IOC Scout
HomeAPI PreviewAPI DocsPricing
IOC Scout
Threat Intelligence Data FeedThreat Intelligence APIThreat Intelligence Lookup
DocumentationFAQStatisticsAbout Us
Contact us

IoCScout API and Lookup

  • Comprehensive IP Security Assessment – Evaluate potential risks associated with any IP address.
  • Actionable Threat Intelligence – Gain valuable insights into emerging threats and malicious activities.
  • Enhanced with Comprehensive Data Enrichment – Leverage extensive contextual data for deeper analysis.
  • Built for Security Engineers, by Security Engineers – Designed to meet real-world challenges.
  • Powered by Advanced Algorithms – Utilizes AI-based approach for accurate threat detection.

Examples: ...

Use Cases

Automated Threat Detection

Leverage our APIs to identify and flag indicators of compromise (IoCs) in real time, enhancing threat visibility and response.

Security Data Enrichment

Supplement alerts and incidents with contextual intelligence, enabling security analysts to assess threat severity, prioritize risks, and respond more effectively.

SIEM & SOAR Integration

Connect with SIEM and SOAR platforms to automate threat detection, streamline workflows, and improve incident response efficiency.

Our Data Enrichments

IP Threat Assessment

Determine whether an IP is classified as Safe, Suspicious or a Threat along with its type.

  • Status
  • Threat Score
  • Threat Class

IP Geolocation

Obtain the geographic position information for the IP address.

  • Country
  • Region
  • City

Proxy Detection

Identify public VPNs or TOR exit nodes.

  • Tor Exit Node Flag
  • Public VPN Provider

Reverse DNS (PTR)

Retrieve the PTR record and compare whether the reverse and direct resolution results match.

  • PTR Record
  • Records Match Flag

Benign Infrastructure Info

Verify if the IP belongs to any known crawler, bot, or service.

  • Name
  • Description
  • Reference URLs

Known IPs

Display information on IP addresses connected to recognized internet services not performing infrastructure scans or crawls.

  • Name
  • Description
  • Reference URLs

Autonomous System Info

Display AS details.

  • ASN
  • Name
  • URL

IP Address Range Info

Retrieve registration information for the range the address belongs to, supplemented with its general threat level.

  • Threat Score
  • Registrar Organization Details
  • Range Borders
  • Network Name
  • Contact information

Malicious Activity Details

Provide specific details regarding the exact attack attempted from the IP address.

  • Type of Attack
  • Signatures
  • CVEs

Covered Threat Types

Attack

Malicious activity detected from the host.

C2 (C&C)

Known command and control hosts.

Malware

Nodes related to malicious software distribution.

Phishing

Phishing activity IoCs.

Spam

Unsolicited bulk messaging.

Suspicious

Activity not confirmed as malicious, such as website scraping.

Our Data Sources

OSINT

Threat intelligence is collected from a wide range of publicly available data sources.

Honeypots & Sensors

Our custom network of honeypots captures and analyzes attacker infrastructure, providing valuable insights into emerging threats.

Algorithmic & Machine Learning Analysis

Leveraging known IoCs, we predict and identify potential threats, rigorously validating them before adding these data to our database.

Abuse Reports

We aggregate and analyze abuse reports to extract actionable threat intelligence.

In-House Research

Our research team independently investigates and validates new IoCs, ensuring up-to-date threat intelligence.

Proprietary Data Enrichment

We continuously collect, process, and standardize key enrichment data, including IP geolocation, proxy lists, reverse DNS, WHOIS, and more.