diff --git a/GET-%2Fprotection%2Fincidents%2F%7BipAddress%7D.md b/GET-%2Fprotection%2Fincidents%2F%7BipAddress%7D.md
new file mode 100644
index 0000000..4f79840
--- /dev/null
+++ b/GET-%2Fprotection%2Fincidents%2F%7BipAddress%7D.md
@@ -0,0 +1,118 @@
+## **GET /protection/incidents/{ipAddress}**
+
+
+## **Inhalt**
+---
+- Parameter
+- Optionale Parameter
+- Beispiel Anfrage
+- Beispiel Antwort
+- Mögliche Fehlermeldungen
+---
+
+### Parameter
+
+|URL Parameter | Typ | Beschreibung|
+|----------|-----|-------------|
+|- | -| -
+
+|Body Parameter | Typ | Beschreibung|
+|----------|-----|-------------|
+| - | - | - |
+
+
+---
+
+### Optionale Parameter
+
+|Query-String Parameter | Typ | Beschreibung|
+|----------|-----|-------------|
+|?page       | integer | Beschreibt die aktuelle Seitenzahl
+|?limit      | integer | Beschreibt wieviele Elemente pro Seite angezeigt werden sollen
+|?size       | integer | Beschreibt wieviele Elemente geholt werden sollen (Maximal 1000, Standard 500)
+
+---
+
+### Beispiel Anfrage
+
+##### PHP
+```php
+<?php
+
+$curl = curl_init();
+
+curl_setopt_array($curl, array(
+  CURLOPT_URL => 'control.local/api/v2/protection/incidents/192.168.1.2',
+  CURLOPT_CUSTOMREQUEST => 'GET',
+  CURLOPT_HTTPHEADER => array(
+    'X-TOKEN: test-token',
+    'Content-Type: application/json'
+  ),
+));
+
+$response = curl_exec($curl);
+
+curl_close($curl);
+echo $response;
+```
+
+##### cURL
+```bash
+curl --location --request GET 'control.local/api/v2//protection/incidents/192.168.1.2' \
+--header 'X-TOKEN: test-token' \
+--header 'Content-Type: application/json'
+```
+
+---
+
+### Beispiel Antwort
+
+```json
+{
+    "status": "OK",
+    "totalResults": 1,
+    "page": 1,
+    "itemsPerPage": 25,
+    "maxPages": 1,
+    "items": [
+        {
+            "@_timestamp": "2022-05-31T22:21:42+02:00",
+            "@timestamp": "2022-05-31T22:21:42+02:00",
+            "cluster": "ffm3",
+            "custom": "4485",
+            "ip": "192.168.1.2",
+            "mbps": "1064",
+            "method": "Threshold reached",
+            "mode": "l4_dynamic",
+            "packetsize": "",
+            "pps": "91750",
+            "sample_count": 20,
+            "samples": [
+                {
+                    "bytes": 1450,
+                    "icmp_code": 0,
+                    "icmp_type": 0,
+                    "ip_dst": "192.168.1.2",
+                    "ip_protocol": 17,
+                    "ip_src": "X.X.X.X",
+                    "ip_ttl": 56,
+                    "port_dst": 22,
+                    "port_src": 33983,
+                    "tcp_flags": 0,
+                    "time": 1654028500,
+                    "vlan_dst": 61,
+                    "vlan_src": 73
+                },
+              // ....
+            ],
+            "uuid": "ae398eda-5bfc-4ba7-b32e-5e1168811620"
+        }
+    ]
+}
+```
+
+### Mögliche Fehlermeldungen
+
+> :warning: Status Code **403** - Permission denied
+
+> :warning: Status Code **500** - Payment Methods could not be fetched!
\ No newline at end of file