Getting Started
Authentication
All API requests must be authenticated. HostInfo supports two methods — choose whichever fits your architecture. Your API key is available in the account dashboard.
Bearer Token (recommended)
Pass your key in the Authorization header. Works with all HTTP clients and is the most secure option.
curl "https://api.hostinfo.com/v2/ip/8.8.8.8" \ -H "Authorization: Bearer YOUR_API_TOKEN"
Query Parameter
Append ?token= to the URL. Convenient for quick testing or client-side widgets where header injection isn't easy.
curl \ "https://api.hostinfo.com/v2/ip/8.8.8.8?token=YOUR_API_TOKEN"
Getting Started
Quick Start
Make your first request in under 60 seconds. The base URL for all endpoints is https://api.hostinfo.com.
curl -X GET \ "https://api.hostinfo.com/v2/ip/8.8.8.8" \ -H "Authorization: Bearer YOUR_API_TOKEN" # Response { "ip": "8.8.8.8", "country": "US", "org": "Google LLC", "asn": "AS15169", "city": "Mountain View" }
Getting Started
Rate Limits
Every response includes rate-limit headers so you can track usage in real time. When the limit is exceeded a 429 response is returned with a Retry-After header.
| Plan | Monthly calls | Req / second | Batch support | SLA |
|---|---|---|---|---|
| Free | 50,000 | 1 | No | — |
| Core | 500,000 | 10 | Yes | 99.5% |
| Plus | 2,000,000 | 50 | Yes | 99.9% |
| Max | 10,000,000 | 200 | Yes | 99.9% |
| Enterprise | Unlimited | Custom | Yes | 99.99% |
Rate-limit headers in every response: X-RateLimit-Limit X-RateLimit-Remaining X-RateLimit-Reset
Getting Started
Error Codes
All errors follow standard HTTP status codes. The body is always JSON containing error, message, and optional retry_after and docs fields.
| Status | Error code | Description |
|---|---|---|
| 400 | bad_request | Malformed request — invalid IP, missing field, or bad JSON body. |
| 401 | unauthorized | No API token provided, or the token is invalid or expired. |
| 403 | forbidden | Your plan doesn't include access to this endpoint or data field. |
| 404 | not_found | The endpoint path or requested resource doesn't exist. |
| 422 | validation_error | Input is structurally valid but semantically incorrect (e.g. private IP submitted to geo endpoint). |
| 429 | rate_limited | Monthly or per-second rate limit exceeded. Check Retry-After header. |
| 500 | server_error | Unexpected server error — automatically logged and investigated. |
{ "error": "rate_limited", "message": "You have exceeded your rate limit of 1 req/s.", "retry_after": 1, "docs": "https://hostinfo.com/api-docs#errors" }
IP Endpoints
IP Lookup
Returns the full intelligence profile for any IPv4 or IPv6 address — geolocation, ASN, organisation, privacy flags, mobile carrier, abuse contact, and more in a single call.
Parameters
| Name | Type | Description | |
|---|---|---|---|
| ip | string | required | IPv4 or IPv6 address. Pass me to use the caller's IP. |
| fields | string | optional | Comma-separated list of fields to return. Reduces payload size. |
| lang | string | optional | ISO 639-1 language code for translated country/city names (e.g. de, ja). |
Code examples
curl -X GET \ "https://api.hostinfo.com/v2/ip/8.8.8.8" \ -H "Authorization: Bearer YOUR_TOKEN"
Response
{ "ip": "8.8.8.8", "hostname": "dns.google", "anycast": true, "city": "Mountain View", "region": "California", "region_code": "CA", "country": "US", "country_name": "United States", "continent": "NA", "postal": "94043", "lat": 37.386, "lon": -122.083, "timezone": "America/Los_Angeles", "utc_offset": "-0700", "currency": "USD", "org": "Google LLC", "asn": "AS15169", "asn_name": "GOOGLE", "asn_type": "hosting", "route": "8.8.8.0/24", "domain": "google.com", "company_name": "Google LLC", "company_domain": "google.com", "company_type": "hosting", "privacy": { "vpn": false, "proxy": false, "tor": false, "relay": false, "hosting": true }, "abuse_email": "[email protected]", "abuse_phone": "+16502530000", "rir": "ARIN", "bogon": false }
Response fields
| Field | Type | Description |
|---|---|---|
| ip | string | The queried IP address. |
| hostname | string | Reverse DNS hostname, if available. |
| anycast | boolean | Whether the IP is part of an anycast network. |
| city | string | City name for the IP's registered location. |
| region / region_code | string | State or province name and ISO code. |
| country / country_name | string | ISO 3166-1 alpha-2 code and full country name. |
| lat / lon | float | Approximate geographic coordinates (city-level accuracy). |
| timezone | string | IANA timezone identifier (e.g. America/New_York). |
| org | string | Combined ASN + organisation name (e.g. AS15169 Google LLC). |
| asn | string | Autonomous System Number in AS##### format. |
| asn_type | string | Classification: isp / hosting / edu / gov / enterprise. |
| privacy.* | object | Privacy flags: vpn, proxy, tor, relay, hosting. |
| bogon | boolean | Whether the IP is a bogon (unroutable / reserved) address. |
| rir | string | Regional Internet Registry: ARIN, RIPE, APNIC, LACNIC, or AFRINIC. |
IP Endpoints
Batch IP Lookup
Lookup up to 1,000 IP addresses in a single HTTP request. Responses are returned as a JSON array in the same order as the input. Batch is available on Core plan and above.
Request body
| Field | Type | Description | |
|---|---|---|---|
| ips | array | required | Array of IPv4 or IPv6 strings. Maximum 1,000 per request. |
| fields | string | optional | Comma-separated field filter applied to every IP in the batch. |
curl -X POST \ "https://api.hostinfo.com/v2/ip/batch" \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ -d '{"ips":["8.8.8.8","1.1.1.1","104.21.1.1"]}'
IP Endpoints
IP Ranges
Returns all CIDR ranges owned or announced by a given organisation or ASN — useful for building firewall allow/blocklists.
{ "asn": "AS15169", "ranges_v4": ["8.8.8.0/24", "8.8.4.0/24", "34.0.0.0/9"], "ranges_v6": ["2001:4860::/32", "2404:6800::/32"], "total_v4": 621, "total_v6": 84 }
IP Endpoints
IP Subnet
Enumerate and lookup all active IPs within a CIDR subnet. Supports /8, /16, and /24 prefixes.
| Name | Type | Description | |
|---|---|---|---|
| cidr | string | required | CIDR notation, e.g. 192.168.1.0/24. |
| page | integer | optional | Page number for paginated results (default: 1). |
Domain Endpoints
Domain Lookup
Full domain intelligence profile: DNS resolution, WHOIS summary, SSL certificate validity, hosting provider, reputation score, and creation/expiry dates.
Parameters
| Name | Type | Description | |
|---|---|---|---|
| domain | string | required | Registered domain name, e.g. example.com. |
curl "https://api.hostinfo.com/v2/domain/google.com" \ -H "Authorization: Bearer YOUR_TOKEN"
{ "domain": "google.com", "ip": "142.250.80.46", "asn": "AS15169", "registrar": "MarkMonitor Inc.", "created": "1997-09-15", "updated": "2023-09-14", "expires": "2028-09-14", "ssl": { "valid": true, "issuer": "Google Trust Services LLC", "expires": "2026-01-20" }, "hosting_provider": "Google Cloud", "reputation_score": 98, "blacklisted": false }
Domain Endpoints
WHOIS
Returns the full parsed WHOIS record for a domain — registrar, registration and expiry dates, nameservers, status codes, and registrant contact data where available (pre-GDPR redaction).
{ "domain": "google.com", "registrar": "MarkMonitor Inc.", "registrar_url": "https://markmonitor.com", "whois_server": "whois.markmonitor.com", "created_date": "1997-09-15T04:00:00Z", "updated_date": "2023-09-14T08:12:00Z", "expiry_date": "2028-09-14T04:00:00Z", "status": [ "clientDeleteProhibited", "clientTransferProhibited" ], "nameservers": [ "ns1.google.com", "ns2.google.com", "ns3.google.com", "ns4.google.com" ], "dnssec": "unsigned", "registrant_org": "Google LLC", "registrant_country": "US" }
Domain Endpoints
DNS Records
Live DNS lookup returning all record types: A, AAAA, MX, NS, TXT, CNAME, SOA, and CAA. Results are queried in real time via authoritative resolvers.
Parameters
| Name | Type | Description | |
|---|---|---|---|
| domain | string | required | Domain name to resolve. |
| type | string | optional | Filter to a single record type, e.g. MX. Default: all types. |
{ "domain": "google.com", "records": { "A": ["142.250.80.46"], "AAAA": ["2607:f8b0:4004:c1b::71"], "MX": [ { "priority": 10, "exchange": "aspmx.l.google.com" } ], "NS": ["ns1.google.com", "ns2.google.com"], "TXT": ["v=spf1 include:_spf.google.com ~all"], "SOA": { "mname": "ns1.google.com", "serial": 2024040801 } } }
Domain Endpoints
Reverse IP
Returns all domains currently resolving to the given IP address. Results are paginated. Useful for shared hosting analysis, neighbour enumeration, and abuse investigation.
Parameters
| Name | Type | Description | |
|---|---|---|---|
| ip | string | required | IPv4 or IPv6 address. |
| page | integer | optional | Page of results, 100 domains per page (default: 1). |
{ "ip": "104.21.62.1", "total": 2847, "page": 1, "domains": [ "example.com", "test-site.net", "myapp.io" ] }
ASN Endpoints
ASN Lookup
Returns full BGP and organisation data for an Autonomous System. Query by ASN number, or pass an IP address to resolve its ASN automatically.
Parameters
| Name | Type | Description | |
|---|---|---|---|
| asn | string | required | ASN in AS15169 or plain numeric format 15169, or an IP address. |
curl "https://api.hostinfo.com/v2/asn/AS15169" \ -H "Authorization: Bearer YOUR_TOKEN"
{ "asn": "AS15169", "asn_name": "GOOGLE", "asn_type": "hosting", "country": "US", "domain": "google.com", "rir": "ARIN", "num_ips": 4718592, "num_prefixes_v4": 621, "num_prefixes_v6": 84, "peers": ["AS1299", "AS174", "AS6461"] }
ASN Endpoints
ASN Prefixes
Returns the complete list of IPv4 and IPv6 prefixes announced by the ASN. Data sourced from BGP route collectors and refreshed hourly. Available on Max plan.
{ "asn": "AS15169", "prefixes_v4": [ { "prefix": "8.8.8.0/24", "name": "GOOGLE", "num_ips": 256 }, { "prefix": "8.8.4.0/24", "name": "GOOGLE", "num_ips": 256 } ], "prefixes_v6": [ { "prefix": "2001:4860::/32", "name": "GOOGLE-IPV6" } ] }
Abuse & Threat
Abuse Check
Returns the registered abuse contact for an IP's network block — email, phone, organisation, and RIR handle. Use this to automate abuse reporting workflows.
{ "ip": "8.8.8.8", "email": "[email protected]", "phone": "+16502530000", "org": "Google LLC", "rir": "ARIN", "handle": "ABUSE5250-ARIN", "network": "8.8.8.0/24" }
Abuse & Threat
Threat Score
Returns a composite threat score (0–100) for an IP address, derived from threat intelligence feeds, abuse history, privacy flags, and BGP anomaly signals.
{ "ip": "198.51.100.1", "threat_score": 74, "threat_level": "high", "signals": { "vpn": true, "proxy": false, "tor": false, "datacenter": true, "abuse_reports": 12, "blocklisted": true }, "recommendation": "block" }
Abuse & Threat
Blocklist Check
Checks the given IP against 50+ industry blocklists and threat intelligence feeds, returning which lists it appears on and when it was last seen.
{ "ip": "198.51.100.1", "listed": true, "list_count": 4, "lists": [ { "name": "Spamhaus SBL", "last_seen": "2026-04-10" }, { "name": "SORBS DUHL", "last_seen": "2026-04-15" }, { "name": "Barracuda BRBL", "last_seen": "2026-04-12" }, { "name": "AbuseIPDB", "last_seen": "2026-04-17" } ] }
SDKs
Official SDKs
Native client libraries maintained by HostInfo. All SDKs support the full API surface, auto-retry on 429, and structured response objects.
Python (3.8+)
pip install hostinfo import hostinfo hi = hostinfo.Client("YOUR_API_TOKEN") # IP lookup ip = hi.ip("8.8.8.8") print(ip.city, ip.country, ip.asn) # Batch lookup results = hi.ip_batch(["8.8.8.8", "1.1.1.1"]) # Domain lookup domain = hi.domain("google.com") print(domain.registrar, domain.expires) # ASN lookup asn = hi.asn("AS15169") print(asn.asn_name, asn.num_prefixes_v4)
Node.js (18+, ESM & CJS)
npm install @hostinfo/sdk import HostInfo from '@hostinfo/sdk'; const hi = new HostInfo('YOUR_API_TOKEN'); // IP lookup const ip = await hi.ip('8.8.8.8'); console.log(ip.city, ip.country); // Domain lookup const domain = await hi.domain('google.com'); console.log(domain.registrar);
PHP (7.4+)
composer require hostinfo/php-sdk use HostInfo\Client; $hi = new Client('YOUR_API_TOKEN'); // IP lookup $ip = $hi->ip('8.8.8.8'); echo $ip->city . ', ' . $ip->country; // ASN lookup $asn = $hi->asn('AS15169'); echo $asn->asn_name;
Go (1.18+)
go get github.com/hostinfo/go-sdk package main import ( "fmt" hi "github.com/hostinfo/go-sdk" ) func main() { client := hi.New("YOUR_API_TOKEN") ip, _ := client.IP("8.8.8.8") fmt.Println(ip.City, ip.Country) asn, _ := client.ASN("AS15169") fmt.Println(asn.Name) }
Ruby (2.7+)
gem install hostinfo require 'hostinfo' hi = HostInfo::Client.new('YOUR_API_TOKEN') ip = hi.ip('8.8.8.8') puts ip.city, ip.country asn = hi.asn('AS15169') puts asn.asn_name
Other
Changelog
- Added threat_score field to IP Lookup response
- New GET /v2/ip/{ip}/blocklist endpoint — 50+ list coverage
- IPv6 prefix support in ASN Prefixes endpoint
- Batch endpoint now supports 1,000 IPs (up from 500)
- Added lang parameter for translated city/country names
- Go SDK released (v1.0.0)
- New base URL — api.hostinfo.com/v2/
- Unified IP Lookup endpoint replaces separate geo/asn/privacy endpoints
- Rate-limit headers renamed to X-RateLimit-*
- Migration guide →