Incident list, newest first
API · /cryptohacks-api
Crypto Hacks API
healthy
3,309 Subscribers
A live database of cryptocurrency and DeFi hacks, exploits and thefts — every major on-chain theft on record, powered by the public DeFiLlama hacks dataset, no key, nothing stored. Each incident carries the victim, the amount stolen in US dollars, the date, the attack technique (flash-loan oracle manipulation, reentrancy, private-key compromise, access-control exploit and more), a higher-level classification, the chain or chains involved, the target type (DeFi protocol, centralized exchange, bridge, wallet, token) and how much, if any, was later returned. The hacks endpoint returns the incident list newest-first, filterable by chain, technique, target type, classification, year and minimum loss. The biggest endpoint ranks the largest exploits of all time by dollars stolen — from the multi-billion-dollar bridge and exchange breaches down. The stats endpoint aggregates the whole dataset: total stolen, incident count, funds returned, and breakdowns by attack technique, chain, target type and year. This is the crypto-security and exploit-history cut — risk and post-mortem data distinct from the price, market, TVL, fees and on-chain APIs in the catalogue.
api.oanor.com/cryptohacks-api
API health
healthy- Uptime
- 100.00%
- Server probes · 24h
- Avg latency
- 113 ms
- Server probes · 24h
- Subscribers
- 3,309
- active
- Total calls
- 4
- last 7 days
Pricing
Pick a tier — billed monthly, cancel anytime.
Free
Free
- 20,000 calls / month
- 3 requests / second
- Hard cap (429 above quota, no overage)
- 20k calls/month
- 3 req/sec
- All endpoints
- No credit card
Starter
€7.95 /month
- 225,000 calls / month
- 10 requests / second
- Hard cap (429 above quota, no overage)
- 225k calls/month
- 10 req/sec
- Email support
Pro
€23.10 /month
- 950,000 calls / month
- 28 requests / second
- Hard cap (429 above quota, no overage)
- 950k calls/month
- 28 req/sec
- Priority support
Scale
€52.90 /month
- 3,300,000 calls / month
- 60 requests / second
- Hard cap (429 above quota, no overage)
- 3.3M calls/month
- 60 req/sec
- Dedicated SLA
Built by
Related APIs
Other APIs with overlapping tags.
Firi Nordic Exchange API
Live order-book exchange data from Firi, the regulated Norwegian crypto venue and the largest in the Nordics, over its public API — no key, nothing stored. This is the regional venue view for the Norwegian krone (NOK) and Danish krone (DKK) order books: Nordic on-exchange price discovery, distinct from the global-aggregate and the other regional-exchange APIs in the catalogue. The ticker endpoint returns a pair full market summary — last traded price, 24h high/low, the 24h change percent, day volume and the live best bid, best ask and spread. The orderbook endpoint returns the live limit-order book — top bids and asks with cumulative depth and the bid/ask spread — so you can read on-venue liquidity. The trades endpoint returns the most recent executed trades with price, amount, side and time. The markets endpoint lists every NOK and DKK pair the venue trades with its last price and day volume. Coins traded include BTC, ETH, XRP, SOL, ADA, LTC, BNB, DOT and USDC, quoted in NOK and DKK, updated live. Build a pair from coin plus fiat (coin=btc, fiat=nok) or pass it directly (pair=ETHDKK).
api.oanor.com/firi-api
L2BEAT Rollup Risk & TVS API
Live Ethereum layer-2 / rollup risk and value-secured data from L2BEAT — no key, nothing stored. L2BEAT's signature is its independent risk framework: every rollup is rated by maturity Stage (Stage 0 / 1 / 2) and assessed across the canonical risk dimensions — sequencer failure, state validation, data availability, exit window and proposer failure — each carrying a good / warning / bad sentiment and a plain-language explanation. This is the rollup-risk and total-value-secured (TVS) view, distinct from the L2 economics/fundamentals and the on-chain per-chain APIs in the catalogue. The projects endpoint lists every tracked L2 with its type (Optimistic Rollup, ZK Rollup, Validium, layer3…), category, host chain, maturity Stage, TVS and 7-day change. The project endpoint returns one rollup in full — the TVS breakdown (native / canonical / external, and ether / stablecoin / btc / other), the Stage, providers, purposes and the complete risk assessment. The risks endpoint returns just the risk rosette for a rollup with a sentiment tally. The summary endpoint aggregates the whole ecosystem — total TVS, project count and the distribution by Stage and by type. More than a hundred rollups tracked, updated live. Project lookup is by slug (arbitrum, base, optimism, zksync-era, scroll, linea, starknet).
api.oanor.com/l2beat-api
Independent Reserve Exchange API
Live order-book exchange data from Independent Reserve, the regulated Australian / New Zealand crypto venue, over its public API — no key, nothing stored. This is the regional venue view for the AUD, USD, NZD and SGD order books: Australasian and Singapore on-exchange price discovery, distinct from the global-aggregate and the other regional-exchange APIs in the catalogue. The ticker endpoint returns a pair market summary — last traded price, 24h high/low, day volume, the live best bid and offer and the implied spread. The orderbook endpoint returns the live limit-order book — top bids and asks with cumulative depth and the bid/ask spread — so you can read on-venue liquidity. The trades endpoint returns the most recent executed trades. The history endpoint returns the hourly trade-history summary for the last N hours (per-hour open/high/low/close, volume and trade count). The markets endpoint lists every supported coin and the four fiat quote currencies. Forty-one cryptos (BTC, ETH, SOL, XRP and more) quoted against AUD, USD, NZD and SGD, updated live. Currency codes are case-insensitive and BTC is accepted either as btc or its upstream code xbt.
api.oanor.com/independentreserve-api
Token Approval Security API
Live audit of the token approvals (allowances) a crypto wallet has granted, and the risk of the contracts it has approved to spend its tokens — powered by the public GoPlus Security data, no key, nothing stored. Token approvals are the single most common way wallets get drained: once you approve a contract to move a token, a malicious or compromised spender can take it whenever it likes. This is the allowance-hygiene layer — the data behind tools like revoke.cash. The approvals endpoint lists every token a wallet has approved, who it approved (the spender contract), how much was approved and when, and whether that spender is flagged as malicious, trusted or unverified, together with a risk summary counting the dangerous approvals to revoke. The contract endpoint profiles a single spender contract before you approve it — its name, whether it is open-source, its creator, deploy time and risk tags. The chains endpoint lists the 40-plus supported blockchains. Catch wallet-draining allowances before they cost a user everything. This is the approval / allowance-risk cut — distinct from the token-contract-security, scam-detection and on-chain APIs in the catalogue.
api.oanor.com/approvalsecurity-api
Frequently asked questions
Quick answers about pricing, quotas, and integration.
How do I get an API key for Crypto Hacks API?
Sign up for free at oanor.com, generate an API key from the developer dashboard, and call Crypto Hacks API with the x-oanor-key header. No credit card needed for the free tier.
What's the rate limit for Crypto Hacks API?
Free tier allows 1 request per second. Paid plans scale up to 50 requests per second on the Mega tier. Hard limits return HTTP 429 above the quota — no surprise overage charges.
How much does Crypto Hacks API cost?
Crypto Hacks API has a free tier with 100 calls / month. Paid plans start at €7.95 / month with higher quotas and faster rate limits.
Can I cancel my subscription anytime?
Yes. Plans are billed monthly and you can cancel anytime from your billing dashboard. No long-term contracts and no cancellation fee.
Is Crypto Hacks API GDPR-compliant?
All requests to Crypto Hacks API go through our EU-based gateway. Your upstream API key never leaves our server and no personal data is shared with the upstream provider beyond the request you send.
Pick an endpoint from the list on the left to see its details and try it.
Code snippets
Sign up to get an API key, then call any path under your slug.
curl https://api.oanor.com/cryptohacks-api/SOME_PATH \
-H "x-oanor-key: oanor_test_..."const res = await fetch("https://api.oanor.com/cryptohacks-api/SOME_PATH", {
headers: { "x-oanor-key": "oanor_test_..." }
});
const data = await res.json();$ch = curl_init("https://api.oanor.com/cryptohacks-api/SOME_PATH");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ["x-oanor-key: oanor_test_..."]);
$response = curl_exec($ch);import requests
r = requests.get(
"https://api.oanor.com/cryptohacks-api/SOME_PATH",
headers={"x-oanor-key": "oanor_test_..."},
)
print(r.json())Ratings
Sign in to rate.
No reviews yet.
Discussion
Ask questions, share usage tips, get answers from the provider and other developers. Public — anyone can read.
Sign in to start a thread or reply.
Sign inNew thread
📌 Pinned
🔒 Locked
·
·
·
-
Provider answer
🔒 This thread is locked — no new replies.
-
·
- No threads yet — start the discussion.
Support
Private 1:1 support with the provider — billing questions, integration issues, account problems. Only you and the provider team can see these threads.
Sign in to open a support ticket.
Sign inOpen new ticket
Describe what you need help with. The provider team gets an email and replies on the ticket page.
-
·
Urgent - No tickets yet for this API.