BosINT API
Join BosINT Pro
API access is available to Pro members. Get access.
1,000
Daily Call Limit
Generate Key
Retrieve your API key from BosINT Online.
120
Requests / Minute
Run Command
Pass your key in the endpoint path to authenticate.
11
Production Tools
curl "https://app.bosint.gg/bosintapi/YOUR_API_KEY/ip/8.8.8.8"
Authentication
All API requests must include your secret API key in the URL path. This ensures secure access to your daily quota and command set.
Endpoint Architecture
Your API key follows the standard bosint_ prefix format and is unique to your account.
bosint_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2
API Endpoints
All endpoints accept GET and POST requests. Parameters can be passed via URL path, query string, or JSON body.
Retrieve geolocation, ISP, ASN, and threat intelligence for an IP address. Also available as /iplookup/{ip}.
| Parameter | Type | Description |
|---|---|---|
| ip_address | string | IPv4 or IPv6 address required |
GET /bosintapi/{key}/ip/8.8.8.8DNS records, WHOIS data, registrar info, and Microsoft tenant detection.
| Parameter | Type | Description |
|---|---|---|
| domain | string | Domain name (e.g., example.com) required |
GET /bosintapi/{key}/domain/google.comCarrier info, location, line type, timezone, and associated names when available.
| Parameter | Type | Description |
|---|---|---|
| number | string | Phone number with country code required |
GET /bosintapi/{key}/phone/+12025551234Profile data, account creation date, badges, bot status, and activity patterns.
| Parameter | Type | Description |
|---|---|---|
| user_id | string | Discord user ID (snowflake) required |
GET /bosintapi/{key}/discord/123456789012345678Steam profile analysis including games, friends, and account statistics.
| Parameter | Type | Description |
|---|---|---|
| steam_id | string | SteamID64 or vanity URL required |
GET /bosintapi/{key}/steam/76561198012345678Check if an email has been compromised in known data breaches. Also available as /email-pwn/{email}.
| Parameter | Type | Description |
|---|---|---|
| string | Email address to check required |
GET /bosintapi/{key}/email/[email protected]Search for a username across 3,000+ social media platforms and websites.
| Parameter | Type | Description |
|---|---|---|
| username | string | Username to search required |
GET /bosintapi/{key}/username/johndoeSearch for mentions across dark web sources and breach databases.
| Parameter | Type | Description |
|---|---|---|
| query | string | Search term (email, username, etc.) required |
GET /bosintapi/{key}/darkweb/[email protected]Check if a password has been exposed in known data breaches.
| Parameter | Type | Description |
|---|---|---|
| password | string | Password to check required |
GET /bosintapi/{key}/password/test123Analyze URLs for safety, redirects, and threat intelligence. Also available as /url-detective/{url}.
| Parameter | Type | Description |
|---|---|---|
| url | string | Full URL to analyze required |
GET /bosintapi/{key}/url/https://example.comVehicle identification number lookup for automotive intelligence.
| Parameter | Type | Description |
|---|---|---|
| vin | string | 17-character VIN required |
GET /bosintapi/{key}/vin/1HGBH41JXMN109186Response Format
All responses are JSON with a consistent structure. Every response includes metadata about your API usage.
Successful Response
{
"success": true,
"data": {
"phone": "202-555-1234",
"location": "Washington, DC",
"carrier": "Verizon Wireless",
"line_type": "MOBILE",
"time_zone": "America/New_York"
},
"query": "+12025551234",
"api_metadata": {
"daily_usage": 42,
"daily_limit": 1000,
"command": "phone",
"timestamp": "2025-01-20T15:30:00.000Z"
}
}
HTTP Status Codes
The API uses standard HTTP status codes to indicate request outcomes.
| Code | Status | Description |
|---|---|---|
| 200 | OK | Request successful, data returned |
| 400 | Bad Request | Missing required parameter or invalid format |
| 401 | Unauthorized | Invalid or missing API key |
| 403 | Forbidden | Account suspended or Pro subscription required |
| 429 | Too Many Requests | Daily limit (1000) or rate limit (120/min) exceeded |
| 500 | Internal Error | Server error, try again later |
Error Codes
Error responses include a code field for programmatic handling.
{
"success": false,
"error": "Invalid API key",
"code": "INVALID_API_KEY"
}
Error Code Reference
| Code | HTTP | Description |
|---|---|---|
| INVALID_API_KEY | 401 | API key is invalid or not found |
| PRO_REQUIRED | 403 | Active Pro subscription required for API access |
| ACCOUNT_SUSPENDED | 403 | Account has been suspended |
| RATE_LIMIT_EXCEEDED | 429 | Daily limit of 1000 calls exceeded |
| UNKNOWN_COMMAND | 400 | Command not recognized |
| UNSUPPORTED_COMMAND | 400 | Command exists but not available via API |
| INTERNAL_ERROR | 500 | Server-side error occurred |
daily_usage and daily_limit fields to help you track usage.
Python Examples
Use the requests library to interact with the BosINT API.
import requests API_KEY = "bosint_your_api_key_here" BASE_URL = "https://app.bosint.gg/bosintapi" def ip_lookup(ip_address): url = f"{BASE_URL}/{API_KEY}/ip/{ip_address}" response = requests.get(url) data = response.json() if data['success']: return data['data'] else: print(f"Error: {data['error']} ({data.get('code', 'N/A')})") return None # Example usage result = ip_lookup("8.8.8.8") if result: print(f"Country: {result.get('country')}") print(f"ISP: {result.get('isp')}")
import requests from typing import Optional, Dict, Any class BosINTClient: def __init__(self, api_key: str): self.api_key = api_key self.base_url = "https://app.bosint.gg/bosintapi" def _request(self, command: str, query: str) -> Dict[str, Any]: url = f"{self.base_url}/{self.api_key}/{command}/{query}" response = requests.get(url, timeout=30) data = response.json() if not data.get('success'): code = data.get('code', 'UNKNOWN') raise Exception(f"{data.get('error')} [{code}]") return data def ip(self, ip: str): return self._request("ip", ip) def domain(self, domain: str): return self._request("domain", domain) def phone(self, number: str): return self._request("phone", number) def discord(self, user_id: str): return self._request("discord", user_id) def username(self, name: str): return self._request("username", name) # Usage client = BosINTClient("bosint_your_api_key") try: result = client.ip("8.8.8.8") print(result['data']) except Exception as e: print(f"API Error: {e}")
cURL Examples
Test endpoints directly from your terminal.
# IP Lookup curl "https://app.bosint.gg/bosintapi/YOUR_KEY/ip/8.8.8.8" # Domain Analysis curl "https://app.bosint.gg/bosintapi/YOUR_KEY/domain/google.com" # Phone Lookup curl "https://app.bosint.gg/bosintapi/YOUR_KEY/phone/+12025551234" # Discord User curl "https://app.bosint.gg/bosintapi/YOUR_KEY/discord/123456789" # Username Search curl "https://app.bosint.gg/bosintapi/YOUR_KEY/username/johndoe" # Pretty print with jq curl -s "https://app.bosint.gg/bosintapi/YOUR_KEY/ip/8.8.8.8" | jq .
JavaScript Examples
Use the Fetch API for browser or Node.js applications.
const API_KEY = 'bosint_your_api_key'; const BASE_URL = 'https://app.bosint.gg/bosintapi'; async function bosintRequest(command, query) { const url = `${BASE_URL}/${API_KEY}/${command}/${query}`; const response = await fetch(url); const data = await response.json(); if (!data.success) { throw new Error(`${data.error} [${data.code}]`); } return data; } // Usage try { const result = await bosintRequest('ip', '8.8.8.8'); console.log(result.data); console.log(`Usage: ${result.api_metadata.daily_usage}/1000`); } catch (error) { console.error('API Error:', error.message); }