Developers can check API Specification here:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/ip/13.79.162.73
import requests
import json
url = 'https://api.maltiverse.com/ip/13.79.162.73'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
$url = 'https://api.maltiverse.com/ip/13.79.162.73'
$headers = @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
{
"address": "One Microsoft Way",
"as_name": "AS8075 Microsoft Corporation",
"as_number": "8075",
"asn_cidr": "13.64.0.0/11",
"asn_country_code": "US",
"asn_date": "2015-03-26 00:00:00",
"asn_registry": "arin",
"blacklist": [
{
"count": 1,
"description": "Malicious host",
"first_seen": "2021-05-04 23:24:31",
"labels": [
"malicious-activity"
],
"last_seen": "2021-05-11 22:46:05",
"source": "Darklist"
}
],
"cidr": [
"13.104.0.0/14",
" 13.64.0.0/11",
" 13.96.0.0/13"
],
"city": "Dublin",
"classification": "suspicious",
"country_code": "IE",
"creation_time": "2021-05-04 23:24:31",
"email": [
"msndcc@microsoft.com",
"IOC@microsoft.com",
"abuse@microsoft.com",
"v-raghuy@microsoft.com",
"dabedard@microsoft.com"
],
"ip_addr": "13.79.162.73",
"ip_version": 4,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_sinkhole": false,
"is_tor_node": false,
"is_vpn_node": false,
"last_updated": "2015-03-26 00:00:00",
"location": {
"lat": 53.3165322,
"lon": -6.3425318
},
"modification_time": "2025-06-17 19:32:33",
"number_of_blacklisted_domains_resolving": 0,
"number_of_domains_resolving": 0,
"number_of_offline_malicious_urls_allocated": 0,
"number_of_online_malicious_urls_allocated": 0,
"number_of_whitelisted_domains_resolving": 0,
"postal_code": "D01 P5P5",
"registrant_name": "Microsoft Corporation",
"scoring_executed_time": "2025-06-17 19:32:33",
"state": "WA",
"tag": [
"apache",
"attacker",
"script kiddies"
],
"type": "ip"
}