Threat intelligence API Docs Pricing Solutions Resources Contact us

Threat intelligence API docs

General information


To authorize your requests you need to get your personal API key. Get it on the My subscriptions page.

You can pass the API key using one of the following ways:

Query string


Request headers


Authorization: YOUR_API_KEY

Postman collection

Postman is a desktop and web application that allows you to make requests to an API from a graphical user interface. We recommend using Postman with Threat Intelligence APIs endpoints when exploring the APIs functionality, as well as when you are troubleshooting issues with your application.

The Threat Intelligence API Postman collection is available at the following links:

The collection includes a preconfigured environment. You will need to set up the api_key variable to fire each request. Get your personal API KEY on the My subscriptions page. If you have questions related to the API, you can ask them here: Contact us

Rate limit

Each user is limited to 100 requests per minute. If that limit is exceeded, you'll to wait 1 minute before sending new requests.

To control the rate limit programmatically, you can use the following response headers:

Example value
What it means
X-RateLimit-Limit X-RateLimit-Limit: 100 You are limited to 100 requests per minute.
X-RateLimit-Remaining X-RateLimit-Remaining: 70 You have 70 requests left for this minute.
Retry-After Retry-After: 60 The limit is reached. You can make new requests in 60 seconds.

Error codes

HTTP code
What it means
401 Unauthorized Authorization required No API key passed.
401 Unauthorized Unknown user Invalid or obsolete API key passed.
401 Unauthorized Access denied Not enough credits on your account or you aren't subscribed to the service.
422 Unprocessable entity Domain name doesn't exist TIP can't resolve the target domain.
422 Unprocessable entity Domain name is required The required domainName input parameter is missing.
422 Unprocessable entity Invalid domain name or IP address The provided domain name or IP address isn't valid.
422 Unprocessable entity Only public IPv4 addresses allowed Only public IPv4 addresses allowed.
422 Unprocessable entity The 'mode' parameter is invalid Only "fast" or "full" modes are allowed.
422 Unprocessable entity Only {types} supported. Here {types} is a list of possible input parameter types (IP address or domain name) The error means that the API doesn't support the input parameter type you entered. For instance, if the API supports only domain names, you can't enter IPv4 address.
429 Too Many Requests Too many requests The API rate limit is reached.
Have questions?

We work hard to improve our services for you. As part of that, we welcome your feedback, questions and suggestions. Please let us know your thoughts and feelings, and any way in which you think we can improve our product.

For a quick response, please select the request type that best suits your needs.

Or shoot us an email to

Threat Intelligence Platform uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.