Hazard report

Introduction

The Hazard Report API offers a unique set of cybersecurity metrics that helps businesses combat cyber threats proactively and reactively. It leverages advanced algorithms and third-party sources to monitor IP addresses against trusted blacklist sites and identify anonymizers like VPNs and proxies.

It also assesses the likelihood of every global IP address being assigned to a hosting environment. For more information on how the Hazard Report is prepared, please refer to our Understanding the Hazard Report support article.

Get Started

This API is part of the IP Geolocation API Package and is available in free and paid plans. Please visit the IP Geolocation API Package package page for limits and pricing information.

Endpoints

IPv4 only API Endpoint

Use this endpoint to force API calls routed over the IPv4 network only

GET
https://api.bigdatacloud.net/data/hazard-report

Dual-Stack API Endpoint

This endpoint has native IPv6 support and backs the API calls routed over both IPv4 and IPv6 networks

GET
https://api-bdc.net/data/hazard-report

Request

Parameter
ip
Type
string
Required
Yes
Description
IPv4 IP address in a string or numeric format or IPv6 IP address in a string format. If omitted, the caller’s IP address is assumed
Parameter
key
Type
string
Required
Yes
Description
Your API key

Responses

200
OK

Sample Query

GET
https://api-bdc.net/data/hazard-report?ip=3.236.143.154&key=[YOUR API KEY]

Schema

application/json
isKnownAsTorServerboolean
Determines whether the requested ip address is known as utilised by a TOR server
isKnownAsVpnboolean
Determines whether the requested ip address is known as utilised by a VPN server
isKnownAsProxyboolean
Determines whether the requested ip address is known as utilised by a proxy server
isSpamhausDropboolean
Determines whether the requested ip address is listed on the spamhause drop all traffic list. The spamhaus drop (don't route or peer) lists are advisory 'drop all traffic' lists, consisting of netblocks that are 'hijacked' or leased by professional spam or cyber-crime operations (used for dissemination of malware, trojan downloaders, botnet controllers)
isSpamhausEdropboolean
Determines whether the requested ip address is listed on the spamhause edrop list According to spamhaus, edrop is an extension of the drop list that includes sub-allocated netblocks controlled by spammers or cyber criminals
isSpamhausAsnDropboolean
determines whether the requested ip address is listed on the spamhause asn-drop list. According to spamhaus, asn-drop contains a list of autonomous system numbers controlled by spammers or cyber criminals, as well as hijacked asns
isBlacklistedUceprotectboolean
Determines whether the requested ip address is blacklisted at uceprotect.net or backscatterer.org
isBlacklistedBlocklistDeboolean
Determines whether the requested ip address is blacklisted at blocklist.de
isKnownAsMailServerboolean
Determines whether the requested ip address is known as utilised by an SMTP mail server
mailServerDomainstring
The last detected SMTP domain name making use of this ip address
isKnownAsPublicRouterboolean
Determines whether the requested ip address is known as utilised by a public router
isBogonboolean
Indicates whether the IP address is excluded from public Internet use by the authorities but announced into the global routing table via BGP
isUnreachableboolean
Determines whether the requested ip address is not reachable via the public Internet
hostingLikelihoodinteger
The likelihood 0-10 of a hosting origin
isHostingAsnboolean
Determines whether the requested ip address was announced by an autonomous system which is likely to publish hosting networks
isCellularboolean
Determines whether the requested ip address was detected as utilised within a cellular network
iCloudPrivateRelayboolean
Determines whether the requested ip address was detected as Apple iCloud Private Relay address

Sample Response

JSON View
403
Access denied, or your quota limit has exceeded

Sample Response

JSON View
405
The requested IP address is not valid

Sample Response

JSON View
500
An error has occurred and did not complete your request. Please try again

Sample Response

JSON View
Was this page helpful?