Skip to main contentSkip to footer
reportedIP
Developer Documentation ReportedIP REST API & Ecosystem
API v2

Threat Categories

ReportedIP uses 30 predefined threat categories to classify malicious activity. Each category has a severity level from 1 (low) to 10 (critical) that influences the confidence score calculation. When reporting an IP, you specify one or more category IDs to describe the type of attack observed.

All Categories

#1 High
DNS Compromise
Kompromittierte DNS-Server
8/10
#2 Critical
DNS Poisoning
DNS-Cache-Poisoning
9/10
#3 Medium
Fraud Orders
Betrügerische Bestellungen
6/10
#4 Critical
DDoS Attack
Distributed Denial of Service
9/10
#5 High
FTP Brute-Force
FTP-Brute-Force-Angriffe
7/10
#6 High
Ping of Death
Ping-of-Death-Angriffe
8/10
#7 Critical
Phishing
Phishing-Websites
9/10
#8 Medium
Fraud VoIP
VoIP-Betrug
6/10
#9 Medium
Open Proxy
Offene Proxy-Server
5/10
#10 Medium
Web Spam
Web-Spam
4/10
#11 Medium
Email Spam
E-Mail-Spam
4/10
#12 Low
Blog Spam
Blog-Spam
3/10
#13 Low
VPN IP
VPN-Exit-Nodes
2/10
#14 Medium
Port Scan
Port-Scanning
6/10
#15 High
Hacking
Allgemeine Hacking-Aktivitäten
8/10
#16 Critical
SQL Injection
SQL-Injection-Angriffe
9/10
#17 High
Spoofing
IP/Email-Spoofing
7/10
#18 High
Brute-Force
Brute-Force-Angriffe
7/10
#19 Medium
Bad Web Bot
Schädliche Web-Bots
5/10
#20 High
Exploited Host
Kompromittierte Hosts
8/10
#21 High
Web App Attack
Web-Application-Angriffe
8/10
#22 High
SSH
SSH-Brute-Force
7/10
#23 High
IoT Targeted
IoT-gezielte Angriffe
8/10
#24 Medium
Cryptocurrency Mining
Illegales Crypto-Mining
6/10
#25 Critical
Ransomware C&C
Ransomware Command & Control
10/10
#26 Critical
Banking Trojan
Banking-Trojaner
10/10
#27 High
Mobile Malware
Mobile-Malware
8/10
#28 Critical
Supply Chain Attack
Supply-Chain-Angriffe
10/10
#29 Critical
Zero-Day Exploit
Zero-Day-Exploits
10/10
#30 Critical
Nation State
Staatlich gesponserte Angriffe
10/10
#31 High
WP Login Brute Force
Brute force attacks on wp-login.php
7/10
#32 High
WP Admin Brute Force
Attacks on WordPress admin area
8/10
#33 High
WP XML-RPC Brute Force
Abuse of XML-RPC interface
8/10
#34 High
WP REST API Abuse
Abuse of WordPress REST API
7/10
#35 High
WP Plugin Exploit
Exploitation of plugin vulnerabilities
8/10
#36 High
WP Theme Exploit
Exploitation of theme vulnerabilities
8/10
#37 Critical
WP Core Exploit
Attacks on WordPress core vulnerabilities
9/10
#38 Critical
WP Zero-Day Exploit
Unknown WordPress exploits
10/10
#39 Low
WP Comment Spam
Spam in WordPress comments
3/10
#40 Medium
WP Contact Form Spam
Spam via contact forms
4/10
#41 Medium
WP Registration Spam
Fake user registrations
5/10
#42 Medium
WP Trackback Spam
Trackback/Pingback spam
6/10
#43 Critical
WP File Upload Malware
Malware upload via WordPress
9/10
#44 Critical
WP Code Injection
PHP/JavaScript code injection
9/10
#45 Critical
WP Database Injection
SQL injection in WordPress
10/10
#46 Critical
WP Backdoor Installation
Installation of backdoors
10/10
#47 Medium
WP SEO Spam
SEO spam and link injection
6/10
#48 Medium
WP Content Scraping
Automated content scraping
5/10
#49 Medium
WP Fake SEO Bot
Malicious SEO crawlers
6/10
#50 High
WP Redirect Hijacking
Manipulation of redirects
7/10
#51 High
WP Resource Exhaustion
DoS through resource consumption
7/10
#52 Medium
WP Media Library Abuse
Abuse of media library
5/10
#53 Medium
WP Search Abuse
Overload of search function
4/10
#54 Medium
WP Cron Abuse
Abuse of WP-Cron
6/10
#55 Medium
WP User Enumeration
Enumeration of WordPress users
6/10
#56 High
WP Version Scanning
Scanning for WordPress versions
7/10
#57 High
WP Plugin Scanning
Detection of installed plugins
7/10
#58 High
WP Config Exposure
Access to wp-config.php
8/10

Using Categories in the API

When reporting an IP via the /report endpoint, include the category ID in your request to classify the type of threat observed. The category severity directly influences the confidence score.

Report with Category

curl 
curl -X POST \
     -H "X-Key: YOUR_API_KEY" \
     -H "Content-Type: application/json" \
     -d '{"ip": "1.2.3.4", "categories": [4, 15], "comment": "Brute force SSH + port scan"}' \
     "https://reportedip.de/wp-json/reportedip/v2/report"
200 OK
json 
{
  "meta": {
    "success": true,
    "code": 200,
    "message": "IP reported successfully."
  },
  "data": {
    "ip": "1.2.3.4",
    "abuseConfidencePercentage": 42,
    "totalReports": 5
  }
}

Retrieve All Categories

You can fetch the full list of categories programmatically:

curl 
curl "https://reportedip.de/wp-json/reportedip/v2/categories"
Tip: Higher severity categories have a greater impact on the confidence score. Always choose the most accurate category for your report — it helps the community make better blocking decisions.

Severity Scale

The severity scale ranges from 1 to 10 and maps to four threat levels:

Level Severity Description Example
Low 1 – 3 Minor or informational threats Web scraping, comment spam
Medium 4 – 6 Moderate threats requiring attention Brute force login, credential stuffing
High 7 – 8 Serious threats with potential damage SQL injection, XSS attacks
Critical 9 – 10 Severe threats requiring immediate action DDoS, ransomware, zero-day exploits
Security Focused
GDPR Compliant
Made in Germany
Back to Docs