IP Reputation

IP Reputation

curl --request GET \
  --url https://greipapi.com/lookup/ip/threats \
  --header 'Authorization: Bearer <token>'

{
  "status": "success",
  "data": {
    "ip": "12.12.12.12",
    "threats": {
      "isProxy": true,
      "proxyType": "Socks",
      "isTor": false,
      "isBot": false,
      "isRelay": false,
      "isHosting": true,
      "blacklisted": false
    },
    "custom_rules_applied": {
      "total": 0,
      "rules": []
    }
  },
  "executionTime": 90
}

GET

lookup

threats

IP Reputation

curl --request GET \
  --url https://greipapi.com/lookup/ip/threats \
  --header 'Authorization: Bearer <token>'

{
  "status": "success",
  "data": {
    "ip": "12.12.12.12",
    "threats": {
      "isProxy": true,
      "proxyType": "Socks",
      "isTor": false,
      "isBot": false,
      "isRelay": false,
      "isHosting": true,
      "blacklisted": false
    },
    "custom_rules_applied": {
      "total": 0,
      "rules": []
    }
  },
  "executionTime": 90
}

Query Parameters

string

required

The ip parameter is used to specify the IP address you want to retrieve it’s threat intelligence information.Expected values: an IP address (IPv4 or IPv6)Sample value: 1.1.1.1

format

string

default:"JSON"

The format command is used to get a response in a specific format.Expected values: JSON, XML, CSV, or NewlineFor more information please refer to Response Format.

mode

string

default:"live"

The mode command is used to in the development stage to simulate the integration process before releasing it to the production environment.Expected values: live, or test.For more information please refer to Development Environment.

userID

string

The userID command can be used to identify requests sent by specific users to monitor in the Events Page.Expected values: email address, phone number, user id, name, etc.For more information please refer to User Identifier.

callback

string

The callback command can help you make the response as a JSONP format.Expected values: any name that can be used as a function name in Javascript, e.g: myFunctionName.For more information please refer to JSONP Callback.

{
  "status": "success",
  "data": {
    "ip": "12.12.12.12",
    "threats": {
      "isProxy": true,
      "proxyType": "Socks",
      "isTor": false,
      "isBot": false,
      "isRelay": false,
      "isHosting": true,
      "blacklisted": false
    },
    "custom_rules_applied": {
      "total": 0,
      "rules": []
    }
  },
  "executionTime": 90
}

Response properties

data

object

required

Hide properties

string

required

IP address you’re looking up.

threats

object

required

Show details

isProxy

boolean

required

Indicates if the IP address is a proxy service.

proxyType

string

required

Type of proxy used.

isTor

boolean

required

Indicates if accessed through Tor network.

isBot

boolean

required

Indicates if the user is a bot.

isRelay

boolean

required

Indicates if it’s a Apple’s Private Relay connection.

isHosting

boolean

required

Indicates if the IP address belong to a hosting provider.

blacklisted

boolean

required

Indicates if the IP address is blacklisted due to applying custom rules or were found in one of your blacklists.

custom_rules_applied

object

The custom rules applied to this request, learn more.

Hide properties

total

integer

required

The total number of custom rules applied to this request.

rules

object

required

The custom rules applied to this request, learn more.

Hide properties

string

required

The rule ID as shown in the dashboard (e.g: CR104).

title

string

required

The rule title you set when creating the rule.

status

string

required

Response status (success/error).

executionTime

integer

required

Time taken to process the data (in milliseconds).

Free Get-IP Email Scoring

Data Lookup

Risk Scoring

Account Management

Query Parameters

Response properties

Data Lookup

Risk Scoring

Account Management

​Query Parameters

​Response properties

Query Parameters

Response properties