security.ip-block

AbuseIPDB subnet (CIDR) check — which IPs inside a network block have been reported for abuse. Pass network as a CIDR (e.g. 118.25.0.0/24; AbuseIPDB supports up to /16 for IPv4, /112 for IPv6). Returns the block metadata (network/netmask/min-max addresses, possible hosts, address-space description) plus reportedAddress: each flagged IP with numReports, abuseConfidenceScore, mostRecentReport, and country. Optional maxAgeInDays (1-365, default 30) and limit. Use to vet a hosting range, score a customer's netblock, or sweep your own allocation.

price
$0.0024 USDC per call
method
GET/api/security/ip-block
payment
x402 v2 · USDC on Base (EIP-3009) or Solana (SPL transfer)
auth
None. Sign the payment, retry with PAYMENT-SIGNATURE.
tier
Tier 0 — no paid upstream

Parameters

NameTypeDescription
networkrequiredstring
min 5 chars · max 50 chars
maxAgeInDaysinteger
min 1 · max 365
limitinteger
min 1 · max 1000

Code samples

cURLbash
# 1. Probe with no auth → 402 envelope with PaymentRequirements
curl -sS 'https://2s.io/api/security/ip-block?network=xxxxx&maxAgeInDays=30&limit=100'

# 2. Sign + retry with PAYMENT-SIGNATURE:
curl -sS 'https://2s.io/api/security/ip-block?network=xxxxx&maxAgeInDays=30&limit=100' \
  -H 'PAYMENT-SIGNATURE: <base64-json-payload>'

# Or use the canonical runner (handles probe → sign → retry):
#   EVM_PRIVATE_KEY=0x... node --env-file=.env.local \
#     --experimental-strip-types scripts/x402-pay.ts \
#     'https://2s.io/api/security/ip-block?network=xxxxx&maxAgeInDays=30&limit=100'
TypeScript / Node — @2sio/sdktypescript
import { TwoS } from '@2sio/sdk'

const client = new TwoS({
  privateKey: process.env.EVM_PRIVATE_KEY as `0x${string}`,
})

const result = await client.security.ipBlock({
  "network": "xxxxx",
  "maxAgeInDays": 30,
  "limit": 100
})

console.log('endpoint:', result.endpoint)
console.log('cost:', result.costUsd, 'USDC')
console.log('tx:', result.settlement?.txHash)
console.log('data:', result.data)
Python — 2siopython
import os
from twosio import TwoS

client = TwoS(private_key=os.environ["EVM_PRIVATE_KEY"])

result = client.security.ip_block(network="xxxxx", maxAgeInDays=30, limit=100)

print("endpoint:", result.endpoint)
print("cost:", result.cost_usd, "USDC")
print("tx:", (result.settlement or {}).get("tx_hash"))
print("data:", result.data)
MCP — Claude Desktop / AgentKit / any MCP hostjson
// 1. Add @2sio/mcp to your MCP host config (Claude Desktop example below).
//    EVM_PRIVATE_KEY funds x402 payments per call.

// claude_desktop_config.json
{
  "mcpServers": {
    "2sio": {
      "command": "npx",
      "args": ["-y", "@2sio/mcp"],
      "env": { "EVM_PRIVATE_KEY": "0x..." }
    }
  }
}

// 2. Once the server is running, agents call this tool via standard MCP:

{
  "jsonrpc": "2.0",
  "id": 1,
  "method": "tools/call",
  "params": {
    "name": "security.ip-block",
    "arguments": {
      "network": "xxxxx",
      "maxAgeInDays": 30,
      "limit": 100
    }
  }
}

Response

FieldTypeDescription
okboolean
one of: true
itemsarray
totalintegerTotal matching rows upstream; null when unknown.
sourceobject
metaobject
Example response datajson
{
  "ok": true,
  "items": [
    {
      "networkAddress": "example",
      "netmask": "example",
      "minAddress": "example",
      "maxAddress": "example",
      "numPossibleHosts": 1,
      "addressSpaceDesc": "example",
      "reportedAddress": [
        {
          "ipAddress": "example",
          "numReports": 1,
          "mostRecentReport": "example",
          "abuseConfidenceScore": 1,
          "countryCode": "example"
        }
      ]
    }
  ],
  "total": 1,
  "source": {
    "provider": "example",
    "url": "example",
    "license": "example"
  },
  "meta": {
    "network": "example"
  }
}

Discovery

2s.io is x402-native. Every call is paid per-request from a USDC-funded EVM wallet on Base — no signup, no API keys, no monthly fees. Source code: github.com/2s-io/sdk.