Developers can check API Specification here:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/ip/51.15.6.164
import requests
import json
url = 'https://api.maltiverse.com/ip/51.15.6.164'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
$url = 'https://api.maltiverse.com/ip/51.15.6.164'
$headers = @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
{
"as_name": "AS12876 ONLINE SAS NL",
"as_number": "12876",
"blacklist": [
{
"count": 1,
"description": "Mail Spammer",
"first_seen": "2020-08-02 03:46:46",
"last_seen": "2020-08-03 09:49:08",
"source": "Blocklist.de"
},
{
"count": 1,
"description": "IMAP Attacker",
"first_seen": "2020-08-02 03:44:53",
"last_seen": "2020-08-03 09:47:24",
"source": "Blocklist.de"
}
],
"city": "Amsterdam",
"classification": "suspicious",
"country_code": "NL",
"creation_time": "2020-08-02 03:44:53",
"ip_addr": "51.15.6.164",
"ip_version": 4,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_sinkhole": false,
"is_tor_node": false,
"is_vpn_node": false,
"location": {
"lat": 52.3702157,
"lon": 4.8951679
},
"modification_time": "2025-07-03 00:15:37",
"number_of_blacklisted_domains_resolving": 0,
"number_of_domains_resolving": 0,
"number_of_offline_malicious_urls_allocated": 0,
"number_of_online_malicious_urls_allocated": 0,
"number_of_whitelisted_domains_resolving": 0,
"postal_code": "1012 JS",
"registrant_name": "ONLINE SAS NL",
"scoring_executed_time": "2025-07-03 00:15:37",
"tag": [
"attacker",
"imap",
"pop3",
"sasl",
"bot",
"mail",
"spam"
],
"type": "ip"
}