API Documentation
Integrate IPAbuse intelligence into your applications with our powerful RESTful API
Quick Start
Get started with the IPAbuse API in minutes. First, obtain your API key from your dashboard.
curl -X GET "https://api.ipabuse.org/v1/ip/192.168.1.1" \
-H "Authorization: Bearer YOUR_API_KEY"Authentication
All API requests require authentication using an API key in the Authorization header:
Important: Keep your API key secure. Never share it publicly or commit it to version control.
API Endpoints
Base URL
Get detailed information about a specific IP address.
Response Example
{
"ip": "192.168.1.1",
"country": "United States",
"city": "San Francisco",
"isp": "Example ISP",
"reports": 0,
"threatLevel": "low",
"lastSeen": "2025-11-27T10:30:00Z"
}Submit a new abuse report for an IP address.
Request Body
{
"ip": "192.168.1.1",
"category": "hacking",
"severity": "high",
"description": "Brute force attack detected",
"evidence": "Log file content..."
}Response
{
"success": true,
"reportId": "abc123",
"message": "Report submitted successfully"
}Get recently reported IP addresses.
Query Parameters
limit- Number of results (default: 10, max: 100)offset- Pagination offset (default: 0)
Check multiple IP addresses at once (max 100 per request).
Request Body
{
"ips": ["192.168.1.1", "10.0.0.1", "172.16.0.1"]
}Rate Limits
Free Tier
1,000
requests per day
Pro Tier
100,000
requests per day
Enterprise
Unlimited
custom limits available
Webhooks
Subscribe to real-time notifications for new threat intelligence updates.
Setting up Webhooks
Configure your webhook endpoint to receive POST requests:
POST /your-webhook-endpoint
Content-Type: application/json
{
"event": "ip.reported",
"timestamp": "2024-11-28T10:30:00Z",
"data": {
"ip": "192.168.1.100",
"category": "brute_force",
"confidence": 95,
"reporter_id": "user_12345"
}
}Event Types
ip.reportedNew IP abuse report submitted
ip.verifiedIP report verified by community
threat.detectedNew threat pattern detected
Webhook Verification
Verify webhook requests using the signature header:
import crypto from 'crypto';
function verifyWebhook(payload, signature, secret) {
const hmac = crypto.createHmac('sha256', secret);
const digest = hmac.update(JSON.stringify(payload)).digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(digest)
</PageTransition>
</>
);
}Integration Examples
Node.js / Express
const express = require('express');
const axios = require('axios');
const app = express();
const API_KEY = process.env.IPABUSE_API_KEY;
app.use(async (req, res, next) => {
const ip = req.ip;
try {
const response = await axios.get(
`https://api.ipabuse.org/v1/ip/${ip}`,
{ headers: { 'Authorization': `Bearer ${API_KEY}` } }
);
if (response.data.abuse_confidence > 80) {
return res.status(403).json({ error: 'IP blocked' });
}
next();
} catch (error) {
next(); // Continue on API error
}
});Python / Flask
from flask import Flask, request, jsonify
import requests
import os
app = Flask(__name__)
API_KEY = os.getenv('IPABUSE_API_KEY')
@app.before_request
def check_ip():
ip = request.remote_addr
headers = {'Authorization': f'Bearer {API_KEY}'}
try:
response = requests.get(
f'https://api.ipabuse.org/v1/ip/{ip}',
headers=headers
)
data = response.json()
if data.get('abuse_confidence', 0) > 80:
return jsonify({'error': 'IP blocked'}), 403
except:
pass # Continue on API errorPHP / Laravel
<?php
use Illuminate\Support\Facades\Http;
Route::middleware(function ($request, $next) {
$ip = $request->ip();
$apiKey = env('IPABUSE_API_KEY');
try {
$response = Http::withHeaders([
'Authorization' => "Bearer {$apiKey}"
])->get("https://api.ipabuse.org/v1/ip/{$ip}");
$data = $response->json();
if ($data['abuse_confidence'] > 80) {
abort(403, 'IP blocked');
}
} catch (\Exception $e) {
// Continue on API error
}
return $next($request);
});Error Codes
400Bad Request
Invalid request parameters
401Unauthorized
Invalid or missing API key
429Too Many Requests
Rate limit exceeded
500Internal Server Error
Something went wrong on our end