Get the risk score of all IP address uploaded and other data signals.
POST {{baseUrl}}/v1/assess/ip/csv?strict_parse=false
What
Obtain a numerical score and a risk assessment of all the IP addresses uploaded with a text file.
Parameters
- A text file with a list of public IPv4 or IPv6 addresses.
- A header
Content-Type: multipart/form-datais required. - (optional) in the query string the parameeter
strict_parse: If set totrue, no malformed IP addresses allowed, returning an error. If set tofalse, malformed IP addresses will be ignored.
Example:
curl -X 'POST' \
'https://dublin.api.threatjammer.com/v1/asses/ip/csv[?strict_parse=true|false]' \
-H 'accept: application/json' \
-H 'Authorization: Bearer YOUR_API_KEY' \
-H 'Content-Type: multipart/form-data' \
-F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
Result
The result contains a list of the result for each IP address, with two main sets of data: - The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
- The list of information gathered from the IP address to obtain the score.
The result is a JSON object with the following structure:
- self: the URI of the API call
- score: The score of the IP address. It ranges from 0 to 99.
- risk: The risk of the IP address. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
- reason: It's a human readable representation of the reason of the risk.
- datasets: The IP address was found in the these lists of datasets used to obtain the risk score. Datasets are described as a list of URIs.
- sources: The IP address was found in the these source lists at an specific time with a specific risk score. Sources are described as a list of URIs.
- log: The activity of the IP address in the different datasets used to obtain the risk score. The log is a URI reference.
- asn: The information about the Autonomous System (AS) of the IP address. The AS is described as an URI.
- asn_prefix: The information about the Autonomous System (AS) network prefix of the IP address. The prefix is described as an URI.
- datacenter: If the IP address is part of a datacenter pool, the information about the datacenter is described as an URI.
- datacenter_prefix: The information about the Datacenter network prefix of the IP address. The asn_prefix and datacenter_prefix can be the same, but it is not mandatory. The prefix is described as an URI.
- denylisted: If the IP address was denylisted by the user, the information about the denylisted IP address is described as an URI.
- first_appearence: URI to the first appearance of the IP address in the different datasets used to obtain the risk score.
- last_appearence: URI to the last appearance of the IP address in the different datasets used to obtain the risk score.
Errors
The endpoint will return the following errors:
- a 422 Unprocessable Entity error if the IP address is malformed.
The private IP addresses will be ignored, if any.
When the strict_parse parameter is set to true, the endpoint will return the following errors:
- a 400 Bad Request.
It will also return the API Global errors described in the API description.
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
strict_parse | boolean | When true, if any IP address entry in the file is malformed, the assessment is canceled. If false, the malformed IP addresses are ignored. Default is false. |
Request Body
[{"name"=>"csv_file", "value"=>"dolore", "datatype"=>"string"}]
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Content-Type | string | ||
Accept | string |
RESPONSES
status: OK
{"self":"consectetur nulla irure e","results":[{"risk":"LOW","datasets":["dolore magna sunt cupidatat","est voluptate dolore occaecat"],"sources":["magna ut","deserunt"],"first_appearance":["in proident cillum","aliqua velit"],"last_appearance":["eu mollit","Excepteur deserunt mollit"],"asn":"eu velit dolore","asn_prefix":"aliquip laborum","reason":"elit in","denylisted":"Duis culpa velit","allowlisted":"laboris culpa qui","datacenter":"ame","datacenter_prefix":"laboris","self":"enim quis fugiat anim","score":-79106260},{"risk":"UNKNOWN","datasets":["cupidatat","aliquip minim incididunt"],"sources":["dolor est adipisicing elit","qui deserunt sint officia consequat"],"first_appearance":["nisi culpa incididunt in quis","in sint"],"last_appearance":["dolor labore dolore","o"],"asn":"in tempor","asn_prefix":"magna veniam eu id","reason":"sint","denylisted":"exercitation","allowlisted":"aute","datacenter":"occaecat non magna","datacenter_prefix":"qui quis in","self":"aute enim ipsum esse","score":-52265346}]}