Hazard report
Introduction
The Hazard Report API offers a unique set of cybersecurity metrics that helps businesses combat cyber threats proactively and reactively. It leverages advanced algorithms and third-party sources to monitor IP addresses against trusted blacklist sites and identify anonymizers like VPNs and proxies.
It also assesses the likelihood of every global IP address being assigned to a hosting environment. For more information on how the Hazard Report is prepared, please refer to our Understanding the Hazard Report support article.
Get Started
This API is part of the IP Geolocation API Package and is available in free and paid plans. Please visit the IP Geolocation API Package package page for limits and pricing information.
Endpoints
IPv4 only API Endpoint
Use this endpoint to force API calls routed over the IPv4 network only
Dual-Stack API Endpoint
This endpoint has native IPv6 support and backs the API calls routed over both IPv4 and IPv6 networks
Request
Responses
200Success
Sample Query
Schema
isKnownAsTorServerbooleanDetermines whether the requested ip address is known as utilised by a TOR server
isKnownAsVpnbooleanDetermines whether the requested ip address is known as utilised by a VPN server
isKnownAsProxybooleanDetermines whether the requested ip address is known as utilised by a proxy server
isSpamhausDropbooleanDetermines whether the requested ip address is listed on the spamhause drop all traffic list.
The spamhaus drop (don't route or peer) lists are advisory 'drop all traffic' lists, consisting of netblocks that are 'hijacked'
or leased by professional spam or cyber-crime operations (used for dissemination of malware, trojan downloaders, botnet controllers)
isSpamhausEdropbooleanDetermines whether the requested ip address is listed on the spamhause edrop list
According to spamhaus, edrop is an extension of the drop list that includes sub-allocated netblocks controlled by spammers or cyber criminals
isSpamhausAsnDropbooleandetermines whether the requested ip address is listed on the spamhause asn-drop list.
According to spamhaus, asn-drop contains a list of autonomous system numbers controlled by spammers or cyber criminals, as well as hijacked asns
isBlacklistedUceprotectbooleanDetermines whether the requested ip address is blacklisted at uceprotect.net or backscatterer.org
isBlacklistedBlocklistDebooleanDetermines whether the requested ip address is blacklisted at blocklist.de
isKnownAsMailServerbooleanDetermines whether the requested ip address is known as utilised by an SMTP mail server
mailServerDomainstringThe last detected SMTP domain name making use of this ip address
isKnownAsPublicRouterbooleanDetermines whether the requested ip address is known as utilised by a public router
isBogonbooleanIndicates whether the IP address is excluded from public Internet use
by the authorities but announced into the global routing table via BGP
isUnreachablebooleanDetermines whether the requested ip address is not reachable via the public Internet
hostingLikelihoodintegerThe likelihood 0-10 of a hosting origin
isHostingAsnbooleanDetermines whether the requested ip address was announced by an autonomous system which is likely to publish hosting networks
isCellularbooleanDetermines whether the requested ip address was detected as utilised within a cellular network
iCloudPrivateRelaybooleanDetermines whether the requested ip address was detected as Apple iCloud Private Relay address
Sample Response
403Access denied, or your quota limit has exceeded
Sample Response
405The requested IP address is not valid
Sample Response
500An error has occurred and did not complete your request. Please try again
Sample Response