API Documentation

Introduction

The Setarys API provides lightweight, read-only endpoints for retrieving information about the requesting client. All responses are JSON. CORS is enabled for all origins.

Experimental. This API is under active development. Response fields and availability are subject to change without notice.

No API key or authentication is required. The API is rate-limited at 60 requests/minute per IP.

Base URL	`https://setarys.xyz/api`
Format	JSON (`application/json`)
Auth	None
CORS	All origins (`*`)
Rate limit	60 req/min per IP
Status	Experimental

GET /api/ip Connection metadata

Returns server-side connection metadata: TLS version negotiated, HTTP protocol, and hostname. Does not log or return the client IP. For public IP detection, use the IP Analysis tool which queries Cloudflare directly from your browser.

Response Fields

tls	TLS version negotiated for this request
http	HTTP protocol version (h2, h3, HTTP/1.1)
host	Host header received by the server
scheme	Connection scheme (https)

# Basic request
curl https://setarys.xyz/api/ip

# Pretty-print with jq
curl -s https://setarys.xyz/api/ip | jq .

const res  = await fetch('https://setarys.xyz/api/ip');
const data = await res.json();

console.log(data.ip);         // "198.51.100.42"
console.log(data.country);    // "CA"
console.log(data.tls);        // "TLSv1.3"

import requests

r    = requests.get('https://setarys.xyz/api/ip')
data = r.json()

print(data['tls'])   # TLSv1.3
print(data['http'])  # h2

Example Response

{
  "tls":    "TLSv1.3",
  "http":   "h2",
  "host":   "setarys.xyz",
  "scheme": "https"
}

GET /api/time Server timestamp

Returns the current server timestamp in ISO 8601, Unix epoch (seconds and milliseconds), and UTC offset.

curl https://setarys.xyz/api/time

const { unix, iso } = await fetch('https://setarys.xyz/api/time').then(r => r.json());
console.log(new Date(unix * 1000));

Example Response

{
  "iso":   "2024-11-14T18:42:05.831Z",
  "unix":  1731606125,
  "ms":    1731606125831,
  "utc":   "Thu, 14 Nov 2024 18:42:05 GMT"
}

GET /api/headers Request headers echo

Returns the full set of HTTP request headers as received by the server. Useful for debugging middleware, CDN configurations, and proxy setups.

Example Response

{
  "headers": {
    "Host":            "setarys.xyz",
    "User-Agent":      "Mozilla/5.0 (X11; Linux x86_64)...",
    "Accept":          "application/json, */*",
    "Accept-Language": "en-CA,en;q=0.9",
    "Accept-Encoding": "gzip, deflate, br"
  }
}

GET /api/trace Full connection trace

Extended trace including TLS info, HTTP protocol, Cloudflare PoP, and key exchange algorithm.

Example Response

{
  "ip":           "198.51.100.42",
  "tls":          "TLSv1.3",
  "http":         "h2",
  "kex":          "X25519",
  "colo":         "YYZ",
  "loc":          "CA",
  "visit_scheme": "https"
}

Rate Limits

To ensure availability for all users, the API is rate-limited per originating IP address.

Limit	60 requests / minute per IP
Burst	Up to 10 concurrent requests
Reset	Rolling 60-second window
Headers	`X-RateLimit-Remaining`, `X-RateLimit-Reset`

Exceeding the rate limit returns HTTP 429 Too Many Requests. Implement exponential backoff in automated scripts.

Error Responses

All errors return a JSON object with a error field and an appropriate HTTP status code.

400	Bad request — malformed query parameters
404	Endpoint not found
429	Rate limit exceeded
500	Internal server error

{
  "error": "rate limit exceeded",
  "retry_after": 23
}

API Reference

Introduction

Response Fields

Example Response

Example Response

Example Response

Example Response

Rate Limits

Error Responses