Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@maxmind/geoip2-node
Advanced tools
Node.js API for GeoIP2 webservice client and database reader
This package provides a server-side API for the GeoIP2 databases and GeoLite2 databases, and a server-side API for the GeoIP2 web services and GeoLite2 web services.
This package will not work client-side.
npm install @maxmind/geoip2-node
You can also use yarn
or pnpm
.
IP geolocation is inherently imprecise. Locations are often near the center of the population. Any location provided by a GeoIP2 database or web service should not be used to identify a particular address or household.
To use the web service API, you must create a new WebServiceClient
, using
your MaxMind accountID
and licenseKey
as parameters. The third argument is
an object holding additional option. The timeout
option defaults to 3000
.
The host
option defaults to geoip.maxmind.com
. Set host
to geolite.info
to use the GeoLite2 web service instead of GeoIP2. Set host
to
sandbox.maxmind.com
to use the Sandbox environment.
You may then call the function corresponding to a specific end point, passing it the IP address you want to lookup.
If the request succeeds, the function's Promise will resolve with the model for the end point you called. This model in turn contains multiple records, each of which represents part of the data returned by the web service.
If the request fails, the function's Promise will reject with an error object.
See the API documentation for more details.
const WebServiceClient = require('@maxmind/geoip2-node').WebServiceClient;
// Typescript:
// import { WebServiceClient } from '@maxmind/geoip2-node';
// To use the GeoLite2 web service instead of the GeoIP2 web service, set
// the host to geolite.info, e.g.:
// new WebServiceClient('1234', 'licenseKey', {host: 'geolite.info'});
//
// To use the Sandbox GeoIP2 web service instead of the production GeoIP2
// web service, set the host to sandbox.maxmind.com, e.g.:
// new WebServiceClient('1234', 'licenseKey', {host: 'sandbox.maxmind.com'});
const client = new WebServiceClient('1234', 'licenseKey');
client.country('142.1.1.1').then(response => {
console.log(response.country.isoCode); // 'CA'
});
const WebServiceClient = require('@maxmind/geoip2-node').WebServiceClient;
// Typescript:
// import { WebServiceClient } from '@maxmind/geoip2-node';
// To use the GeoLite2 web service instead of the GeoIP2 web service, set
// the host to geolite.info, e.g.:
// new WebServiceClient('1234', 'licenseKey', {host: 'geolite.info'});
const client = new WebServiceClient('1234', 'licenseKey');
client.city('142.1.1.1').then(response => {
console.log(response.country.isoCode); // 'CA'
console.log(response.postal.code); // 'M5S'
});
const WebServiceClient = require('@maxmind/geoip2-node').WebServiceClient;
// Typescript:
// import { WebServiceClient } from '@maxmind/geoip2-node';
// Note that the Insights web service is only supported by the GeoIP2
// web service, not the GeoLite2 web service.
//
// To use the Sandbox GeoIP2 web service instead of the production GeoIP2
// web service, set the host to sandbox.maxmind.com, e.g.:
// new WebServiceClient('1234', 'licenseKey', {host: 'sandbox.maxmind.com'});
const client = new WebServiceClient('1234', 'licenseKey');
client.insights('142.1.1.1').then(response => {
console.log(response.country.isoCode); // 'CA'
console.log(response.postal.code); // 'M5S'
console.log(response.traits.userType); // 'school'
});
For details on the possible errors returned by the web service itself, see the GeoIP2 web service documentation.
If the web service returns an explicit error document, the promise will be rejected with the following object structure:
{
code: 'THE_ERROR_CODE',
error: 'some human readable error',
url: 'https://geoip.maxmind.com...',
}
In addition to the possible errors returned by the web service, the following error codes are provided:
SERVER_ERROR
for 5xx level errorsHTTP_STATUS_CODE_ERROR
for unexpected HTTP status codesINVALID_RESPONSE_BODY
for invalid JSON responses or unparseable response bodiesThe database reader returns a promise that resolves with a reader instance.
You may then call the function corresponding to the request type (e.g.
city
or country
), passing it the IP address you want to look up.
If the request succeeds, the function call will return an object for the GeoIP2 lookup. The object in turn contains multiple record objects, each of which represents part of the data returned by the database.
We use the node-maxmind library as the database reader. As such, you have access to the same options found in that library and can be used like this:
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
const options = {
// you can use options like `cache` or `watchForUpdates`
};
Reader.open('/usr/local/database.mmdb', options).then(reader => {
console.log(reader.country('1.1.1.1'));
});
If you prefer to use a Buffer
instead of using a Promise
to open the
database, you can use Reader.openBuffer()
. Use cases include:
const fs = require('fs');
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
const dbBuffer = fs.readFileSync('/usr/local/city-database.mmdb');
const reader = Reader.openBuffer(dbBuffer);
console.log(reader.city('1.1.1.1'));
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-Anonymous-IP.mmdb').then(reader => {
const response = reader.anonymousIP('85.25.43.84');
console.log(response.isAnonymous); // true
console.log(response.isAnonymousVpn); // false
console.log(response.isHostingProvider); // true
console.log(response.isPublicProxy); // false
console.log(response.isResidentialProxy); // false
console.log(response.isTorExitNode); // false
console.log(response.ipAddress); // '85.25.43.84'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoLite2-ASN.mmdb').then(reader => {
const response = reader.asn('128.101.101.101');
console.log(response.autonomousSystemNumber); // 217
console.log(response.autonomousSystemOrganization); // 'University of Minnesota'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-City.mmdb').then(reader => {
const response = reader.city('128.101.101.101');
console.log(response.country.isoCode); // 'US'
console.log(response.city.names.en); // 'Minneapolis'
console.log(response.postal.code); // '55407'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-Connection-Type.mmdb').then(reader => {
const response = reader.connectionType('128.101.101.101');
console.log(response.connectionType) // 'Cable/DSL'
console.log(response.ipAddress) // '128.101.101.101'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-Country.mmdb').then(reader => {
const response = reader.country('128.101.101.101');
console.log(response.country.isoCode); // 'US'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-Domain.mmdb').then(reader => {
const response = reader.domain('128.101.101.101');
console.log(response.domain) // 'umn.edu'
console.log(response.ipAddress) // '128.101.101.101'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-Enterprise.mmdb').then(reader => {
const response = reader.enterprise('128.101.101.101');
console.log(response.country.isoCode) // 'US'
});
const Reader = require('@maxmind/geoip2-node').Reader;
// Typescript:
// import { Reader } from '@maxmind/geoip2-node';
Reader.open('/usr/local/share/GeoIP/GeoIP2-ISP.mmdb').then(reader => {
const response = reader.isp('128.101.101.101');
console.log(response.autonomousSystemNumber); // 217
console.log(response.autonomousSystemOrganization); // 'University of Minnesota'
console.log(response.isp); // 'University of Minnesota'
console.log(response.organization); // 'University of Minnesota'
console.log(response.ipAddress); // '128.101.101.101'
});
If the database file does not exist, is not readable, is invalid, or there is a bug
in the reader, the promise will be rejected with an Error
with a message
explaining the issue.
If the database file and the reader method do not match (e.g.
reader.city
is used with a Country database), a BadMethodCalledError
will
be thrown.
If the IP address is not found in the database, an AddressNotFoundError
will
be thrown.
If the IP address is not valid, a ValueError
will be thrown.
If the database buffer is not a valid database, an InvalidDbBufferError
will
be thrown.
We strongly discourage you from using a value from any names
property as a
key in a database or object.
These names may change between releases. Instead we recommend using one of the following:
city.geonameId
continent.code
or continent.geonameId
country.isoCode
or country.geonameId
subdivision.isoCode
or subdivision.geonameId
While many of the models contain the same basic records, the attributes which can be populated vary between web service end points or databases. In addition, while a model may offer a particular piece of data, MaxMind does not always have every piece of data for any given IP address.
Because of these factors, it is possible for any request to return a record where some or all of the attributes are unpopulated.
The only piece of data which is always returned is the ipAddress
attribute in
the geoip2-node.TraitsRecord
record.
GeoNames offers web services and downloadable
databases with data on geographical features around the world, including
populated places. They offer both free and paid premium data. Each feature
is uniquely identified by a geonameId
, which is an integer.
Many of the records returned by the GeoIP web services and databases include a
geonameId
field. This is the ID of a geographical feature (city, region,
country, etc.) in the GeoNames database.
Some of the data that MaxMind provides is also sourced from GeoNames. We source things like place names, ISO codes, and other similar data from the GeoNames premium data set.
If the problem you find is that an IP address is incorrectly mapped, please submit your correction to MaxMind.
If you find some other sort of mistake, like an incorrect spelling, please check the GeoNames site first. Once you've searched for a place and found it on the GeoNames map view, there are a number of links you can use to correct data ("move", "edit", "alternate names", etc.). Once the correction is part of the GeoNames data set, it will be automatically incorporated into future MaxMind releases.
If you are a paying MaxMind customer and you're not sure where to submit a correction, please contact MaxMind support for help.
MaxMind has tested this API with Node.js versions 18 and 20. We aim to support active and maintained LTS versions of Node.js.
Patches and pull requests are encouraged. Please include unit tests whenever possible, as we strive to maintain 100% code coverage.
The GeoIP2 Node.js API uses Semantic Versioning.
Please report all issues with this code using the GitHub issue tracker
If you are having an issue with a MaxMind service that is not specific to the client API, please contact MaxMind support for assistance.
This software is Copyright (c) 2018-2023 by MaxMind, Inc.
This is free software, licensed under the Apache License, Version 2.0.
FAQs
Node.js API for GeoIP2 webservice client and database reader
The npm package @maxmind/geoip2-node receives a total of 46,127 weekly downloads. As such, @maxmind/geoip2-node popularity was classified as popular.
We found that @maxmind/geoip2-node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.