IP Reputation Reports

We can provide IP lookup and IP reputation reports that give a full history of cyber reconnaissance, ports scans and attempted cyber security attacks on our network of UK based Funnelweb listener servers. We can provide location information, attempted network scans and vulnerability exploits attempted. How are IP reputation reports useful? If you are selling online high value goods you are putting a lot trust in the buyer and payment services. Would it be useful to know if they IP address of the buyer is an open proxy frequently used by potential hackers and cyber criminals? Similarly if you are running secure or sensitive networks would it be useful to know they you are being targetting and potential hackers and cyber criminals are scanning your networks for vulnerabilities? This is where our reputation reports can help you make more informed decisions and take further precautions.

IP Reputation Lookup

Have you wanted to know who tried to hack you or if that IP address in your logs has tried port scanning or attempting cyber attacks in the UK? Please enter the IP address you would like to lookup and get a FREE ip threat intelligence report:


Most popular IP Lookups


Did you know that we have a FREE IP Reputation Lookup API?

IP address and threat intelligence is actionable and is available via our APIs (JSON), which can be ingested into SIEMs. With our commercial API subscription, you can query URLs and IPs by category (e.g. query all IPs and URLs which are categorized as "Botnet Command and Control Server") 

curl -X 'GET' -k 'https://funnelweb.tech/api/ipr/{IP_ADDRESS}' -H 'accept: application/json' -H 'API_KEY: {API_KEY}'

Please contact us to get an API Key to try our FREE IP reputation and threat intelligence data lookup for the UK

Example IP Reputation API Report

Below is an example of the response (in JSON format) you will receive
from our FREE IP Reputation Lookup API 

{
    "ip": "123.123.123.123",*
    "hostname": "No-HostName",
    "continent_code": "EU",
    "continent_name": "Europe",
    "country_code": "NL",
    "country_name": "Europe",
    "region_code": "NH",
    "region_name": "North Holland",
    "city": "Diemen",
    "zip": "1101",
    "latitude": 52.349998,**
    "longitude": 4.916999,**
    "first_seen": "09/03/2023 22:36:56",
    "last_seen": "20/04/2023 05:10:25",
    "urlThreatDescriptions": [
        "Apache Solr 8.2.0 - Remote Code Execution - [CVE-2019-17558]",
        "Directory Index Scan",
        "inurl:?XDEBUG_SESSION_START=phpstorm",
        "Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution (Metasploit) - [CVE-2019-1003000]",
        "Spring Cloud Gateway 3.1.0 - Remote Code Execution (RCE) - [CVE-2022-22947]",
        "ThinkPHP 5.X - Remote Command Execution",
        "Util/PHP/eval-stdin - [CVE-2017-9841]"
    ],
    "security": {
        "is_proxy": true,
        "proxy_type": open,
        "is_crawler": false,
        "crawler_name": null,
        "crawler_type": null,
        "is_tor": false,
        "threat_level": "Medium"
    },
    "portScans": [
        {
            "port": 8080,
            "number": 170
        },
        {
            "port": 443,
            "number": 147
        },
        {
            "port": 80,
            "number": 166
        }
    ]
}

** Lat & Lon coordinates only to 6 decimal places for example purposes only
* This is fictitious IP address for example purposes only