WAYSCloud IP Intelligence Platform - API Documentation

=== BASIC IP LOOKUP ===
GET  /                    - Smart endpoint (dashboard/IP based on user-agent)
GET  /ip                  - Your IP address (plain text)
GET  /json                - Your IP address (JSON format)
GET  /json/{ip}           - IP metadata in JSON
GET  /geo/{ip}            - Geolocation data for IP
GET  /country/{ip}        - Country for IP (plain text)
GET  /reverse/{ip}        - Reverse DNS lookup

=== ABUSE REPORTING ===
POST /report              - Submit abuse report (requires Bearer token)
POST /report/legacy       - Legacy abuse reporting (no auth required)
POST /register            - Register as abuse reporter

=== ANALYTICS & INTELLIGENCE ===
GET  /api/dashboard/stats - Dashboard statistics
GET  /api/stats/requests  - Request statistics
GET  /api/stats/abuse     - Abuse statistics
GET  /api/stats/activity  - Live activity feed
GET  /api/search/{query}  - Search IP intelligence
GET  /api/threats/live    - Live threat feed
GET  /api/threats/countries - Attack source countries
GET  /api/visitor-ip      - Visitor IP with geolocation

=== SYSTEM ===
GET  /health              - Health check
GET  /status              - System status
GET  /headers             - Request headers
GET  /help                - This help

=== AUTHENTICATION ===
Most endpoints require no authentication. Abuse reporting requires:
- Bearer token: Authorization: Bearer YOUR_TOKEN
- Or use /report/legacy for unauthenticated reports

=== FAIL2BAN INTEGRATION ===
1. Register your server:
   curl -X POST https://ip.wayscloud.services/register -H "Content-Type: application/json" \
     -d '{"name":"MyServer fail2ban","contact":"you@example.com","intent":"fail2ban","source_type":"automated"}'

2. Save your API token from the response

3. Create reporter script at /usr/local/bin/wayscloud-report.sh (see FAIL2BAN_INTEGRATION.md)

4. Add action to fail2ban: /etc/fail2ban/action.d/wayscloud.conf

5. Enable in jails: action = %(action_mwl)s
                           wayscloud[category=ssh_bruteforce]

Full guide: https://github.com/wayscloud/ip-service/blob/main/FAIL2BAN_INTEGRATION.md

=== THREAT CATEGORIES ===
ssh_bruteforce, http_auth_bruteforce, http_ddos, smtp_bruteforce,
imap_bruteforce, cms_attack, port_scan, exploit_attempt, malware_c2,
repeat_offender, botnet, cryptocurrency_mining

=== EXAMPLES ===
curl ip.wayscloud.services/json
curl ip.wayscloud.services/geo/157.180.31.156
curl ip.wayscloud.services/api/search/81.226.87.67
curl -H "Authorization: Bearer TOKEN" -d '{"ip":"185.40.4.38","category":"ssh_bruteforce","session_id":"fail2ban-host-20251015-18540438"}' ip.wayscloud.services/report

Documentation: https://ip.wayscloud.services/docs