API Documentation - AbuseIPDB

AbuseIPDB provides a free API for reporting and checking IP addresses. Every day webmasters, system administrators, and other IT professionals use our API to report thousands of IP addresses engaging spamming, hacking, vulnerability scanning, and other malicious activity in real time.

This API allows you to protect your network by checking IP addresses against our database and allows you to contribute by submitting malicious IP addresses that you detect. The API is free to use, but you do have to create an account.

API Endpoints

Each parameters listed below can be passed as either an GET parameter or a POST parameters.

Check IP


Report IP


Parameters Explained

[IP]YesNA8.8.8.8IPv4 Address
[DAYS]No3030Check for IP Reports in the last 30 days
[API_KEY]YesNATzmp1...quWvaiOYour API Key (Get an API Key)
[CATEGORIES]YesNA10,12,15Comma delineated list of category IDs (See all Categories)
[COMMENT]NoblankBrute forcing Wordpress loginDescribe the type of malicious activity

Rate Limits

All free accounts have a rate limit of 1,000 reports and checks per day. Webmaster accounts have a rate limit of 3,000 requests/day. You can view your rate limits and API usage information by going to the accounts page page and clicking on the "API Usage" tab.

To prevent duplicate reports being submitted automatically through our API, we limit each accounts to reporting the same IP once per 15 minutes.



After registering, you can get your API key from the accounts page. Click on the "API Settings" tab to see your API key. You can generate a new API key at anytime. When you generate a new API key the old key will stop working immediately.

You should protect your API key like a password. Anyone who has access to your API key can submit reports on your behalf. You can pass your API key as a GET parameter, but for security reasons we recommend you pass your API key as a POST parameter.

Cross Origin Resource Sharing

Ordinarily, if you browse to domain A, domain A will not be able to access resource (i.e. an APIs) hosted on domain B. This is a security mechanism designed to prevent Cross Site Request Forgery (CSRF) attacks.

Cross Origin Resource Sharing (CORS) is a mechanism that allows a web browser to request resources from another domain outside the domain from which the request originated. This allows you to use AbuseIPDB's API from your own website.

In order to access our API from your domain, you must add your domain as a CORS Header in your Account page. Click on the "API Settings" tab. You can explicitly allow access to your domain or use the wildcard "*" to allow any domain to access the API with your API key. If your domain is example.com, set the CORS header to "http://example.com"

Legacy API

AbuseIPDB was completely revamped in April, 2016, including the API. However, in order to prevent disruption for existing users, we left the old API in place. The old API will continue to work exactly as it always has. API keys will also remain the same for the old API, but there will be no way to recover your old API key. The new API will require you to use a new API key found in your Account page.

** This Document Provided By AbuseIPDB **
Source: http://www.abuseipdb.com/api