7% + NO MVA 25% + US Wayfair 13-state nexus + CA GST/HST per-province + AU/SG/IN/BR/JP GST/ICMS/JCT with sanctions hard-stop on IR/KP/SY/CU/BY/RU/MM/VE at checkout; BIN-vs-IP carding + refund-fraud 6-factor weighted score at place-order with residential-proxy ASN block-list across Bright Data/Oxylabs/Smartproxy/IPRoyal/Tier3; PPP-adjusted 7-tier pricebook on first paint with VPN/proxy fall-back to BIN-billing-country; 9-warehouse fulfilment routing FRA/AMS/MAD/MIL/DOV/IAD/LAX/DEL/SIN with DDP/DDU duty pre-calc and lithium/aerosol/prescription destination-gates), ≤40 ms checkout-first-paint budget, DAC7/GDPR/EU OSS audit posture, bundled threat fields on every plan, ASN-level granularity, and EUR billing.

• IP Geolocation for Healthcare — Cross-Border Telehealth Licensing, HIPAA PHI/EPHI Access Geofencing, EU Patient-Data Residency w/ Schrems II Routing, and Cross-Border Pharma + DEA Schedule Gating → — Healthcare-specific deep-dive: the four IP-control surfaces (cross-border telehealth licensure match at consult-init w/ US IMLC 41-state partial + CA/FL/NY/TX independent + EU MRPQ Directive 2005/36/EC + DE Bundesärztekammer + NL BIG + FR ONM + UK GMC + HTTP 451 hard-fail-closed on jurisdiction-mismatch + NO_RECIPROCITY hard-stop on IR/KP/SY/CU/BY/RU/MM/VE/AF/SO; HIPAA 45 CFR §164.308(a)(4) PHI/EPHI access geofencing w/ clinical-ASN allowlist Epic/Cerner/Allscripts/Mayo/MGH/Cleveland/Kaiser + residential-proxy ASN reject Bright Data/Oxylabs/Smartproxy/IPRoyal/Tier3 + home-office BAA-attested workstation allowlist + risk_score < 30 soft-allow; EU patient-data residency w/ GDPR Art. 9 special-category + EDPB Recommendations 01/2020 supplementary technical measures + Schrems II SCC flag for US-shard + routing to 6 EHR shards EU-FRA/EU-AMS/UK-LON/US-IAD/CA-YYZ/AU-SYD w/ VPN/proxy → fall-back to EU-FRA highest protection; cross-border pharma + controlled-substance gating w/ DEA Schedules I-V + Ryan Haight Act §3 in-person-eval requirement for telemed Rx + EU Falsified Medicines Directive 2011/62/EU originator-country audit + per-country bans for cannabis/CBD/psilocybin/MDMA/kratom), ≤40 ms consult-init budget, HIPAA/GDPR Art. 9/Schrems II/DEA/EU FMD audit posture, bundled threat fields on every plan, ASN-level granularity, and EUR billing.

• IP Geolocation for Travel + Hospitality — Geo-Rate Enforcement + Dynamic-Pricing per Booking Origin, OTA Carding + ATO Defence, OFAC/EU CONSILIUM/UK OFSI Sanctions Screening at Booking-Init, and GDS + EU OSS / DAC7 Reporting → — Travel/hospitality-specific deep-dive: the four IP-control surfaces (geo-rate enforcement + dynamic-pricing per booking origin w/ 8-tier pricebook T1 EU-Lux 1.00x → T8 Africa 0.75x + VPN/proxy/Tor fall-back to T2_NA_LUX anti-arbitrage + SANCTIONS_HARDSTOP on IR/KP/SY/CU/BY/RU/MM/VE/AF/SO HTTP 451 at search-render + BIN-billing-country pin at checkout; OTA carding + ATO defence at booking checkout w/ corporate-travel-platform ASN allowlist AS-CWT/Amex GBT/BCD/FCM/Egencia/Navan/Amadeus/Sabre fast-lane + consumer-OTA reject on VPN/Tor/relay + residential-proxy ASN block Bright Data/Oxylabs/Smartproxy/IPRoyal/Tier3 + 6-factor carding score threshold ≥70; OFAC + EU CONSILIUM + UK OFSI sanctions screening at booking-init w/ sanctioned-origin hard-stop regardless of session residency + EU 6AMLD compelled-disclosure on VPN/proxy + US-Cuba 31 CFR §515 General License gate + luxury-segment AML thresholds yacht €10K / private jet €20K / villa €5K/night / heli €3K + PEP screen + source-of-funds eval; GDS + inventory routing + EU OSS / DAC7 reporting w/ Amadeus EU/UK + Sabre US/CA + Travelport APAC + 27 EU-MS destination-VAT rates DE 19% → HU 27% + NO 25% + CH 8.1% + UK 20% + DAC7 Directive 2021/514 reportable-platform-operator evidence-log 5-year retention + Jan-31 lead-MS annual report), ≤40 ms search-render budget, OFAC/EU CONSILIUM/UK OFSI/DAC7/EU OSS/HOTREC audit posture, bundled threat fields on every plan, ASN-level granularity, and EUR billing.

Last reviewed 2026-05-09 · IP Geo API team · Comments / corrections: hello@ipgeo.10b.app

Pairs with the full ipgeolocation.io alternative comparison page — has the complete feature matrix, migration guide, and pricing snapshot.