IP地址滥用检索API是一种旨在支持计算机系统中的安全性、监控和流量分析过程的工具。它的主要功能是提供关于IP历史的结构化和综合信息,包括滥用报告、事件频率、检测到的活动类型以及与网络服务提供商相关的元数据。这些信息使开发人员、系统管理员和网络安全团队能够就如何处理传入或传出的连接做出明智的决策。
该API从多个来源收集数据,包括报告潜在可疑行为的自动和手动来源,例如未经授权的连接尝试、端口扫描、暴力破解攻击或异常流量。此外,它还整合了上下文信息,例如互联网服务提供商、来源国家、网络使用类型以及白名单或黑名单状态。所有这些信息以标准化响应的形式呈现,便于应用程序处理。
该API的一个关键价值是滥用评分或置信水平,它有助于区分确认的恶意活动和自动安全系统生成的误报。
{"ip":"8.8.8.8","is_listed":false,"confidence_of_abuse":0,"total_reports":14,"distinct_reporters":8,"first_reported_at":"2026-01-15","last_reported_at":"2026-01-22","is_recent_activity":true,"isp":"Google LLC","usage_type":"Content Delivery Network","asn":null,"hostname":"dns.google","domain":"google.com","country":"United States of America","country_code":"US","city":null,"region":null,"reports":[{"reported_at":"2026-01-22T20:28:34Z","reporter":134282,"comment":"Unauthorized connection attempt","categories":[14,15,20]},{"reported_at":"2026-01-20T16:49:05Z","reporter":134282,"comment":"Unauthorized connection attempt","categories":[14,15,20]},{"reported_at":"2026-01-20T11:02:29Z","reporter":116616,"comment":"Detected port scanning activity (SIP\/VoIP scanner).","categories":[8,14,15,18]},{"reported_at":"2026-01-20T06:07:19Z","reporter":209271,"comment":"Blocked by UFW (TCP on 52983)\nSource port: 53\nTTL: 112\nPacket length: 40\nTOS: 0x00\n\nThis report (for 8.8.8.8) was generated by:\nhttps:\/\/github.com\/sefinek\/UFW-AbuseIPDB-Reporter","categories":[14]},{"reported_at":"2026-01-20T03:29:35Z","reporter":264073,"comment":"...","categories":[18,22]},{"reported_at":"2026-01-19T05:43:19Z","reporter":209271,"comment":"Blocked by UFW (TCP on 52128)\nSource port: 53\nTTL: 113\nPacket length: 40\nTOS: 0x00\n\nThis report (for 8.8.8.8) was generated by:\nhttps:\/\/github.com\/sefinek\/UFW-AbuseIPDB-Reporter","categories":[14]},{"reported_at":"2026-01-18T06:56:55Z","reporter":258755,"comment":"Auto-reported by Fail2Ban (NPM-Auth)","categories":[18,21]},{"reported_at":"2026-01-18T05:11:10Z","reporter":264073,"comment":"...","categories":[18,22]},{"reported_at":"2026-01-17T23:07:19Z","reporter":56171,"comment":"ThreatBook Intelligence: Whitelist,cdn more details on https:\/\/threatbook.io\/ip\/8.8.8.8\n2026-01-17 01:28:07 \/cgi-bin\/network_config\/nsg_masq.cgi?user_name=admin&session_id=..\/&lang=zh_CN.UTF-8&act=2&proto=;ls>\/usr\/local\/lyx\/lyxcenter\/web\/SpVk.html;","categories":[21]},{"reported_at":"2026-01-17T08:25:47Z","reporter":209271,"comment":"Blocked by UFW (TCP on 65265)\nSource port: 53\nTTL: 117\nPacket length: 40\nTOS: 0x00\n\nThis report (for 8.8.8.8) was generated by:\nhttps:\/\/github.com\/sefinek\/UFW-AbuseIPDB-Reporter","categories":[14]},{"reported_at":"2026-01-17T06:28:36Z","reporter":261807,"comment":"Fail2Ban identified brute-force attack from 8.8.8.8","categories":[22]},{"reported_at":"2026-01-17T04:02:14Z","reporter":44461,"comment":"IPFire IPS Alert (2026-01-17): ET MALWARE Possible Tinba DGA NXDOMAIN Responses. Observed events: 1","categories":[21]},{"reported_at":"2026-01-16T10:16:38Z","reporter":209271,"comment":"Blocked by UFW (TCP on 64329)\nSource port: 53\nTTL: 117\nPacket length: 40\nTOS: 0x00\n\nThis report (for 8.8.8.8) was generated by:\nhttps:\/\/github.com\/sefinek\/UFW-AbuseIPDB-Reporter","categories":[14]},{"reported_at":"2026-01-15T15:05:06Z","reporter":134282,"comment":"Unauthorized connection attempt","categories":[14,15,20]}],"scraped_at":"2026-01-23T12:53:32Z","is_whitelisted":true,"is_public":true,"_cached":true,"_cache_key":"ipx_api:abuse_check:8_8_8_8"}
curl --location --request GET 'https://zylalabs.com/api/11760/ip+address+abuse+retrieval+api/22307/ip+verification?ip=8.8.8.8' --header 'Authorization: Bearer YOUR_API_KEY'
| 标头 | 描述 |
|---|---|
授权
|
[必需] 应为 Bearer access_key. 订阅后,请查看上方的"您的 API 访问密钥"。 |
无长期承诺。随时升级、降级或取消。 免费试用包括最多 50 个请求。
GET IP验证端点返回有关IP地址声誉的数据,包括滥用报告 Recent活动 网络上下文以及ISP和原产国等元数据
响应中的关键字段包括“ip”、“is_listed”、“confidence_of_abuse”、“total_reports”、“distinct_reporters”、“first_reported_at”、“last_reported_at”和“reports”,这些字段详细说明了特定的滥用事件
响应数据采用JSON格式结构,顶级字段提供摘要信息,嵌套的“reports”数组详细描述个别滥用事件,包括时间戳和评论
该端点提供有关滥用报告、事件频率、检测到的活动类型、ISP 详细信息以及 IP 的白名单或黑名单状态的信息,帮助进行安全评估
API从多个来源汇总数据,包括自动化系统和手动报告,这些来源跟踪可疑行为,比如未经授权的访问尝试和端口扫描
数据准确性通过来自可靠来源的持续更新和过滤虚假积极结果的质量检查得以保持,从而确保滥用评分反映真实威胁
典型的使用案例包括增强网络安全 监控流量以发现可疑活动 以及根据IP声誉做出有关允许或阻止连接的明智决策
用户可以分析“滥用信心”分数来评估风险,查看特定事件的“报告”,并使用ISP和国家信息在其安全协议中对IP的行为进行背景化
服务级别:
100%
响应时间:
124ms
服务级别:
100%
响应时间:
1,944ms
服务级别:
100%
响应时间:
935ms
服务级别:
100%
响应时间:
152ms
服务级别:
100%
响应时间:
361ms
服务级别:
100%
响应时间:
119ms
服务级别:
100%
响应时间:
169ms
服务级别:
100%
响应时间:
7ms
服务级别:
100%
响应时间:
0ms
服务级别:
100%
响应时间:
645ms
