TCPData is a free, public service designed to help developers test and debug their applications. We want to keep this service available for everyone, so we ask all users to respect these fair use guidelines.
Rate Limits
To prevent abuse and ensure availability for all users, we enforce the following rate limits per IP address:
External API Endpoints10 requests/minute
Applies to: /geoip/:ip, /asn/:ip
Resource-Heavy Endpoints20 requests/minute
Applies to: /latency/:url, /traceroute/:host, /port/:host/:port, /speedtest
Interactive Games500 requests/minute
Applies to: /lunar-lander
All Other Endpoints100 requests/minute
Applies to: Most endpoints including request inspection, status codes, etc.
Rate Limit Response: When you exceed the rate limit, you'll receive a 429 Too Many Requests response with details about the limit and when you can retry.
Prohibited Activities
The following activities are strictly prohibited and will result in immediate blocking:
SSRF Attacks: Attempting to access private IPs, localhost, or cloud metadata endpoints
DDoS Attacks: Intentional attempts to overload or disrupt the service
Malicious Payloads: Sending exploit code, malware, or harmful content
Proxy Abuse: Using TCPData as a proxy to hide malicious activity
Resource Exhaustion: Repeatedly requesting large files or expensive operations
Security Measures
We actively monitor and protect against abuse:
SSRF Protection: Private IPs, localhost, and metadata endpoints are blocked
Rate Limiting: Enforced per IP address using Cloudflare KV storage
Request Validation: All URLs and inputs are validated and sanitized
Cloudflare Protection: DDoS mitigation, bot detection, and WAF rules
Abuse Tracking: Suspicious patterns are logged and analyzed
Consequences of Abuse
Egregious abusers will be permanently blocked. Abuse patterns are tracked across all endpoints. Repeated violations, automated attacks, or malicious activity will result in:
Immediate IP blocking at Cloudflare edge
Permanent ban from all TCPData services
Potential reporting to relevant authorities for serious violations
Best Practices
To be a good citizen of this service:
Respect Rate Limits: Stay within the published limits for each endpoint type
Cache Results: Don't repeatedly request the same data
Use Appropriate Endpoints: Choose the right tool for your use case
Implement Backoff: If you receive a 429, wait before retrying
Self-Host for High Volume: This is open source - deploy your own instance for heavy usage
Need Higher Limits? TCPData is built on Cloudflare Workers, which are designed to scale. The current limits are generous for normal use. If you need significantly higher limits, consider self-hosting or contacting us to discuss your use case.
Updates to This Policy
We may update this Fair Use Policy from time to time. Continued use of TCPData constitutes acceptance of the current policy. Major changes will be announced on the homepage.