Loading
Loading
Check up to 50,000 IP addresses in a single request with our Bulk IP Threat Intelligence API. Get threat scores, VPN detection, proxy detection, and more for every IP in your batch.
The Bulk IP Security API accepts a JSON array of up to 50,000 IP addresses and returns a security profile for each one. Designed for security audits on existing datasets, log enrichment workflows, and any scenario where real-time single-IP lookups are not practical.
Pass your API key as the apiKey parameter in every request.
This is version v1.0 of the API.
The following query parameters can be used in your API requests.
ipsrequiredArray<String>A JSON array of IPv4 or IPv6 addresses to look up. Maximum 50,000 IPs per request.
fieldsoptionalStringComma-separated list of field paths to return in the response. Use dot notation for nested fields (e.g. security.threat_score).
excludesoptionalStringComma-separated list of field paths to remove from the response. Use dot notation for nested fields (e.g. security.is_tor).
The request body should be in JSON format and include an ips array of IP addresses for security lookup.
{
"ips": [
"8.8.8.8",
"1.1.1.1",
"45.33.32.156"
]
}A successful request returns a 200 OK response with a JSON array of objects. Each object in the array contains the security data for the corresponding IP address in the request. The response structure for each item is identical to the IP Threat Intelligence API response.
To see the complete response structure, click here.
The API uses standard HTTP status codes to indicate the success or failure of requests. For common status codes like 429 (Too Many Requests), refer to the general API documentation.
'ips' must not be empty or null