Code Samples (DNS)

These examples show how to use DNS lookups to check for malicious IPs in real-time. DNS queries are usually slower than API calls, but can be faster if your local resolver caches the queries.

Language

Python
JavaScript
Go
Java
Ruby
C#
PHP

Python Example

Here is how you can perform DNS lookups in Python using the dnspython library to query the DNS for bad IPs:

import dns.resolver

def check_ip(ip_address):
    try:
        query = f'{ip_address}.ip64.org'
        result = dns.resolver.resolve(query, 'CNAME')
        for cname in result:
            print(f'{ip_address} is flagged: {cname}')
    except dns.resolver.NXDOMAIN:
        print(f'{ip_address} is not flagged.')
    except Exception as e:
        print(f'An error occurred: {e}')

if __name__ == "__main__":
    ip_to_check = "192.0.2.1"
    check_ip(ip_to_check)

Ruby Example

This example shows how to perform a DNS query in Ruby to check if an IP address is flagged as malicious:

require 'resolv'

def check_ip(ip)
  query = "#{ip}.ip64.org"
  begin
    result = Resolv::DNS.open do |dns|
      dns.getresource(query, Resolv::DNS::Resource::IN::CNAME)
    end
    puts "#{ip} is flagged as: #{result.name}"
  rescue Resolv::ResolvError
    puts "#{ip} is not flagged."
  end
end

check_ip('192.0.2.1')

C# Example

This example shows how to perform a DNS query in C# to check if an IP address is flagged as malicious:

using System;
using System.Net;

class Program
{
    static void Main(string[] args)
    {
        string ip = "192.0.2.1";
        string query = ip + ".ip64.org";

        try
        {
            IPHostEntry entry = Dns.GetHostEntry(query);
            Console.WriteLine($"{ip} is flagged as: {entry.HostName}");
        }
        catch (Exception)
        {
            Console.WriteLine($"{ip} is not flagged.");
        }
    }
}

Java Example

This example shows how to perform a DNS query in Java to check if an IP address is flagged as malicious:

import java.net.InetAddress;
import java.net.UnknownHostException;

public class DNSLookup {
    public static void main(String[] args) {
        String ip = "192.0.2.1";
        String query = ip + ".ip64.org";

        try {
            InetAddress address = InetAddress.getByName(query);
            System.out.println(ip + " is flagged as: " + address.getHostName());
        } catch (UnknownHostException e) {
            System.out.println(ip + " is not flagged.");
        }
    }
}

JavaScript Example

Here is a JavaScript example that uses a DNS query to check if an IP is flagged. This requires a DNS resolution library such as node-dns:

const dns = require('dns');

const checkIP = (ip) => {
    const query = `${ip}.ip64.org`;

    dns.resolveCname(query, (err, addresses) => {
        if (err && err.code === 'ENOTFOUND') {
            console.log(`${ip} is not flagged.`);
        } else if (addresses) {
            console.log(`${ip} is flagged: ${addresses}`);
        } else {
            console.error(`Error: ${err.message}`);
        }
    });
};

checkIP('192.0.2.1');

Go Example

This Go example shows how to perform a DNS query to check for malicious IPs using the net package:

package main

import (
    "fmt"
    "net"
)

func checkIP(ip string) {
    query := fmt.Sprintf("%s.ip64.org.", ip)
    cname, err := net.LookupCNAME(query)
    if err != nil {
        fmt.Printf("%s is not flagged.\n", ip)
    } else {
        fmt.Printf("%s is flagged: %s\n", ip, cname)
    }
}

func main() {
    checkIP("192.0.2.1")
}

PHP Example

Here is a PHP example for performing a DNS lookup to check if an IP address is flagged:

$ip = "192.0.2.1";
$query = $ip . ".ip64.org";

if (dns_get_record($query, DNS_CNAME)) {
    echo "$ip is flagged as malicious.";
} else {
    echo "$ip is not flagged.";
}