API Documentation - AbuseIPDB
AbuseIPDB provides a free API for reporting and checking IP addresses. Every day webmasters, system administrators, and other IT professionals use our API to report thousands of IP addresses engaging spamming, hacking, vulnerability scanning, and other malicious activity in real time.
This API allows you to protect your network by checking IP addresses against our database and allows you to contribute by submitting malicious IP addresses that you detect. The API is free to use, but you do have to create an account.
If you are a webmaster or sysadmin interested in automatically reporting abusive IPs via the AbuseIPDB API, we recommend you also see the Fail2Ban integration tutorial.
Both GET and POST methods may be used.
|IPv4 or IPv6 Address|
|[DAYS]||No||30||30||Check for IP Reports in the last 30 days|
|[API_KEY]||Yes||NA||Tzmp1...quWvaiO||Your API Key (Get an API Key)|
|[CATEGORIES]||Yes||NA||10,12,15||Comma delineated list of category IDs (See all Categories)|
|[COMMENT]||No||blank||Brute forcing Wordpress login||Describe the type of malicious activity|
|[CIDR]||Yes||NA||18.104.22.168/20||IPv4 Address Block in CIDR notation|
|verbose flag||No||FALSE||/json?key=[API_KEY]&days=[DAYS]&verbose||When set, reports will include the comment (if any) and the reporter's user id number (0 if reported anonymously)|
All free accounts have a rate limit of 1,000 reports and checks per day. Webmaster accounts have a rate limit of 3,000 requests/day. You can view your rate limits and API usage information by going to the accounts page page and clicking on the "API Usage" tab.
To prevent duplicate reports being submitted automatically through our API (such as via Fail2Ban integration), we limit each account to reporting the same IP once per 15 minutes. After 15 minutes, if the same IP is reported within a 24-hours window with the same comment, a new report is not created. Rather, the timestamp of the original report is updated.
After registering, you can get your API key from the accounts page. Click on the "API Settings" tab to see your API key. You can generate a new API key at anytime. When you generate a new API key the old key will stop working immediately.
You should protect your API key like a password. Anyone who has access to your API key can submit reports on your behalf. You can pass your API key as a GET parameter, but for security reasons we recommend you pass your API key as a POST parameter.