Compromise Detection

Compromise Detection (V1)

curl --request POST \
  --url https://api.threatbook.io/v1/ioc/query

{
  "msg": "Success",
  "data": {
    "ips": {
      "183.18.2.4:8080": {
        "judgments": [
          "Dynamic IP",
          "Gateway"
        ],
        "whitelist": false,
        "family": [],
        "severity": "info",
        "APT": false,
        "threat_actor": [],
        "tag_categories": [],
        "confidence_level": "high",
        "threat_level": "safe"
      }
    }
  },
  "response_code": 200
}

POST

ioc

query

Compromise Detection (V1)

curl --request POST \
  --url https://api.threatbook.io/v1/ioc/query

{
  "msg": "Success",
  "data": {
    "ips": {
      "183.18.2.4:8080": {
        "judgments": [
          "Dynamic IP",
          "Gateway"
        ],
        "whitelist": false,
        "family": [],
        "severity": "info",
        "APT": false,
        "threat_actor": [],
        "tag_categories": [],
        "confidence_level": "high",
        "threat_level": "safe"
      }
    }
  },
  "response_code": 200
}

Query Parameters

apikey

string

required

Your API Key.

You are able to get the key on "My API" page of i.threatbook.io.

Kindly note: Please check if you have bound your access IP to the key and have the authority quotas to access this API before you interact with it.

resource

string

required

Domain names / IP address / IP:Port to query.

You are allowed to query a domain or IP address with a port to get more accurate intelligence, for example:

Domain to query:

googlenew.moy.su
IPv4 with port to query:

183.18.2.4:8080
IPv6 with port to query:

[2001:0db8:0000:0000:0001:0000:0000:0000]:80

Response

msg

string

required

Allowed value: "Success"

data

object

required

Show child attributes

response_code

integer

required

IP Report(Community)IP Intelligence

⌘I

API Documentation

Enrichment

Feeds

Query Parameters

Response