Threat Intelligence
Named feeds. Boolean flags. No mystery scores.
GeoIPHub's IP reputation API returns seven boolean threat flags — is_abusive, is_spammer, is_scanner, is_botnet, is_crawler, is_bogon, is_cgnat — plus a threat_types array, built from public feeds we name: Spamhaus DROP/EDROP, FireHOL Level 1, Feodo Tracker, the official Tor exit list, and Team Cymru bogons, all refreshed daily. And because the modern bot problem includes AI scrapers, every lookup verifies crawlers against 9 official IP-range feeds — so a real Googlebot and a fake one get different answers.
- Seven Threat Flags
- Named Public Feeds, Daily
- Verified Crawler Identification
dnsbl_sources
Seven Threat Flags
is_abusive, is_spammer, is_scanner, is_botnet, is_crawler, is_bogon, and is_cgnat — plus a threat_types array naming each category that applies. Booleans you can branch on, not a number you have to interpret.
Named Public Feeds, Daily
Spamhaus DROP/EDROP, FireHOL Level 1, Feodo Tracker for botnet C2, the official Tor Project exit list, and Team Cymru bogons — every feed named, every feed refreshed daily. You can audit our sources yourself.
Verified Crawler Identification
Crawlers are checked against 9 official IP-range feeds — Googlebot, Google Special Crawlers, Bingbot, Applebot, and DuckDuckBot among them — refreshed every 2 days. The crawler object reports verified, unverified, or spoofed, so fake "Googlebots" stop getting a free pass.
AI Bot Detection
GPTBot, ChatGPT-User, OAI-SearchBot, and CCBot are identified from their operators' official IP ranges. Decide deliberately whether AI scrapers read your site — and know when one is pretending to be something else.
Scanner & Recon Awareness
Known scanner ranges — including Shodan and Censys — set is_scanner, separating internet-wide measurement traffic from your actual users before it skews your logs or your rate limits.
DNSBL Cross-Checks
Each IP is checked against 4 DNS blocklist zones, and dnsbl_sources names every zone that listed it. Evidence you can verify with a dig command, not a proprietary reputation number.
Ready to get started?
1,500 free requests per day. Every field included. No credit card required.