IP Reputation & Risk
IP Reputation API & Malicious IP Detection
Score the risk of any IP address before you trust it. The FindIP IP reputation API performs malicious IP detection backed by threat feeds, returning a confidence score and threat categories — from brute force and botnets to malware C2, phishing, DDoS sources and credential stuffing.
Brute force
Botnet
Malware C2
Phishing
DDoS source
Credential stuffing
Spam source
Web attack
Why developers choose FindIP
Confidence scoring
Every verdict comes with a confidence score so you can tune thresholds for block, challenge or allow.
Broad threat coverage
Aggregates abuse, brute-force, botnet, malware C2, phishing, DDoS and credential-stuffing signals.
Unlimited & free
Reputation-check every IP that touches your service without quotas, on IPv4 and IPv6.
One simple REST call
Works from any language. Here it is in Python.
GET https://api.findip.net/{ip}/?token={token}
Python
import requests
ip = '8.8.8.8' # IP address to analyze
token = 'YOUR_API_KEY' # Get a free key at findip.net
data = requests.get(f'https://api.findip.net/{ip}/?token={token}').json()
traits = data['traits']
print('ISP: ', traits['isp'])
print('Connection type: ', traits['connection_type'])
print('User type: ', traits['user_type'])
print('ASN: ', traits['autonomous_system_number'], traits['autonomous_system_organization'])
# Combine ASN / network context with FindIP's malicious-IP signals and
# confidence score to drive your risk decision.Frequently asked questions
Malicious IP detection covers brute force, botnet, malware command-and-control, phishing, DDoS sources, credential stuffing, spam sources and web attacks.
Yes. Each verdict includes a confidence score so you can set thresholds appropriate to your risk tolerance.
Yes — there are no request limits and no credit card is required to start.