This package is a small wrapper for some of the APIs provided by AbuseIPDB API (https://www.abuseipdb.com).
It can be used to determine if an IP address is known to be engaging in hacking attempts or other malicious behavior.
I use it on my site (https://richanderson.io) where I check every inbound request.
The package and examples require an API key from https://www.abuseipdb.com. Go to their site to register and create one.
One you have your API key setup the environment variable "ABUSEIPDB_API_KEY":
export ABUSEIPDB_API_KEY=YOUR_API_KEYThis example calls the API and outputs basic information about the iP addresses entered in the console:
IPAddress: 209.141.57.178
TotalReports: 29
NumberDistinctUsers: 25
AbuseConfidenceScore: 100
IsPublic: true
IPVersion: 4
IsWhiteListed: false
CountryCode: DE
UsageType: Data Center/Web Hosting/Transit
ISP: Contabo GmbH
Domain: contabo.de
LastReportedAt: 2020-03-22 00:30:08 +0000 +0000You can run the example locally on your machine:
cd examples/gocheck
go run .// grab the api key from the environment variable setup above
apikey := os.Getenv("ABUSEIPDB_API_KEY")
// go get the information about an IP address
var ip string
resp, err := abuseipdb.CheckIP(apikey, ip)
if err != nil {
fmt.Println("error checking ip: ", err)
return
}
// display results in the console
fmt.Println("IPAddress:", resp.IPAddress)
fmt.Println("TotalReports:", resp.TotalReports)
fmt.Println("NumberDistinctUsers:", resp.NumberDistinctUsers)
fmt.Println("AbuseConfidenceScore:", resp.AbuseConfidenceScore)
fmt.Println("IsPublic:", resp.IsPublic)
fmt.Println("IPVersion:", resp.IPVersion)
fmt.Println("IsWhiteListed:", resp.IsWhiteListed)
fmt.Println("CountryCode:", resp.CountryCode)
fmt.Println("UsageType:", resp.UsageType)
fmt.Println("ISP:", resp.ISP)
fmt.Println("Domain:", resp.Domain)
fmt.Println("LastReportedAt:", resp.LastReportedAt)- Updated to Go 1.18
- Fix bug in one of the examples
- Module now uses github.com/richandersonio/go-abuseipdb/v2
- Add code example of calling the package to the docs