Hazard report
Introduction
The Hazard Report API offers a unique set of cybersecurity metrics that helps businesses combat cyber threats proactively and reactively. It leverages advanced algorithms and third-party sources to monitor IP addresses against trusted blacklist sites and identify anonymizers like VPNs and proxies.
It also assesses the likelihood of every global IP address being assigned to a hosting environment. For more information on how the Hazard Report is prepared, please refer to our Can you explain how Hazard Reports are prepared? FAQ page.
Get started
This API is part of the IP Geolocation package and is available in free and paid plans. Please visit the IP Geolocation package page for limits and pricing information.
Endpoints
IPv4 only API Endpoint
Use this endpoint to force API calls routed over the IPv4 network only
Dual-Stack API Endpoint
This endpoint has native IPv6 support and backs the API calls routed over both IPv4 and IPv6 networks
Request
Responses
Example query
https://api-bdc.net/data/hazard-report?ip=8.8.8.8&key=[YOUR API KEY]
Example response
Schema
Determines whether the requested ip address is known as utilised by a TOR server
Determines whether the requested ip address is known as utilised by a VPN server
Determines whether the requested ip address is known as utilised by a proxy server
Determines whether the requested ip address is listed on the spamhause drop all traffic list. The spamhaus drop (don't route or peer) lists are advisory 'drop all traffic' lists, consisting of netblocks that are 'hijacked' or leased by professional spam or cyber-crime operations (used for dissemination of malware, trojan downloaders, botnet controllers)
Determines whether the requested ip address is listed on the spamhause edrop list According to spamhaus, edrop is an extension of the drop list that includes sub-allocated netblocks controlled by spammers or cyber criminals
determines whether the requested ip address is listed on the spamhause asn-drop list. According to spamhaus, asn-drop contains a list of autonomous system numbers controlled by spammers or cyber criminals, as well as hijacked asns
Determines whether the requested ip address is blacklisted at uceprotect.net or backscatterer.org
Determines whether the requested ip address is blacklisted at blocklist.de
Determines whether the requested ip address is known as utilised by an SMTP mail server
The last detected SMTP domain name making use of this ip address
Determines whether the requested ip address is known as utilised by a public router
Indicates whether the IP address is excluded from public Internet use by the authorities but announced into the global routing table via BGP
Determines whether the requested ip address is not reachable via the public Internet
The likelihood 0-10 of a hosting origin
Determines whether the requested ip address was announced by an autonomous system which is likely to publish hosting networks
Determines whether the requested ip address was detected as utilised within a cellular network
Determines whether the requested ip address was detected as Apple iCloud Private Relay address