AbuseIPDB abuse report for a single IP — the crowd-sourced abuse-confidence score (0-100) the fail2ban / SSH-scanner / web-attack ecosystem reports into. Pass ip (IPv4 or IPv6). Returns abuseConfidenceScore, totalReports, numDistinctUsers, lastReportedAt, usageType (e.g. Data Center / Residential), ISP, domain, hostnames, isTor, isWhitelisted, and country. Set verbose=true for the individual report records (categories + reporter country). Optional maxAgeInDays (1-365, default 90) bounds the reporting window. Live crowd data an LLM cannot know — SOC alert triage, login-abuse blocking, and firewall decisions.

Payment Options