Aggregate threat data from AbuseIPDB, VirusTotal, and 10+ VPN & proxy sources. Investigate anonymous traffic in seconds — ipcheq2 has no marketing fluff, no noise.
Built for security analysts and developers who need accurate IP intelligence without fighting through bloated dashboards. Stop hitting query limits and wading through fluff.
Investigate dozens of IPs at once. Bulk results surface patterns quickly so you can triage threats without switching contexts.
Network OmniscienceExtend bundled data with your own lists. Point the config at any local file and ipcheq2 picks it up automatically.
ExtensibleOne binary bundles all provider data. Install anywhere — Linux or Windows — and you're up and running in seconds.
PortableRefresh iCloud Private Relay data from the CLI without downloading a new binary. Stay current without the friction.
Always FreshRun a full Web UI for visual investigations, a headless API for programmatic access, or both simultaneously.
AgileClean, direct output. No upsell banners, no marketing copy — just the signal you need to make a decision.
Marketing is limited to this site :)Industry-standard threat APIs combined with constantly updated provider blocklists — all resolved in a single lookup.
ipcheq2 is designed to grow. Open a PR with a blocklist file, or file an issue with a link and we'll get it bundled. Community-driven coverage is the backbone of our data.
Request a source →Use the Web UI for visual triage, the API for automation pipelines, or the CLI to query from your terminal.
Browser-based dashboard for visual IP investigation. Multi-result views, clean layouts, no noise.
JSON REST API for programmatic access. Drop it into your security automation, SIEM, or SOAR pipeline. Built with Agents in mind ✨
Query ipcheq2 straight from your terminal. Pipe results, script lookups, integrate into shell workflows.
You'll need an AbuseIPDB API key (required) and optionally a VirusTotal API key. Configure via ~/.config/ipcheq2/keys.yaml or environment variables.