Privacy Policy



Last updated: March 13, 2026

1. Introduction

robtex.com is operated by Robtex. This privacy policy covers all Robtex websites (robtex.com, hashxp.org, rbls.org, dns.ninja, rtsak.com), our REST APIs (freeapi.robtex.com, proapi.robtex.com), MCP (Model Context Protocol) integrations, and the Robtex Slack bot. Our services provide network intelligence tools including DNS lookups, IP geolocation, BGP routing data, WHOIS, Bitcoin/Lightning Network analysis, and related functionality.

Our services do not require account registration. However, we process limited technical identifiers and operational metadata to provide, secure, and debug the service, as described below. We adhere to the principle of data minimization by collecting only what is necessary for service delivery and security.

2. Data We Collect

Website Visitors

  • IP address — used for rate limiting, abuse prevention, and approximate geolocation for ad targeting.
  • Browser information — user-agent string, referrer, pages visited. Collected via cookies and Google Analytics (GA4) for traffic statistics.
  • Cookies — used by Google Analytics (traffic statistics), Google AdSense (ad personalization), and Cloudflare (security and load balancing). See Section 9 below.

API and MCP Users

When you query our REST API or MCP endpoints, we log:

  • IP address — for rate limiting and abuse prevention.
  • Query inputs — the domains, IP addresses, AS numbers, Bitcoin addresses, Lightning Network node IDs, or other network identifiers you submit. These are used to generate query results and are retained in operational logs for up to 90 days for abuse prevention and debugging.
  • Request metadata — user-agent, timestamp, response status, duration, response size, and origin header. We do not log Authorization headers, cookies, API keys, access tokens, private keys, or other credentials. For MCP requests, we log the JSON-RPC method name and tool arguments (the specific query parameters), not the full request body.

MCP tool inputs are processed in real-time to generate results. Tool outputs are derived exclusively from public data sources (DNS records, WHOIS, BGP routing tables, blockchain data) and do not contain personal information about the querying user.

Slack Bot Users

When you use the Robtex Slack bot, we log:

  • Command text — the query you send (e.g., "8.8.8.8", "google.com").
  • Workspace metadata — workspace ID and team name, for rate limiting and install tracking.
  • Slack user ID — used to render the App Home tab. We do not store usernames, emails, or profile data.

x402 Micropayment Users

For x402 payment-gated API requests, we additionally log the wallet address, transaction hash, and payment amount for payment verification.

3. How We Use Data

  • Query inputs are used to look up and return the requested network information (generating results).
  • IP addresses and request metadata (user-agent, timestamps) are used for rate limiting, abuse prevention, and debugging.
  • Aggregate, anonymized statistics (request counts, error rates, response times) are used for reliability monitoring and performance analysis. We do not use API/MCP query content for advertising, profiling, or machine learning model training.

4. Data We Do NOT Collect

  • We do not require or store user accounts, passwords, email addresses, names, or other personal identity information.
  • We do not read or store Slack channel messages, files, or conversations beyond the commands directed at our bot.
  • We do not use query data to train machine learning models.
  • We do not build user profiles or track users across services.
  • We do not collect or process prohibited sensitive data categories, including payment card information (PCI), protected health information (PHI), government-issued identification numbers, or authentication credentials.

Do not submit sensitive data: Our tools are designed for public network identifiers (domains, IPs, AS numbers, Bitcoin addresses). Do not submit payment card numbers, bank account details, health information, government IDs, passwords, API keys, OAuth tokens, cryptocurrency private keys, or wallet seed phrases. If such data is submitted inadvertently, contact us at info@robtex.com and we will use reasonable efforts to delete or redact it.

Children's privacy: Our services are not intended for children under 13. We do not knowingly collect personal data from children. If we become aware that a child under 13 has provided personal data, we will take steps to delete it.

5. Third-Party Services

We use the following third-party services on our websites:

  • Google Analytics (GA4) — collects anonymized traffic statistics (page views, session duration, browser type). Subject to Google's Privacy Policy.
  • Google AdSense — serves personalized advertisements based on cookies and browsing behavior. Subject to Google's Ad Policy.
  • Cloudflare — provides CDN, DDoS protection, and security. Subject to Cloudflare's Privacy Policy.

API, MCP, and Slack bot query data is not shared with Google Analytics or Google AdSense.

To fulfill lookup requests, the specific identifier you query (such as a domain name, IP address, or Bitcoin address) is sent to the relevant public infrastructure to retrieve results. These external services receive only the queried identifier, not your IP address or other request metadata. Recipients include:

  • Public DNS resolvers — for domain name resolution
  • WHOIS/RDAP registries (operated by ICANN, RIRs, and domain registrars) — for domain/IP ownership data
  • Public blockchain nodes — for Bitcoin and Lightning Network data
  • BGP/ASN data sources — for routing and network information

Cloudflare proxies all web and API traffic and may process request metadata (IP address, non-sensitive headers) as part of its CDN and security services, subject to Cloudflare's Privacy Policy.

6. Data Retention

  • API/MCP/Slack request logs — retained for up to 90 days for debugging and abuse prevention, then deleted.
  • x402 micropayment logs (wallet address, transaction hash, amount) — retained for up to 90 days, then deleted.
  • Cloudflare edge logs — retained for 7 days by Cloudflare.
  • Google Analytics data — retained per Google's default retention settings (14 months).

Retention periods may be extended up to one year where required for active fraud prevention, security investigation, or legal compliance.

7. Data Sharing

We do not sell personal data. We share data only with the service providers and infrastructure operators listed in Section 5, and only as necessary to operate the service. We may additionally disclose information when required by law or to protect against fraud or abuse of our services.

8. MCP and API Tool Data

When you use Robtex through an MCP integration (e.g., via ChatGPT, Claude, or other AI assistants):

  • Tool inputs (domains, IP addresses, AS numbers, Bitcoin addresses, Lightning Network node IDs) are processed in real-time and logged as described in Section 2.
  • Tool outputs consist of publicly available network data, including DNS records, WHOIS/RDAP data, BGP routes, IP geolocation, blocklist/reputation status, Bitcoin transaction and address details, and Lightning Network node and channel information. Tool outputs are generated from the submitted query and public data sources only. We do not include the user's IP address, user-agent, request headers, or other request metadata in tool outputs, and we do not use those data to personalize results.
  • Third-party data sources — to generate results, query identifiers may be sent to public internet infrastructure (DNS resolvers, WHOIS/RDAP registries, blockchain endpoints) as described in Section 5. We do not forward queries to third parties for marketing, tracking, or advertising.
  • We do not use MCP interactions to train models or for any purpose beyond generating the requested results and maintaining service quality.

Some outputs, such as WHOIS/RDAP records, may contain personal information published by third parties in public registries, including registrant names, organization names, email addresses, phone numbers, or postal addresses. This is public data about the queried resource, not personal data collected from the querying user.

For ChatGPT/MCP requests, the network metadata we receive (such as IP address) may reflect OpenAI or other intermediary infrastructure rather than the end user's device.

9. Cookies

Our websites use cookies for:

  • Analytics — Google Analytics cookies (_ga, _gid) for anonymized traffic statistics.
  • Advertising — Google AdSense cookies for ad personalization. You can opt out via Google Ad Settings.
  • Security — Cloudflare cookies (__cf_bm) for bot detection and load balancing.

You can disable cookies in your browser settings. API and MCP endpoints do not use cookies.

10. User Controls and Data Deletion

  • Cookie opt-out — disable cookies in your browser settings or use Google Ad Settings.
  • Data deletion — you may request deletion of your logged data by contacting info@robtex.com. Because we do not maintain user accounts, please include one or more of the following to help us locate your records: approximate date/time, the query you submitted, the tool or endpoint used, or your IP address. For requests made through ChatGPT or other MCP clients, the IP address logged may belong to the intermediary platform rather than your device, so providing the query value and approximate time is most helpful. We will process deletion requests within 30 days.
  • Slack bot — uninstalling the app from your workspace stops future data collection. Prior command logs are retained for up to 90 days unless you request earlier deletion via info@robtex.com.
  • Operational logging — limited technical logging (IP address, timestamps) is necessary to operate and secure the service and cannot be opted out of while using the service. You may request deletion of retained logs after use as described above.

11. Security

All communication with Robtex services uses TLS encryption. We implement rate limiting, IP-based access controls, and request signature verification (for Slack) to protect against abuse. Logs do not contain raw passwords or authentication tokens.

12. Changes to This Policy

We may update this policy from time to time. The "Last updated" date at the top of this page indicates when changes were last made. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact

For privacy questions, data deletion requests, or concerns: info@robtex.com


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.