IOC扫描 API API ID: 12658

实时威胁情报用于文件哈希 IPv4 地址域名和 URL — 单次调用超过 70 个供应商判断

通过 MCP 从您的 AI 代理使用此 API

支持 OpenClaw、Claude Code/Desktop、Cursor、Windsurf、Cline 以及任何兼容 MCP 的 AI 客户端。

文档和设置

通过封装此 MCP 创建技能： https://mcp.zylalabs.com/mcp?apikey=YOUR_ZYLA_API_KEY

API概述

IoC查询是一个实时威胁情报API，回答一个简单的问题："这个指标危险吗？"

发送四种指标类型中的任何一种，文件哈希（MD5 / SHA-1 / SHA-256）、URL、IPv4地址或域名——获取结构化的风险概览，帮助您更快理解该指标。

供应商级洞察：比较来自70+个安全引擎的意见，包括BitDefender、Sophos、Forcepoint、Cisco、ESET、Kaspersky、Fortinet、McAfee等。
信誉摘要：快速评估一个指标是可信的、可疑的还是恶意的。
检测分析：审查恶意、可疑、无害和未检测到的数量，以便更快做出决策。
特定指标上下文：根据指标类型获取相关的丰富数据，例如域、IP、URL或文件相关的情报。

响应要点

IoC查询的响应可以根据指标类型包含安全供应商分析、检测统计、信誉数据、类别、威胁名称、URL元数据、重定向、响应代码、外部链接、追踪器、DNS记录、WHOIS数据、证书详情、沙箱裁决、接触域/IP以及文件情报。

您可以用这个API做什么？

🔎 查询URL、域名、IP和哈希
🛡️ 检查供应商级安全分析
📊 审查恶意、可疑、无害和未检测到的数量
🌐 检查URL重定向、元数据、响应代码和追踪器
🧩 分析域名数据，如DNS、WHOIS、证书和信誉
📁 调查具有文件元数据、威胁标签和沙箱结果的哈希

响应模型

每个成功的请求返回：

{
  "is_success": true,
  "response_code": 200,
  "message": "成功",
  "data": {
    "example": "特定指标有效载荷"
  }
}

使用案例

`GET /url`

查询一个URL——网络钓鱼、篡改、内容分类和供应商裁决。

提示：传递包括方案的完整URL。查询字符串和片段被接受但会在内部规范化。

`GET /hash`

按MD5、SHA-1或SHA-256查询文件。

返回文件元数据、签名信息、行为标签和70+个供应商裁决。

`GET /ip`

查询IPv4地址——信誉、ASN/网络所有权、国家和供应商裁决。

注意：当前不支持IPv6。

`GET /domain`

查询一个域名——信誉、WHOIS、DNS记录、流行排名、内容类别和JARM指纹。

需要定制的东西或需要支持吗？

想要不同的响应格式、大批量查询选项、定制集成或设置帮助吗？给我们发个私信，我们很乐意支持您。

API 文档

端点

URL扫描 Endpoint ID: 24484

返回 URL 声誉、供应商裁决、重定向、响应代码、页面元数据、外部链接、追踪器和响应头。

                                                                            
GET https://docs.zylalabs.com/api/12658/ioc+scan+api/24484/url+scan

URL扫描 - 端点功能

对象	描述

剩余免费测试请求：3 / 3。

输入参数

query

此端点不需要任何输入参数。

API 示例响应

{
  "data": {
    "analysis_date": 1779749608,
    "categories": {
      "BitDefender": "searchengines",
      "Forcepoint ThreatSeeker": "search engines and portals",
      "Sophos": "search engines",
      "alphaMountain.ai": "Search Engines/Portals (alphaMountain.ai)"
    },
    "hash_id": "9d116b1b0c1200ca75016e4c010bc94836366881b021a658ea7f8548b6543c1e",
    "modification_date": 1779749657,
    "reputation": 210,
    "search_type": "url",
    "security_vendor_analysis": {
      "0xSI_f33d": {
        "method": "blacklist",
        "engine_name": "0xSI_f33d",
        "category": "undetected",
        "result": "unrated"
      },
      "ADMINUSLabs": {
        "method": "blacklist",
        "engine_name": "ADMINUSLabs",
        "category": "harmless",
        "result": "clean"
      },
      "AILabs (MONITORAPP)": {
        "method": "blacklist",
        "engine_name": "AILabs (MONITORAPP)",
        "category": "harmless",
        "result": "clean"
      },
      "Abusix": {
        "method": "blacklist",
        "engine_name": "Abusix",
        "category": "harmless",
        "result": "clean"
      },
      "Acronis": {
        "method": "blacklist",
        "engine_name": "Acronis",
        "category": "harmless",
        "result": "clean"
      },
      "AlienVault": {
        "method": "blacklist",
        "engine_name": "AlienVault",
        "category": "harmless",
        "result": "clean"
      },
      "AlphaSOC": {
        "method": "blacklist",
        "engine_name": "AlphaSOC",
        "category": "undetected",
        "result": "unrated"
      },
      "Antiy-AVL": {
        "method": "blacklist",
        "engine_name": "Antiy-AVL",
        "category": "harmless",
        "result": "clean"
      },
      "ArcSight Threat Intelligence": {
        "method": "blacklist",
        "engine_name": "ArcSight Threat Intelligence",
        "category": "undetected",
        "result": "unrated"
      },
      "AutoShun": {
        "method": "blacklist",
        "engine_name": "AutoShun",
        "category": "undetected",
        "result": "unrated"
      },
      "Bfore.Ai PreCrime": {
        "method": "blacklist",
        "engine_name": "Bfore.Ai PreCrime",
        "category": "harmless",
        "result": "clean"
      },
      "BitDefender": {
        "method": "blacklist",
        "engine_name": "BitDefender",
        "category": "harmless",
        "result": "clean"
      },
      "Bkav": {
        "method": "blacklist",
        "engine_name": "Bkav",
        "category": "harmless",
        "result": "clean"
      },
      "BlockList": {
        "method": "blacklist",
        "engine_name": "BlockList",
        "category": "harmless",
        "result": "clean"
      },
      "Blueliv": {
        "method": "blacklist",
        "engine_name": "Blueliv",
        "category": "harmless",
        "result": "clean"
      },
      "CINS Army": {
        "method": "blacklist",
        "engine_name": "CINS Army",
        "category": "harmless",
        "result": "clean"
      },
      "CRDF": {
        "method": "blacklist",
        "engine_name": "CRDF",
        "category": "harmless",
        "result": "clean"
      },
      "Sangfor": {
        "method": "blacklist",
        "engine_name": "Sangfor",
        "category": "harmless",
        "result": "clean"
      },
      "Sucuri SiteCheck": {
        "method": "blacklist",
        "engine_name": "Sucuri SiteCheck",
        "category": "harmless",
        "result": "clean"
      },
      "ThreatHive": {
        "method": "blacklist",
        "engine_name": "ThreatHive",
        "category": "harmless",
        "result": "clean"
      },
      "URLQuery": {
        "method": "blacklist",
        "engine_name": "URLQuery",
        "category": "harmless",
        "result": "clean"
      },
      "URLhaus": {
        "method": "blacklist",
        "engine_name": "URLhaus",
        "category": "harmless",
        "result": "clean"
      },
      "VIPRE": {
        "method": "blacklist",
        "engine_name": "VIPRE",
        "category": "undetected",
        "result": "unrated"
      },
      "VX Vault": {
        "method": "blacklist",
        "engine_name": "VX Vault",
        "category": "harmless",
        "result": "clean"
      },
      "Viettel Threat Intelligence": {
        "method": "blacklist",
        "engine_name": "Viettel Threat Intelligence",
        "category": "harmless",
        "result": "clean"
      },
      "ViriBack": {
        "method": "blacklist",
        "engine_name": "ViriBack",
        "category": "harmless",
        "result": "clean"
      },
      "Webroot": {
        "method": "blacklist",
        "engine_name": "Webroot",
        "category": "harmless",
        "result": "clean"
      },
      "Xcitium Verdict Cloud": {
        "method": "blacklist",
        "engine_name": "Xcitium Verdict Cloud",
        "category": "undetected",
        "result": "unrated"
      },
      "Yandex Safebrowsing": {
        "method": "blacklist",
        "engine_name": "Yandex Safebrowsing",
        "category": "harmless",
        "result": "clean"
      },
      "ZeroCERT": {
        "method": "blacklist",
        "engine_name": "ZeroCERT",
        "category": "harmless",
        "result": "clean"
      },
      "ZeroFox": {
        "method": "blacklist",
        "engine_name": "ZeroFox",
        "category": "undetected",
        "result": "unrated"
      },
      "alphaMountain.ai": {
        "method": "blacklist",
        "engine_name": "alphaMountain.ai",
        "category": "harmless",
        "result": "clean"
      },
      "desenmascara.me": {
        "method": "blacklist",
        "engine_name": "desenmascara.me",
        "category": "harmless",
        "result": "clean"
      }
    },
    "security_vendor_analysis_stats": {
      "malicious": 0,
      "suspicious": 0,
      "undetected": 27,
      "harmless": 65,
      "timeout": 0
    },
    "tags": [
      "external-resources"
    ],
    "threat_names": [
      
    ],
    "url": "https://google.com/",
    "url_content": {
      "final_url": "https://www.google.com/",
      "meta": {
        "viewport": null,
        "theme-color": null,
        "apple-mobile-web-app-title": null,
        "description": null,
        "og:description": null,
        "twitter:description": null,
        "og:site_name": null,
        "og:type": null,
        "og:title": null,
        "twitter:title": null,
        "og:url": null,
        "monetag": null
      },
      "outgoing_links": [
        "https://about.google/?fg=1\u0026utm_source=google-US\u0026utm_medium=referral\u0026utm_campaign=hp-header",
lmC2Q8",
        "https://www.google.com",
        "http://www.w3.org/2000/svg"
      ],
      "redirections": [
        "https://google.com/",
        "https://www.google.com/"
      ],
      "response_code": 200,
      "response_content_length": 186183,
      "response_headers": {
        "accept-ch": "Sec-CH-Prefers-Color-Scheme\nDownlink\nRTT\nSec-CH-UA-Form-Factors\nSec-CH-UA-Platform\nSec-CH-UA-Platform-Version\nSec-CH-UA-Full-Version\nSec-CH-UA-Arch\nSec-CH-UA-Model\nSec-CH-UA-Bitness\nSec-CH-UA-Full-Version-List\nSec-CH-UA-WoW64",
        "alt-svc": "h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000",
        "cache-control": "private, max-age=0",
        "content-encoding": "gzip",
        "content-length": "67039",
        "content-security-policy-report-only": "object-src 'none';base-uri 'self';script-src 'nonce-VHsCNA4zswj_MV6jXi7baA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp",
        "content-type": "text/html; charset=UTF-8",
        "cross-origin-opener-policy": "same-origin-allow-popups; report-to=\"gws\"",
        "date": "Mon, 25 May 2026 22:39:32 GMT",
        "expires": "-1",
        "p3p": "CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"",
        "permissions-policy": "unload=()",
        "report-to": "{\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}]}},"_note":"Response truncated for documentation purposes"}

URL扫描 - 代码片段


curl --location --request GET 'https://zylalabs.com/api/12658/ioc+scan+api/24484/url+scan' --header 'Authorization: Bearer YOUR_API_KEY'

哈希扫描 Endpoint ID: 24485

返回由哈希识别的文件的供应商分析、文件元数据（大小、类型、签名详情）和行为标签

                                                                            
GET https://docs.zylalabs.com/api/12658/ioc+scan+api/24485/hash+scan

哈希扫描 - 端点功能

对象	描述

剩余免费测试请求：3 / 3。

输入参数

query

此端点不需要任何输入参数。

API 示例响应

{
 "data": {
  "analysis_date": 1779457450,
  "authentihash": "",
  "bundled_files": null,
  "classification": {
   "popularthreatcategory": [
    {
     "count": 15,
     "value": "virus"
    },
    {
     "count": 2,
     "value": "trojan"
    }
   ],
   "popularthreatname": [
    {
     "count": 60,
     "value": "eicar"
    },
    {
     "count": 49,
     "value": "test"
    },
    {
     "count": 35,
     "value": "file"
    }
   ],
   "suggestedthreatlabel": "virus.eicar/test"
  },
  "contacted_domains": [
   {
    "categories": {},
    "dns_records": [
     {
      "priority": 0,
      "ttl": 20,
      "type": "A",
      "value": "23.195.81.107"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "A",
      "value": "23.195.81.72"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:6400::17c3:5132"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:6400::17c3:5138"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:6400::17c3:5133"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:6400::17c3:512b"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:6400::17c3:512a"
     }
    ],
    "dns_records_update_date": 1779222925,
    "domain": "a1666.dscr.akamai.net",
    "http_certificate": {
     "certsignature": {
      "algorithm": "1.2.840.10045.4.3.3",
      "signature": "306502306bb6476c04da114fb6452a16f836f18f769bc927530fa5ea8c353fdfa41d2c4c5140cc261b8f5818e07e166aad867bb6023100ee51adac1c1ff38aedc0b30683c6857eb53f8f54a1f3924aa86cf9a422e816574679c524d05e58fddf656c49d9f4efe1"
     },
     "extensions": {
      "authoritykeyid": {
       "keyid": "8a23eb9e6bd7f9375df96d2139769aa167de10a8"
      },
      "ca": false,
      "cainformationaccess": {
       "caissuers": "http://cacerts.digicert.com/DigiCertGlobalG3TLSECCSHA3842020CA1-2.crt",
       "ocsp": "http://ocsp.digicert.com"
      },
      "certificatepolicies": [
       "2.23.140.1.2.2"
      ],
      "crldistributionpoints": [
       "http://crl3.digicert.com/DigiCertGlobalG3TLSECCSHA3842020CA1-2.crl",
       "http://crl4.digicert.com/DigiCertGlobalG3TLSECCSHA3842020CA1-2.crl"
      ],
      "extendedkeyusage": [
       "serverAuth"
      ],
      "keyusage": [
       "digitalSignature",
       "keyAgreement"
      ],
      "subjectalternativename": [
       "a248.e.akamai.net",
       "*.akamaized.net",
       "*.akamaized-staging.net",
       "*.akamaihd.net",
       "*.akamaihd-staging.net"
      ],
      "subjectkeyidentifier": "af3247f9a94b6258e313388b8ac5ea796b5d61b4"
     },
     "issuer": {
      "c": "US",
      "cn": "DigiCert Global G3 TLS ECC SHA384 2020 CA1",
      "o": "DigiCert Inc"
     },
     "publickey": {
      "algorithm": "EC",
      "ec": {
       "oid": "secp256r1",
       "pub": "3059301306072a8648ce3d020106082a8648ce3d030107034200046fbac61c8cd25f45a6200a08947802a9a31d7435f7b0cf84f77e85d95afec5cca1dda22d285d7cd7ad6df2e7bd448a4e9e7cc8dbd3d082ca47f5937b6e87b0ae"
      }
     },
     "serialnumber": "373ab420f54941b555742d9ac890626",
     "size": 1485,
     "subject": {
      "c": "US",
      "cn": "a248.e.akamai.net",
      "o": "Akamai Technologies, Inc."
     },
     "thumbprint": "80b29fce36f71b99cdbb7138b2107d022d478af9",
     "thumbprintsha256": "792ce717b665ca8a0aedf9f7a3ba68bd15b7bf81da354e2c7dc4869bf9f22e62",
     "validity": {
      "notafter": "2026-12-22 23:59:59",
      "notbefore": "2025-12-22 00:00:00"
     },
     "version": "V3"
    },
    "http_certificate_updated_date": 1779222925,
    "jarm": "27d27d27d29d27d21c42d42d000000996c218236a1fd203fd29824aa76026c",
    "modification_date": 1779401619,
    "popularity_ranks": {
     "Cisco Umbrella": {
      "rank": 3676,
      "timestamp": 1779374295
     }
    },
    "reputation": -2,
    "security_vendor_analysis_stats": {
     "harmless": 57,
     "malicious": 0,
     "suspicious": 0,
     "timeout": 0,
     "undetected": 34
    },
    "tags": [],
    "tld": "net",
    "votes_result": {
     "harmless": 2,
     "malicious": 4
    },
    "whois": "Creation Date: 1999-03-03T05:00:00+0000\nCreation Date: 1999-03-03T05:00:00Z\nDNSSEC: unsigned\nDomain Name: AKAMAI.NET\nDomain Name: akamai.net\nDomain Status: clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)\nDomain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited\nDomain Status: clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)\nDomain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited\nDomain Status: clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)\nDomain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited\nDomain Status: serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)\nDomain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited\nDomain Status: serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)\nDomain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited\nDomain Status: serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)\nDomain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited\nName Server: NS1-1.AKAMAITECH.NET\nName Server: NS3-193.AKAMAITECH.NET\nName Server: NS4-193.AKAMAITECH.NET\nName Server: ZC.AKAMAITECH.NET\nName Server: ZD.AKAMAITECH.NET\nName Server: ZE.AKAMAITECH.NET\nName Server: ZG.AKAMAITECH.NET\nName Server: ZH.AKAMAITECH.NET\nName Server: ns1-1.akamaitech.net\nName Server: ns3-193.akamaitech.net\nName Server: ns4-193.akamaitech.net\nName Server: zc.akamaitech.net\nName Server: zd.akamaitech.net\nName Server: ze.akamaitech.net\nName Server: zg.akamaitech.net\nName Server: zh.akamaitech.net\nRegistrant Country: US\nRegistrant Email: 5ae50e5a8a6eacc9s@\nRegistrant Organization: efe514ac26d2f3a6\nRegistrar Abuse Contact Email: [email protected]\nRegistrar Abuse Contact Phone: +1.2086851750\nRegistrar Abuse Contact: https://corp.markmonitor.com/domain/ui/abuse-report\nRegistrar IANA ID: 292\nRegistrar Registration Expiration Date: 2027-03-03T00:00:00+0000\nRegistrar URL: http://www.markmonitor.com\nRegistrar WHOIS Server: whois.markmonitor.com\nRegistrar: MarkMonitor Inc.\nRegistrar: MarkMonitor, Inc.\nRegistry Domain ID: 4025973_DOMAIN_NET-VRSN\nRegistry Expiry Date: 2027-03-03T05:00:00Z\nUpdated Date: 2026-01-30T11:48:15+0000\nUpdated Date: 2026-01-30T11:48:15Z",
    "whois_update_date": 0
   },
   {
    "categories": {},
    "dns_records": [
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:e400:4::1737:ec48"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "AAAA",
      "value": "2600:1405:e400:4::1737:ec49"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "A",
      "value": "23.33.29.22"
     },
     {
      "priority": 0,
      "ttl": 20,
      "type": "A",
      "value": "23.33.29.9"
     }
    ],
    "dns_records_update_date": 1779408350,
    "domain": "a1672.dscr.akamai.net",
    "http_certificate": {
     "certsignature": {
      "algorithm": "1.2.840.10045.4.3.3",
      "signature": "306502306bb6476c04da114fb6452a16f836f18f769bc927530fa5ea8c353fdfa41d2c4c5140cc261b8f5818e07e166aad867bb6023100ee51adac1c1ff38aedc0b30683c6857eb53f8f54a1f3924aa86cf9a422e816574679c524d05e58fddf656c49d9f4efe1"
     },
     "extensions": {
      "authoritykeyid": {
       "keyid": "8a23eb9e6bd7f9375df96d2139769aa167de10a8"
      },
      "ca": false,
      "cainformationaccess": {
       "caissuers": "http://cacerts.digicert.com/DigiCertGlobalG3TLSECCSHA3842020CA1-2.crt",
       "ocsp": "http://ocsp.digicert.com"
      },
      "certificatepolicies": [
       "2.23.140.1.2.2"
      ],
      "crldistributionpoints": [
       "http://crl3.digicert.com/DigiCertGlobalG3TLSECCSHA3842020CA1-2.crl",
       "http://crl4.digicert.com/DigiCertGlobalG3TLSECCSHA3842020CA1-2.crl"
      ],
      "extendedkeyusage": [
       "serverAuth"
      ],
      "keyusage": [
       "digitalSignature",
       "keyAgreement"
      ],
      "subjectalternativename": [
       "a248.e.akamai.net",
       "*.akamaized.net",
       "*.akamaized-staging.net",
       "*.akamaihd.net",
       "*.akamaihd-staging.net"
      ],
      "subjectkeyidentifier": "af3247f9a94b6258e313388b8ac5ea796b5d61b4"
     },
     "issuer": {
      "c": "US",
      "cn": "DigiCert Global G3 TLS ECC SHA384 2020 CA1",
      "o": "DigiCert Inc"
     },
     "publickey": {
      "algorithm": "EC",
      "ec": {
       "oid": "secp256r1",
       "pub": "3059301306072a8648ce3d020106082a8648ce3d030107034200046fbac61c8cd25f45a6200a08947802a9a31d7435f7b0cf84f77e85d95afec5cca1dda22d285d7cd7ad6df2e7bd448a4e9e7cc8dbd3d082ca47f5937b6e87b0ae"
      }
     },
     "serialnumber": "373ab420f54941b555742d9ac890626",
     "size": 1485,
     "subject": {
      "c": "US",
      "cn": "a248.e.akamai.net",
      "o": "Akamai Technologies, Inc."
     },
     "thumbprint": "80b29fce36f71b99cdbb7138b2107d022d478af9",
     "thumbprintsha256": "792ce717b665ca8a0aedf9f7a3ba68bd15b7bf81da354e2c7dc4869bf9f22e62",
     "validity": {
      "notafter": "2026-12-22 23:59:59",
      "notbefore": "2025-12-22 00:00:00"
     },
     "version": "V3"
    },
    "http_certificate_updated_date": 1779408350,
    "jarm": "27d27d27d29d27d21c42d42d000000996c218236a1fd203fd29824aa76026c",
    "modification_date": 1779458161,
    "popularity_ranks": {
     "Cisco Umbrella": {
      "rank": 6126,
      "timestamp": 1779374295
     }
    },
    "reputation": -3,
    "security_vendor_analysis_stats": {
     "harmless": 60,
     "malicious": 0,
     "suspicious": 0,
     "timeout": 0,
     "undetected": 31
    },
    "tags": [],
    "tld": "net"}]},"_note":"Response truncated for documentation purposes"}

哈希扫描 - 代码片段


curl --location --request GET 'https://zylalabs.com/api/12658/ioc+scan+api/24485/hash+scan' --header 'Authorization: Bearer YOUR_API_KEY'

IP地址扫描 Endpoint ID: 24486

返回IP声誉供应商判决 ASN 网络所有权国家和相关威胁情报

                                                                            
GET https://docs.zylalabs.com/api/12658/ioc+scan+api/24486/ip+address+scan

IP地址扫描 - 端点功能

对象	描述

剩余免费测试请求：3 / 3。

输入参数

query

此端点不需要任何输入参数。

API 示例响应

{
 "data": {
  "analysis_date": 1779562485,
  "as_owner": "Google LLC",
  "asn": 15169,
  "communicating_files": [
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "aaddb47104d94939d9d2caa975db2cab",
    "modification_date": 1779170823,
    "names": [
     "RMS Module",
     "00000006e9d3a7e85d1f1e7711787b9a117655e249a565122ee12e9962199007.exe",
     "RMS.exe"
    ],
    "packers": {
     "F-PROT": "appended, 7Z",
     "PEiD": "Microsoft Visual C++",
     "Varist": "7zSFX, msi, 7zSFX, msi, 7zSFX, msi"
    },
    "reputation": -179,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 48,
     "suspicious": 0,
     "timeout": 1,
     "typeunsupported": 4,
     "undetected": 22
    },
    "sha1": "b4246b529fa6aa05e1d146070c64a8eacbccb9e1",
    "sha256": "00000006e9d3a7e85d1f1e7711787b9a117655e249a565122ee12e9962199007",
    "size": 6603814,
    "ssdeep": "196608:2fJuZjiz+Bi6jBy003L2uNIUmTpur/LjN2hyL:2fJCk+psHRNI9wDUo",
    "submission_count": 5,
    "submitted_date": 1773132804,
    "tags": [
     "peexe",
     "checks-usb-bus",
     "checks-user-input",
     "long-sleeps",
     "overlay",
     "detect-debug-environment",
     "executes-dropped-file"
    ],
    "tlsh": "T134663332BBD02573D12D877D6AD96EBCD7A6E2405F5ACE42B79C0C53A336025AF2D204",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 2,
     "malicious": 12
    }
   },
   {
    "magic": "ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, not stripped",
    "md5": "317228475fed0e69ddb8f8c62a7db890",
    "modification_date": 1778303098,
    "names": [
     "i686"
    ],
    "packers": null,
    "reputation": -35,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 46,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 11,
     "undetected": 19
    },
    "sha1": "82cb66767f857ef666d52a4460a0e02dd764d494",
    "sha256": "0000002a10959ec38b808d8252eed2e814294fbb25d2cd016b24bf853a44857e",
    "size": 104139,
    "ssdeep": "3072:SOGAEtZoGZKWl6u4YTnbHMbimmFVcqq0G27ZT:SqEtZ755nbHMbimmFVcqq0G27ZT",
    "submission_count": 3,
    "submitted_date": 1720670185,
    "tags": [
     "elf",
     "sets-process-name",
     "service-scan"
    ],
    "tlsh": "T112A3F972E642CA72C44306F102A79A6B0D21BE7B0A3A5E86F32C3DB49F334C97555F59",
    "type_description": "ELF",
    "type_tag": "elf",
    "type_tags": [
     "executable",
     "linux",
     "elf"
    ],
    "votes_result": {
     "harmless": 1,
     "malicious": 3
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "c535fac305240858dbcbfe62d1b94d0b",
    "modification_date": 1779130775,
    "names": [
     "file-archive_FjMixC2ckw.exe"
    ],
    "packers": null,
    "reputation": -64,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 48,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 23
    },
    "sha1": "b76f64978ef6d3fcced57c9e35b19f4525a2250b",
    "sha256": "000000663c7400a78ee27404b7b7a8d2705aff4cc1fd2ddc8e1ebff2c4875913",
    "size": 5223977,
    "ssdeep": "98304:fCT9rG4QJjW6Tq4ZhO1zpsl+0werXZV65QcISds:KTaTq2cpstFXZVIoSq",
    "submission_count": 1,
    "submitted_date": 1709790524,
    "tags": [
     "checks-network-adapters",
     "detect-debug-environment",
     "peexe",
     "calls-wmi",
     "checks-user-input",
     "overlay"
    ],
    "tlsh": "T1F036336529B10CB4D9E0CC726DEAF92C4E621E615C35327936EE531E7DA3AF4032E712",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 1,
     "malicious": 5
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows",
    "md5": "f8e4463d1c88d17459948623fb2cb370",
    "modification_date": 1775496564,
    "names": [
     "SearchHelper.exe",
     "ibqjwyqw.exe"
    ],
    "packers": null,
    "reputation": 0,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 68,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 4
    },
    "sha1": "2d9db4ca202b44c7d32db628c74dbb8a7bb91263",
    "sha256": "000000716fa472f01dbafd6f3adc57f4c476b11854d8304ee36afea88397ba45",
    "size": 457875,
    "ssdeep": "12288:vqtC9qtzxXV4SvYQq1UbkHwv5Rh2vwAur/NE0Mei:SEArXV4uq1UbkTvRu5E0s",
    "submission_count": 1,
    "submitted_date": 1598337037,
    "tags": [
     "checks-user-input",
     "peexe",
     "overlay",
     "spreader",
     "detect-debug-environment",
     "persistence"
    ],
    "tlsh": "T1E3A4BFFEB556A40FD2AED7F1051429BE9FAB8143E36834FE9FE9290FB287C448594401",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 0
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "cc17c4e2805306984a614f5dcb3915e7",
    "modification_date": 1778005216,
    "names": [
     "lhgew.exe"
    ],
    "packers": null,
    "reputation": -6,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 66,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 6
    },
    "sha1": "39d39d2ef7c05d8afc2848e8ae2a08e55ca422a3",
    "sha256": "00000075d77e227cdb2d386181e42f42b579eb16403143dc54cd4a3d17fc8622",
    "size": 126976,
    "ssdeep": "1536:KYsz45Y9hRO/N69BH3OoGa+FLHjKceRgrkOSoINeGUmE:tGKY9hkFoN3Oo1+FvfSW",
    "submission_count": 3,
    "submitted_date": 1508179641,
    "tags": [
     "direct-cpu-clock-access",
     "runtime-modules",
     "persistence",
     "long-sleeps",
     "checks-network-adapters",
     "checks-usb-bus",
     "checks-user-input",
     "peexe"
    ],
    "tlsh": "T18EC3FDAAFB82107DF156017C16DAE6F337A578059D6BD08ABB34B2A40CDAD1108FD763",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 6
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "d041c6e0156b87978a54ab6a49f66593",
    "modification_date": 1779552882,
    "names": [
     "VDFSURfs",
     "VDFSURfs.exe",
     "Vobfus.EFPC",
     "00000078afd5c2441b0a4ca628c1b7bcc961a68f2b779d281af6d2af405b5f1a.exe",
     "00000078afd5c2441b0a4ca628c1b7bcc961a68f2b779d281af6d2af405b5f1a"
    ],
    "packers": {
     "PEiD": "Microsoft Visual Basic v5.0/v6.0"
    },
    "reputation": -120,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 68,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 3
    },
    "sha1": "0a6d717d33329bbc794ac3d608d197e276654228",
    "sha256": "00000078afd5c2441b0a4ca628c1b7bcc961a68f2b779d281af6d2af405b5f1a",
    "size": 155648,
    "ssdeep": "3072:H3sVvl3Po5+tTjFqV+t3DRGCKBiAKN4oQZiEx0:SQ5+t8+NDR5AWWs",
    "submission_count": 8,
    "submitted_date": 1774472088,
    "tags": [
     "persistence",
     "peexe",
     "direct-cpu-clock-access",
     "checks-usb-bus",
     "checks-network-adapters",
     "runtime-modules",
     "checks-user-input"
    ],
    "tlsh": "T16EE3941676D0F27EC415CAF43D2A4394A475ED3625D2AC13FAC22F2AB6B2D67D220353",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 9
    }
   },
   {
    "magic": "PDF document, version 1.5 (zip deflate encoded)",
    "md5": "c649ac1182cbc6dab413d81e7bb6407b",
    "modification_date": 1778303454,
    "names": [
     "PTC_CT_Mtg2_Agenda"
    ],
    "packers": null,
    "reputation": -1,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 0,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 12,
     "undetected": 63
    },
    "sha1": "d5bbd6242ded2c35d73cf4039956c156f35ccdbf",
    "sha256": "0000007e69ce5aed0e23ca1c5f85ac2bda42f71f84841aea9db049633b7a1677",
    "size": 47168,
    "ssdeep": "768:gnQft0yE3ujmbVyo9JkjySFGuq2C2mD9QOYYiYVe81Wo6UAT16j90Dc33G:gkzje0o2Mu3C2+uYiYt1v6VT16jTnG",
    "submission_count": 7,
    "submitted_date": 1626195519,
    "tags": [
     "pdf",
     "detect-debug-environment",
     "checks-network-adapters",
     "direct-cpu-clock-access",
     "checks-user-input",
     "long-sleeps",
     "runtime-modules"
    ],
    "tlsh": "T13023E1999F72ACC825413B64BB60496AC98750D7A4892D03B9ACC6D34F00DE3EC79DE7",
    "type_description": "PDF",
    "type_tag": "pdf",
    "type_tags": [
     "document",
     "pdf"
    ],
    "votes_result": {
     "harmless": 2,
     "malicious": 3
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows",
    "md5": "3ba651bc817e38f3aa04da9257ea9c0d",
    "modification_date": 1778724307,
    "names": [
     "ShareIt Service.exe",
     "shareit service.exe"
    ],
    "packers": null,
    "reputation": -5,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 67,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 5
    },
    "sha1": "9d71c4a3b517adebe25e06fc64772c9bb9da0ac0"}]},"_note":"Response truncated for documentation purposes"}

IP地址扫描 - 代码片段


curl --location --request GET 'https://zylalabs.com/api/12658/ioc+scan+api/24486/ip+address+scan' --header 'Authorization: Bearer YOUR_API_KEY'

域名扫描 Endpoint ID: 24487

返回域名声誉供应商判决 WHOIS DNS记录人气排名 JARM指纹和内容类别

                                                                            
GET https://docs.zylalabs.com/api/12658/ioc+scan+api/24487/domain+scan

域名扫描 - 端点功能

对象	描述

剩余免费测试请求：3 / 3。

输入参数

query

此端点不需要任何输入参数。

API 示例响应

{
 "data": {
  "analysis_date": 1779580805,
  "categories": {
   "BitDefender": "searchengines",
   "Forcepoint ThreatSeeker": "search engines and portals",
   "Sophos": "search engines"
  },
  "communicating_files": [
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "1bcbb0093803273fd15a09cb434bfdb9",
    "modification_date": 1778005485,
    "names": [
     "ngIu.exe"
    ],
    "packers": null,
    "reputation": -58,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 67,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 5
    },
    "sha1": "c76062ece727bcafd460ed93a084454dc5617188",
    "sha256": "0000005a57419b46ddb7b88e3a10ad2da3f29140e6280766d84f84e363e1646d",
    "size": 576000,
    "ssdeep": "12288:eOzcB899uB5sWl7Ug156imU5OtqBe9I8MtPKOuCW2WeoGqJqQ+GMlm:pzysW9rn6B9qVPKOlWgwqQND",
    "submission_count": 1,
    "submitted_date": 1584420649,
    "tags": [
     "runtime-modules",
     "spreader",
     "direct-cpu-clock-access",
     "peexe",
     "long-sleeps",
     "detect-debug-environment",
     "checks-cpu-name",
     "checks-user-input",
     "persistence"
    ],
    "tlsh": "T15AC41234E9DE9F25CFAAC6F6C52B2C57C14A0CE77F30B2499198A1B52552707CE81E0B",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 4
    }
   },
   {
    "magic": "Zip archive data, at least v2.0 to extract, compression method=deflate",
    "md5": "5e4542dcda95154db9d1aa424e4254fa",
    "modification_date": 1779039482,
    "names": [
     "5e4542dcda95154db9d1aa424e4254fa.virus"
    ],
    "packers": null,
    "reputation": -57,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 24,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 7,
     "undetected": 44
    },
    "sha1": "34846812eb6ad8e421e49155dbf81a3a6ff8a2bf",
    "sha256": "000000a512a847e8ed28fdaf433d6dd601a88d74e5dd7d71bd07817b1ce3a2a2",
    "size": 3729047,
    "ssdeep": "49152:Cc64JrERNAGCd8VXMvSl3TM07ubIBiZL250fy6EroFz8F8E8eiXZy0aiTg/tuYvg:RpERN4d8VXmeIbd2eFco1iHiJ5aV/TO3",
    "submission_count": 1,
    "submitted_date": 1509406289,
    "tags": [
     "reflection",
     "contains-elf",
     "obfuscated",
     "checks-network-adapters",
     "android",
     "telephony",
     "runtime-modules",
     "apk",
     "cve-2009-1157",
     "exploit"
    ],
    "tlsh": "T120060142FB48E41EC4B7D4338AA2427265514D058542EB1B3A4DB31CAFF7ECA5B4EEC9",
    "type_description": "Android",
    "type_tag": "android",
    "type_tags": [
     "executable",
     "mobile",
     "android",
     "apk"
    ],
    "votes_result": {
     "harmless": 1,
     "malicious": 4
    }
   },
   {
    "magic": "Google Chrome extension, version 3",
    "md5": "25d517c5ccdd71630c185b8017f64bdb",
    "modification_date": 1779287137,
    "names": [
     "cjighmmbcdpbfnhinpakjloafcpmefgl.1.5.crx",
     "vmdazz.exe",
     "tmp0hybweho"
    ],
    "packers": null,
    "reputation": 0,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 6,
     "harmless": 0,
     "malicious": 0,
     "suspicious": 0,
     "timeout": 1,
     "typeunsupported": 14,
     "undetected": 54
    },
    "sha1": "f4ed89ca2f281faeadbecd5359bf82d17f2c6823",
    "sha256": "00000181a1a133b9b7dc2b1f1485bf984ee560a10952953d8504bdd705c8d2cc",
    "size": 22085,
    "ssdeep": "384:pfiVlVqdU+wxU1QqEBNE3AlpPFhJXE05VM3JXE05214+Bpupc02g7Vg0G:parMU+M9LEWpND35el352aiYO0ra0G",
    "submission_count": 2,
    "submitted_date": 1779279825,
    "tags": [
     "crx"
    ],
    "tlsh": "T1B1A2D09F6C922405F417673187CD8943DE6A22AC530F357AACC497E948B5E93FF2206B",
    "type_description": "Google Chrome Extension",
    "type_tag": "crx",
    "type_tags": [
     "crx",
     "chrome",
     "extension",
     "browser"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 0
    }
   },
   {
    "magic": "HTML document, ASCII text, with very long lines (4836u)",
    "md5": "f65ef442e711637cb952e36a55270dd3",
    "modification_date": 1779337592,
    "names": [
     "VirusShare_f65ef442e711637cb952e36a55270dd3"
    ],
    "packers": null,
    "reputation": -1,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 2,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 14,
     "undetected": 59
    },
    "sha1": "7c9395103485b281466636a97194626825d6a477",
    "sha256": "000001c3351e7fd50ce5500c79a0021ad5f9e2c5bbef41301253e6931a41f790",
    "size": 31900,
    "ssdeep": "768:X11pKVAqnd+qq9oxoB2meRleHeAQIj+xD2SqU:X1/KVhnd+xmoB3eRleHeAQICxz",
    "submission_count": 4,
    "submitted_date": 1745387906,
    "tags": [
     "html",
     "contains-embedded-js"
    ],
    "tlsh": "T1DAE26CA3BD74641CFB5AC9ACBC17BA19F9499B26C401A0A4D4FD8F1E06C6F97803539C",
    "type_description": "HTML",
    "type_tag": "html",
    "type_tags": [
     "internet",
     "html"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 1
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "dccccec175b74b267330c30f0711b811",
    "modification_date": 1778304355,
    "names": [
     "idle.exe"
    ],
    "packers": null,
    "reputation": -56,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 64,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 8
    },
    "sha1": "93e2d5b1e72252bb7e1ce8c38b8c67bd5d922330",
    "sha256": "000001e41599558a88da7cf4549285f6bab7bc348f4fd780aaaf27df8552fb02",
    "size": 276451,
    "ssdeep": "6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2x8FNjtO+y+x51:Zv1nWdQP1EDhZPxkjtO+5f1",
    "submission_count": 1,
    "submitted_date": 1665060364,
    "tags": [
     "peexe",
     "overlay",
     "direct-cpu-clock-access",
     "persistence",
     "upx",
     "detect-debug-environment",
     "spreader",
     "runtime-modules"
    ],
    "tlsh": "T1AE44F11FB1ED1F41C23A9DBB32724E36D81DCC75B80C54E9E7AD7664A9F8AA1016063C",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 2
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "e9aaa45159dacbc596ebefb6311eae54",
    "modification_date": 1779170977,
    "names": [
     "nsMi.exe"
    ],
    "packers": null,
    "reputation": -55,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 66,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 6
    },
    "sha1": "63d59d09f942caaf635f80d5c8df69e5db0261d6",
    "sha256": "000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27",
    "size": 669184,
    "ssdeep": "12288:ntlgpnsDQ1wbmdtrN+1HFbqr8b7DIQiSf+DwnRP4kgr5ZXtmhDN7BrgcGAmhicdS:ntJDQ1cmdtSbqfbaRPTr7BrgcGAmhic0",
    "submission_count": 1,
    "submitted_date": 1595107319,
    "tags": [
     "peexe",
     "runtime-modules",
     "persistence",
     "spreader",
     "direct-cpu-clock-access",
     "detect-debug-environment",
     "checks-user-input",
     "long-sleeps"
    ],
    "tlsh": "T1C0E4E0B3845858DDDAC6F4F11FDE7DB205ACDC3E93A79C882152BC6004E96A432FA15E",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 1
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "f2920f79fdaba16992898520c718f47b",
    "modification_date": 1777703362,
    "names": [
     "mxgy4oe0q.exe",
     "ewcq.exe"
    ],
    "packers": null,
    "reputation": -55,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 0,
     "failure": 0,
     "harmless": 0,
     "malicious": 64,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 6
    },
    "sha1": "7ea365c37233ddf17e9630479a4d1947299ec946",
    "sha256": "0000037207f3e7a827998846d7a9c65b8de3e64069fad82c4e46f3236d7f9130",
    "size": 497152,
    "ssdeep": "12288:pRON45judSblzg4uQhQ+81L2JPKY11GTmoiXdMFeng:pcugdyRgzKgSPz1GTleieng",
    "submission_count": 1,
    "submitted_date": 1610388876,
    "tags": [
     "detect-debug-environment",
     "peexe",
     "runtime-modules",
     "direct-cpu-clock-access",
     "persistence",
     "long-sleeps",
     "spreader"
    ],
    "tlsh": "T1F1B4BECCD2367428EA2B0C3C6D607D3D264B62C855EDE67A2F1ED745AAD317C0B0B1A1",
    "type_description": "Win32 EXE",
    "type_tag": "peexe",
    "type_tags": [
     "executable",
     "windows",
     "win32",
     "pe",
     "peexe"
    ],
    "votes_result": {
     "harmless": 0,
     "malicious": 1
    }
   },
   {
    "magic": "PE32 executable (GUI) Intel 80386, for MS Windows",
    "md5": "bf22577720d623893c32bccefee3ea22",
    "modification_date": 1776243719,
    "names": [
     "bMMY.exe"
    ],
    "packers": null,
    "reputation": -56,
    "security_vendor_analysis_stats": {
     "confirmedtimeout": 1,
     "failure": 0,
     "harmless": 0,
     "malicious": 61,
     "suspicious": 0,
     "timeout": 0,
     "typeunsupported": 4,
     "undetected": 10
    },
    "sha1": "87f68048c885cc6dee1ebbff6adbe2c711e29077",
    "sha256": "0000037593b2616d896205f0dc4166ab83b87b3dab3db142f6bd8a465f837d80",
    "size": 875008,
    "ssdeep": "12288:1YJuwtBNaaMcJ1f8CIg4b7pipg9uaGVX8s3y463HWkFFFFNzDztxAjauKRR6D:msw9f/e9NGVMsCVHnAjauuQD",
    "submission_count": 1,
    "submitted_date": 1647669037}]},"_note":"Response truncated for documentation purposes"}

域名扫描 - 代码片段


curl --location --request GET 'https://zylalabs.com/api/12658/ioc+scan+api/24487/domain+scan' --header 'Authorization: Bearer YOUR_API_KEY'

API 访问密钥和身份验证

注册后，每个开发者都会被分配一个个人 API 访问密钥，这是一个唯一的字母和数字组合，用于访问我们的 API 端点。要使用 IOC扫描 API 进行身份验证，只需在 Authorization 标头中包含您的 bearer token。

标头

标头	描述
`授权`	[必需] 应为 `Bearer access_key`. 订阅后，请查看上方的"您的 API 访问密钥"。

问题

简单透明的定价

无长期承诺。随时升级、降级或取消。免费试用包括最多 50 个请求。

月度年度

(年度计费可节省 2 个月 🎉)

💫Basic

$24.99/月

1,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 60 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

Popular

⚡Pro

$49.99/月

5,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 120 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

🔥Pro Plus

$99.99/月

20,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 120 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

⚜️Premium

$199.99/月

100,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 150 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

🌟Elite

$499.99/月

300,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 150 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

💎Ultimate

$999.99/月

1,000,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 150 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

💫Basic

$20.83/月

1,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 60 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

Popular

⚡Pro

$41.66/月

5,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 120 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

🔥Pro Plus

$83.33/月

20,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 120 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

⚜️Premium

$166.66/月

100,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 150 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

🌟Elite

$416.66/月

300,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 150 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

💎Ultimate

$833.33/月

1,000,000 请求 / 月
然后 $0.0324870 如果超过限制，每次请求
速率限制: 150 reqs 每分钟
专业客户支持
实时 API 监控
包含无限数据传输

免费 7-天试用

无承诺。随时取消

🚀 企业版

起价
$ 10,000/年

自定义数量
自定义速率限制
专业客户支持
实时 API 监控

预约通话

客户喜爱的功能

✔︎ 仅支付成功请求
✔︎ 7 天免费试用
✔︎ 多语言支持
✔︎ 一个 API 密钥，所有 API。
✔︎ 直观的仪表板

✔︎ 全面的错误处理
✔︎ 开发者友好的文档
✔︎ Postman 集成
✔︎ 安全的 HTTPS 连接
✔︎ 可靠的正常运行时间

IOC扫描 API FAQs

响应数据中的关键字段有哪些

关键字段包括 `is_success`、`response_code`、`reputation_score`、`vendor_verdicts` 和特定类型的数据，例如域名的 WHOIS、哈希的文件元数据，以及 IP 的 ASN/网络详细信息

返回数据的格式和结构是什么

返回的数据结构为 JSON 格式，包含一个顶层对象，字段有 `is_success`、`response_code` 以及一个根据端点不同而变化的 `data` 对象，提供基于指标类型的相关细节

每个端点提供什么类型的信息

URL 端点提供声誉和威胁名称 Hash 端点提供文件元数据 IP 端点包括网络所有权和历史 WHOIS 域名端点提供 WHOIS 注册商信息和内容分类

响应数据是如何组织的

响应数据被组织成一个JSON对象，包含成功指示器、响应代码以及一个`data`部分，包含与查询的指标类型相关的具体细节，便于解析和分析

数据的来源是什么

数据来自70多家安全供应商，包括BitDefender、Sophos和Kaspersky，确保了对威胁情报的全面视角，并通过持续更新和供应商合作保持高准确性

此数据的典型使用案例是什么

典型的使用案例包括通过URL进行钓鱼检测通过文件哈希进行恶意软件分类通过IP分析识别欺诈信号以及通过监控域名声誉和相似域名来保护品牌

用户如何有效利用返回的数据

用户可以通过将返回的数据集成到安全工作流程中来利用这些数据，例如通过IP信誉增强防火墙、验证软件供应链中文件的安全性或者通过URL分类丰富威胁情报馈送

每个端点返回什么类型的数据

每个端点返回一个整合的声誉分数和来自超过70个安全供应商的详细分析对于网址，它包括内容分类对于哈希，它包括文件元数据对于IP，它包括网络所有权对于域名，它包括WHOIS和DNS记录

一般常见问题

什么是 Zyla API Hub？

Zyla API Hub 就像一个大型 API 商店，您可以在一个地方找到数千个 API。我们还为所有 API 提供专门支持和实时监控。注册后，您可以选择要使用的 API。请记住，每个 API 都需要自己的订阅。但如果您订阅多个 API，您将为所有这些 API 使用相同的密钥，使事情变得更简单。

价格以 USD（美元）、EUR（欧元）、CAD（加元）、AUD（澳元）和 GBP（英镑）列出。我们接受所有主要的借记卡和信用卡。我们的支付系统使用最新的安全技术，由 Stripe 提供支持，Stripe 是世界上最可靠的支付公司之一。如果您在使用卡片付款时遇到任何问题，请通过 [email protected]

此外，如果您已经以这些货币中的任何一种（USD、EUR、CAD、AUD、GBP）拥有有效订阅，该货币将保留用于后续订阅。只要您没有任何有效订阅，您可以随时更改货币。

如果我在定价页面上看到本地货币，为什么不能用它付款？

定价页面上显示的本地货币基于您 IP 地址的国家/地区，仅供参考。实际价格以 USD（美元）为单位。当您付款时，即使您在我们的网站上看到以本地货币显示的等值金额，您的卡片对账单上也会以美元显示费用。这意味着您不能直接使用本地货币付款。

我的付款被拒绝，我该怎么办？

有时，银行可能会因其欺诈保护设置而拒绝收费。我们建议您首先联系您的银行，检查他们是否阻止了我们的收费。此外，您可以访问账单门户并更改关联的卡片以进行付款。如果这些方法不起作用并且您需要进一步帮助，请通过 [email protected]

我的 API 订阅将如何收费？

价格由月度或年度订阅决定，具体取决于所选计划。

我的 API 调用将如何从我的计划中扣除？

API 调用根据成功请求从您的计划中扣除。每个计划都包含您每月可以进行的特定数量的调用。只有成功的调用（由状态 200 响应指示）才会计入您的总数。这确保失败或不完整的请求不会影响您的月度配额。

您的计费周期如何工作？

Zyla API Hub 采用月度订阅系统。您的计费周期将从您购买付费计划的那一天开始，并在下个月的同一日期续订。因此，如果您想避免未来的费用，请提前取消订阅。

如何升级我当前的 API 订阅计划？

要升级您当前的订阅计划，只需转到 API 的定价页面并选择您要升级到的计划。升级将立即生效，让您立即享受新计划的功能。请注意，您之前计划中的任何剩余调用都不会转移到新计划，因此在升级时请注意这一点。您将被收取新计划的全部金额。

如何查看本月我可以进行的剩余 API 调用次数？

要检查您本月剩余多少 API 调用，请参考响应标头中的 "X-Zyla-API-Calls-Monthly-Remaining" 字段。例如，如果您的计划允许每月 1,000 个请求，而您已使用 100 个，则响应标头中的此字段将显示 900 个剩余调用。

如何找出我的订阅计划允许的最大 API 请求数？

要查看您的计划允许的最大 API 请求数，请检查 "X-Zyla-RateLimit-Limit" 响应标头。例如，如果您的计划包括每月 1,000 个请求，此标头将显示 1,000。

如何知道我的速率限制何时重置？

"X-Zyla-RateLimit-Reset" 标头显示您的速率限制重置之前的秒数。这告诉您何时您的请求计数将重新开始。例如，如果它显示 3,600，则意味着还有 3,600 秒直到限制重置。

我可以随时取消吗？

是的，您可以随时通过访问您的账户并在账单页面上选择取消选项来取消您的计划。请注意，升级、降级和取消会立即生效。此外，取消后，您将不再有权访问该服务，即使您的配额中还有剩余调用。

7 天免费试用如何工作？

为了让您有机会在没有任何承诺的情况下体验我们的 API，我们提供 7 天免费试用，允许您免费进行最多 50 次 API 调用。此试用只能使用一次，因此我们建议将其应用于您最感兴趣的 API。虽然我们的大多数 API 都提供免费试用，但有些可能不提供。试用在 7 天后或您进行了 50 次请求后结束，以先发生者为准。如果您在试用期间达到 50 次请求限制，您需要"开始您的付费计划"以继续发出请求。您可以在个人资料中的订阅 -> 选择您订阅的 API -> 定价标签下找到"开始您的付费计划"按钮。或者，如果您在第 7 天之前不取消订阅，您的免费试用将结束，您的计划将自动计费，授予您访问计划中指定的所有 API 调用的权限。请记住这一点以避免不必要的费用。