Built by Metorial, the integration platform for agentic AI.
Submit multiple IP abuse reports at once by uploading CSV data. The CSV should contain rows with IP address, categories, and optional comment/timestamp fields. Returns the number of successfully saved reports and details about any invalid entries.
Retrieve detailed, paginated abuse reports for a specific IP address. Each report includes the reporter's information, abuse categories, comments, and timestamps. Use this for in-depth investigation of abuse activity against a specific IP.
Check an entire subnet (CIDR notation) for IP addresses that have been reported for abuse. Returns network details and a list of reported addresses within the block with their abuse scores. Use this to assess the reputation of a network range.
Download a list of the most reported IP addresses, ordered by abuse confidence score. Can be filtered by minimum confidence score, country, and IP version. Use this to populate firewall blocklists or analyze global threat trends.
Look up the abuse reputation of an IP address (IPv4 or IPv6). Returns the abuse confidence score (0–100), geographic and network information, and optionally individual abuse reports in verbose mode. Use this to assess whether an IP address has been involved in malicious activity.
Delete all abuse reports that **your account** has previously submitted for a specific IP address. This does not affect reports submitted by other users. Use this to retract mistaken or outdated reports for an IP address.
Submit an abuse report for a malicious IP address. Specify the IP, one or more abuse category IDs, and an optional comment describing the attack. **Abuse category IDs:** - 1: DNS Compromise — 2: DNS Poisoning — 3: Fraud Orders — 4: DDoS Attack - 5: FTP Brute-Force — 6: Ping of Death — 7: Phishing — 8: Fraud VoIP - 9: Open Proxy — 10: Web Spam — 11: Email Spam — 12: Blog Spam - 13: VPN IP — 14: Port Scan — 15: Hacking — 16: SQL Injection - 17: Spoofing — 18: Brute Force — 19: Bad Web Bot — 20: Exploited Host - 21: Web App Attack — 22: SSH — 23: IoT Targeted