How to check the IP address reputation programmatically

Countless predators are sitting in the wild to spam or attack the network. So sometimes, before trusting a random IP address on the Internet, it’s a good idea to check its reputation. There are multiple methods to check the details and reputation of an IP address, but here we are covering only one via “www.abuseipdb.com.”

Method-1: Using Web Browser.

Open https://www.abuseipdb.com/ and search for any IP address you are trying to check. This is self-explanatory and not discussed further here. Go, test yourself.

Method-2: Using the API(Free for personal use)

If you are a private individual working for your activity, you can use the FREE API version provided by abuseipdb.com. Register and generate your API keys. Note that they have commercial plans for more extensive requirements. Please read their policy for better clarity on the commercial usage. The free account comes with a daily restriction of 1000 query per day, which is an outstanding amount of queries an individual would ever need.

After registering, you can create your APIKEY; it’s a secret string tagged to your account. Think of it as username and password in one string. Keep it secret. 

In the text marked in RED, put your APIKEY and the Ip address in the TEXT in BLUE. Then run the command. You will

curl -Gs https://api.abuseipdb.com/api/v2/check \
  --data-urlencode "ipAddress=$IP_ADDRESS_HERE" \
  -d maxAgeInDays=90 \
  -d verbose \
  -H "Key: $YOUR_API_KEY" \
  -H "Accept: application/json"

The above command would return vital information like:

  1. Is the IP whitelisted ?
  2. Abuse confidence score? Lower the better.
  3. Country
  4. ISP, Usage type
  5. comprehensive reports and the number of distinct users reporting abuse against this IP.
  6. Last abuse reported timestamp.
  7. All the comments by users describing why people reported this IP.
The same code is done in python by using the example provided in their API documentation:
import requests
import json

# Defining the api-endpoint
url = 'https://api.abuseipdb.com/api/v2/check'

querystring = {
    'ipAddress': $IP_ADDRESS,
    'maxAgeInDays': '90'
}

headers = {
    'Accept': 'application/json',
    'Key': '$YOUR_API_KEY'
}

response = requests.request(method='GET', url=url, headers=headers, params=querystring)

# Formatted output
decodedResponse = json.loads(response.text)
print json.dumps(decodedResponse, sort_keys=True, indent=4)

Reference:

  • https://docs.abuseipdb.com/#introduction

Leave a Comment

Your email address will not be published.

Scroll to Top