Request IP Feed Information
GET/ip-feed
A GET request to retrieve the IP feed information by name, IP address or IP address range.
Request
Query Parameters
Possible values: [malicious, high-risk]
Provides the IP feed entries by the feed name.
Note: Returns only entries with 'released' status that exist in the Threat Intelligence database.
curl -v -H 'X-API-KEY: API_KEY' \
'https://api.threatvault.paloaltonetworks.com/service/v1/ip-feed?name=malicious'
Provides the IP feed information by IP address.
Note: Always returns a result. Returns feed information if IP Address exists in the Threat Intelligence database, otherwise returns only the Geolocation and Autonomous System information.
curl -v -H 'X-API-KEY: API_KEY' \
'https://api.threatvault.paloaltonetworks.com/service/v1/ip-feed?ipaddr=193.189.116.210'
Used together with toipaddr field. Provides the IP feed entries based on IP address range.
Note: Returns entries with 'released', 'disabled' or 'expired' status that exist in the Threat Intelligence database.
curl -v -H 'X-API-KEY: API_KEY' \
'https://api.threatvault.paloaltonetworks.com/service/v1/ip-feed?fromipaddr=185.130.5.207&toipaddr=185.130.5.236'
The right boundary of date range query, must use with toipaddr.
Example can be found in toipaddr section
Optional parameter. The maximum number of results to return in each page.
curl -v -H 'X-API-KEY: API_KEY' \
'https://api.threatvault.paloaltonetworks.com/service/v1/ip-feed?name=high-risk&limit=3'
Optional parameter. The starting position of the query in relation to the complete set of the unpaginated results.
curl -v -H 'X-API-KEY: API_KEY' \
'https://api.threatvault.paloaltonetworks.com/service/v1/ip-feed?name=high-risk&limit=10&offset=10'
Responses
- 200
- 4XX
- 5XX
Request succeeded
Response Headers
X-Day-RateLimit-Limit integer
Example: 2000The maximum number of requests that the user is permitted to make per day.
X-Day-RateLimit-Remaining integer
The number of requests remaining in the current rate limit window (one day).
X-Day-RateLimit-Reset integer
The epoch timestamp at which the current rate limit window (one day) resets.
X-Minute-RateLimit-Limit integer
Example: 200The maximum number of requests that the user is permitted to make per minute.
X-Minute-RateLimit-Remaining integer
The number of requests remaining in the current rate limit window (one minute).
X-Minute-RateLimit-Reset integer
The epoch timestamp at which the current rate limit window (one minute) resets.
- application/json
- Schema
- Example (from schema)
Schema
- Array [
- ]
- Array [
- ]
The response status.
link object[]
The pagination information of the results.
The URL of previous page with results.
The URL of next page with results.
The total number of entries found.
data object[]
The data of the response.
The IP address.
The name of the IP Feed entry.
The status of the IP Feed entry.
release object
The release information.
The release version when the IP Feed was released.
The release time when the IP Feed was released.
Generic response message.
{
"success": true,
"link": [
{
"next": "string",
"previous": "string"
}
],
"count": 1,
"data": [
{
"ipaddr": "2.59.154.102",
"name": "High Risk IP Feed",
"status": "released",
"release": {
"first_release_version": "3566",
"first_release_time": "2020-12-16T23:40:24Z"
}
}
],
"message": "Successful"
}
Client related error response
- application/json
- Schema
- Example (from schema)
Schema
Generic response messa message.
The response status.
{
"message": "string",
"success": false
}
Server related error response
- application/json
- Schema
- Example (from schema)
Schema
Generic response messa message.
The response status.
{
"message": "string",
"success": false
}