Threat Management
The Threat Management APIs allow you to retrieve threat analysis data from L3C Threat Analytics or VirusTotal for a given threat indicator such as IP address, domain, or URL.
End Points
Advanced Threat Analytics Search
VirusTotal Search
Advanced Threat Analytics Search
Fetches threat analysis data from L3C Threat Analytics for a given indicator.
Rate limit: 50 requests per minute per account.
OAuth Scope : logs360cloud.threat.READ
Role : Administrator
Arguments
indicator
string
(Required)
The threat indicator value — an IP address, domain, or URL.
Max length: 2048
Max length: 2048
indicator_type
string
Type of the threat indicator.
Allowed values: IP, DOMAIN, URL.
Note: when `DOMAIN` is supplied, the server normalizes the indicator and returns `indicator_type: "URL"` in the response payload.
Allowed values: IP, DOMAIN, URL.
Note: when `DOMAIN` is supplied, the server normalizes the indicator and returns `indicator_type: "URL"` in the response payload.
action
string
(Required)
The analysis operation to perform.
Allowed values:
Allowed values:
INFO — Retrieves reputation score, threat category, and key attributes for the indicator.HISTORY — Retrieves reputation score history over a date range. filter.start_date and filter.end_date are required for URL and DOMAIN indicators.WHOIS_INFO — Retrieves WHOIS and geo-location details (city, country, ASN, ISP, coordinates).STATS — Retrieves related indicator statistics grouped by section.CONNECTIONS — Retrieves connected items for a specific section. Requires filter.section, filter.severity, limit, and from.INIT_DATA — Retrieves combined INFO and WHOIS_INFO data in a single call.
filter
object
Additional filter parameters for certain operations.
start_date
string
Start date for history queries (ISO 8601 format).
Max length: 30
Required for the
The start date cannot be set earlier than 1 year prior to the current date.
Max length: 30
Required for the
HISTORY action when the indicator type is URL or DOMAIN.The start date cannot be set earlier than 1 year prior to the current date.
end_date
string
End date for history queries (ISO 8601 format).
Max length: 30
Required for the
Date range between start date and end date cannot be greater than 180 days.
Max length: 30
Required for the
HISTORY action when the indicator type is URL or DOMAIN.Date range between start date and end date cannot be greater than 180 days.
section
string
Connection section filter.
Max length: 50
Required when action is CONNECTIONS.
Allowed values based on indicator type:
URL / DOMAIN:
IP:
FILE:
Max length: 50
Required when action is CONNECTIONS.
Allowed values based on indicator type:
URL / DOMAIN:
virtuallyhosted, sub_domains, hosted_files, hosted_apps, hosting_ips, common_registrantIP:
hosted_urls, asn, hosted_files, hosted_appsFILE:
outbound_ips, hosting_ips, outbound_urls, hosting_urls
severity
integer
Threat level filter for connections.
Minimum: 0 (malicious)
Maximum: 4 (trustworthy)
Required when action is CONNECTIONS.
Minimum: 0 (malicious)
Maximum: 4 (trustworthy)
Required when action is CONNECTIONS.
limit
integer
Number of items to retrieve. Required when action is CONNECTIONS.
Minimum: 1
Maximum: 100
Minimum: 1
Maximum: 100
from
integer
Offset for pagination. Required when action is CONNECTIONS.
Minimum: 0
Maximum: 1000
Minimum: 0
Maximum: 1000
Headers
account_id
string
(Required)
parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/threat/search/advanced-threat-analytics"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
.url("https://log360cloud.manageengine.com/api/v2/threat/search/advanced-threat-analytics")
.post(body)
.addHeader("account_id", "18XXXXX4")
.addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'POST',
headers: {
account_id: '18XXXXX4',
Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
'content-type': 'application/json'
},
body: '{"field1":"value1","field2":"value2"}'
};
fetch('https://log360cloud.manageengine.com/api/v2/threat/search/advanced-threat-analytics', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPSConnection("log360cloud.manageengine.com")
payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"
headers = {
'account_id': "18XXXXX4",
'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
'content-type': "application/json"
}
conn.request("POST", "/api/v2/threat/search/advanced-threat-analytics", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("https");
const options = {
"method": "POST",
"hostname": "log360cloud.manageengine.com",
"port": null,
"path": "/api/v2/threat/search/advanced-threat-analytics",
"headers": {
"account_id": "18XXXXX4",
"Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();
curl --request POST \
--url https://log360cloud.manageengine.com/api/v2/threat/search/advanced-threat-analytics \
--header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
--header 'account_id: 18XXXXX4' \
--header 'content-type: application/json' \
--data '{"field1":"value1","field2":"value2"}'
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "INFO"
}
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "HISTORY",
"filter": {
"start_date": "2026-01-01T00:00:00Z",
"end_date": "2026-04-10T23:59:59Z"
}
}
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "WHOIS_INFO"
}
{
"indicator": "example.com",
"indicator_type": "DOMAIN",
"action": "INFO"
}
{
"indicator": "http://example.com",
"indicator_type": "URL",
"action": "INFO"
}
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "STATS"
}
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "CONNECTIONS",
"filter": {
"section": "hosted_urls",
"severity": 0
},
"limit": 50,
"from": 0
}
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "INIT_DATA"
}
{
"indicator": "8.8.8.8",
"indicator_type": "IP",
"action": "CONNECTIONS",
"filter": {
"section": "hosted_urls",
"severity": 0
},
"limit": 50,
"from": 0
}
{
"data": {
"info": {
"indicator": "8.8.8.8",
"reputation": 81,
"attributes": [
{
"name": "Indicator Type",
"value": "IP"
},
{
"name": "Threat Source",
"value": "-"
},
{
"name": "Threat Source Age",
"value": "-"
},
{
"name": "First Release Date",
"value": "-"
},
{
"name": "Last Release Date",
"value": "-"
},
{
"name": "Current Release Date",
"value": "-"
},
{
"name": "Status",
"value": "Not In Threat IP List"
},
{
"name": "Threat Category",
"value": "-"
},
{
"name": "Occurrences on Threat List",
"value": 0
}
],
"indicator_type": "IP"
}
}
}
{
"data": {
"whois_info": {
"indicator": "8.8.8.8",
"indicator_type": "IP",
"who_is_info_details": [
{
"header": "Location Details",
"values": [
{
"name": "City",
"value": "Mountain View"
},
{
"name": "State",
"value": "California"
},
{
"name": "Region",
"value": "Southwest"
},
{
"name": "Country",
"value": "United States"
}
]
},
{
"header": "Domain Details",
"values": [
{
"name": "IP belongs to",
"value": "Google Llc"
},
{
"name": "Organization's ISP",
"value": "Google"
},
{
"name": "ASN",
"value": "15169"
},
{
"name": "Top-level Domain",
"value": "-"
},
{
"name": "Second-level Domain",
"value": "-"
},
{
"name": "Latitude",
"value": 37.38802
},
{
"name": "Longitude",
"value": -122.07431
}
]
}
]
}
}
}
{
"data": {
"reputation_history": {
"indicator": "8.8.8.8",
"reputation_properties": {
"avg_reputation": 84,
"history_count": 98,
"min_reputation": 5,
"max_reputation": 95
},
"chart_properties": {
"x_axis_label": "8.8.8.8",
"dates_array": [
"2026-01-23",
"2026-01-30",
"2026-02-06"
],
"reputation_array": [
95,
95,
95
],
"y_axis_label": "Reputation Score"
}
}
}
}
{
"data": {
"info": {
"indicator": "example.com",
"reputation": 81,
"indicator_type": "URL",
"details": [
{
"name": "Indicator Type",
"value": "URL"
},
{
"name": "Least Common Part",
"value": "example.com"
},
{
"name": "Reputation",
"value": 81
},
{
"name": "URL Category",
"value": "Computer and Internet Info"
},
{
"name": "Confidence Score",
"value": 70
}
]
}
}
}
{
"data": {
"info": {
"indicator": "example.com",
"reputation": 81,
"indicator_type": "URL",
"details": [
{
"name": "Indicator Type",
"value": "URL"
},
{
"name": "Least Common Part",
"value": "example.com"
},
{
"name": "Reputation",
"value": 81
},
{
"name": "URL Category",
"value": "Computer and Internet Info"
},
{
"name": "Confidence Score",
"value": 70
}
]
}
}
}
{
"data": {
"related_indicators": {
"indicator": "8.8.8.8",
"default_section": "hosted_urls",
"section_vs_threat_level": {
"asn": "0",
"hosted_urls": "0"
},
"sections": [
{
"name": "Autonomous System Number (ASN)",
"value": "asn"
},
{
"name": "Hosted URLs",
"value": "hosted_urls"
}
],
"section_vs_items": {
"asn": [
98956,
3660,
5391,
10786,
151609
],
"hosted_urls": [
9,
22,
190,
488,
2502
]
}
}
}
}
{
"data": {
"connection_info": {
"indicator": "8.8.8.8",
"section_items": [
"anz-com-au.group",
"appfacebook2022.com",
"avito.my"
],
"cdb_section": "hosted_urls"
}
}
}
{
"data": {
"whois_info": {
"indicator": "8.8.8.8",
"indicator_type": "IP",
"who_is_info_details": [
{
"header": "Location Details",
"values": [
{
"name": "City",
"value": "Mountain View"
},
{
"name": "Country",
"value": "United States"
}
]
},
{
"header": "Domain Details",
"values": [
{
"name": "Organization's ISP",
"value": "Google"
},
{
"name": "ASN",
"value": "15169"
}
]
}
]
},
"info": {
"indicator": "8.8.8.8",
"indicator_type": "IP",
"reputation": 81,
"avg_reputation": "84",
"min_reputation": "5",
"max_reputation": "95",
"history_count": "98",
"details": [
{
"name": "Indicator Type",
"value": "IP"
},
{
"name": "Status",
"value": "Not In Threat IP List"
},
{
"name": "Threat Category",
"value": "-"
},
{
"name": "Occurrences on Threat List",
"value": 0
}
],
"chart_info": {
"indicator": "8.8.8.8",
"chart_data": {
"chart": {
"type": "line",
"height": "280"
},
"title": {
"text": "Reputation Trends",
"align": "left"
},
"credits": {
"enabled": false
},
"x_axis": {
"categories": [
"2025-05-23",
"2025-05-30",
"2025-06-06"
]
},
"y_axis": {
"title": {
"text": "Reputation Score"
}
},
"series": [
{
"name": "8.8.8.8",
"data": [
95,
95,
95
]
}
]
}
}
}
}
}
{
"error": {
"code": "00000107",
"detail": "action value is incorrect",
"title": "Invalid Parameter"
}
}
{
"error": {
"code": "00000107",
"detail": "indicator_type value is incorrect",
"title": "Invalid Parameter"
}
}
{
"error": {
"code": "00000107",
"detail": "Unable to parse JSON zoho-inputstream",
"title": "Invalid Parameter"
}
}
{
"error": {
"code": "00000100",
"detail": "Request Header is Mandatory to perform the action",
"title": "Bad Request"
}
}
{
"error": {
"code": "00000101",
"title": "Unauthorized",
"detail": "Invalid OAuth Token"
}
}
{
"error": {
"code": "10001029",
"title": "Too Many Requests",
"detail": "Rate limit exceeded. Retry after some time."
}
}
{
"error": {
"code": "10f3e8",
"title": "The requested analysis is not available in Log360 Cloud Threat Analytics."
}
}
{
"error": {
"code": "1d03",
"title": "Invalid parameters."
}
}
VirusTotal Search
Fetches threat analysis data from VirusTotal for a given indicator (IP, domain, or URL).
The indicator type is auto-detected from the indicator value, so indicator_type is not accepted in the request body.
The set of sections returned under data varies by the detected indicator type:
- IP:
virus_total_info,security_vendor_analysis,related_files,ssl_certificate_info,resolutions,whois_info. - Domain:
virus_total_info,security_vendor_analysis,related_files,ssl_certificate_info,related_domains,dns_records,resolutions,whois_info. - URL:
virus_total_info,security_vendor_analysis,html_info,http_response_headers.
Rate limit: 50 requests per minute per account.
OAuth Scope : logs360cloud.threat.READ
Role : Administrator
Arguments
indicator
string
(Required)
The threat indicator value — an IP address, domain, or URL.
Max length: 2048
Max length: 2048
Headers
account_id
string
(Required)
parameters_data='{"field1":"value1","field2":"value2"}';
headers_data = Map();
headers_data.put("account_id", "18XXXXX4");
headers_data.put("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f");
response = invokeUrl
[
url: "https://log360cloud.manageengine.com/api/v2/threat/search/virustotal"
type: POST
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"field1\":\"value1\",\"field2\":\"value2\"}");
Request request = new Request.Builder()
.url("https://log360cloud.manageengine.com/api/v2/threat/search/virustotal")
.post(body)
.addHeader("account_id", "18XXXXX4")
.addHeader("Authorization", "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'POST',
headers: {
account_id: '18XXXXX4',
Authorization: 'Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f',
'content-type': 'application/json'
},
body: '{"field1":"value1","field2":"value2"}'
};
fetch('https://log360cloud.manageengine.com/api/v2/threat/search/virustotal', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPSConnection("log360cloud.manageengine.com")
payload = "{\"field1\":\"value1\",\"field2\":\"value2\"}"
headers = {
'account_id': "18XXXXX4",
'Authorization': "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
'content-type': "application/json"
}
conn.request("POST", "/api/v2/threat/search/virustotal", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("https");
const options = {
"method": "POST",
"hostname": "log360cloud.manageengine.com",
"port": null,
"path": "/api/v2/threat/search/virustotal",
"headers": {
"account_id": "18XXXXX4",
"Authorization": "Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({field1: 'value1', field2: 'value2'}));
req.end();
curl --request POST \
--url https://log360cloud.manageengine.com/api/v2/threat/search/virustotal \
--header 'Authorization: Zoho-oauthtoken 1000.41d9xxxxxxxxxxxxxxxxxxxxxxxxc2d1.8fccxxxxxxxxxxxxxxxxxxxxxxxx125f' \
--header 'account_id: 18XXXXX4' \
--header 'content-type: application/json' \
--data '{"field1":"value1","field2":"value2"}'
{
"indicator": "8.8.8.8"
}
{
"indicator": "example.com"
}
{
"indicator": "http://example.com"
}
{
"data": {
"virus_total_info": {
"attributes": {
"indicator": "8.8.8.8",
"object_info": [
{
"name": "Type",
"value": "IP"
},
{
"name": "Creation Date",
"value": "-"
},
{
"name": "Last Updated",
"value": "2026-04-17 17:45:54"
},
{
"name": "Community Score",
"value": "537"
}
],
"detection_score": 0,
"type": "IP",
"number_of_security_vendors": 94,
"other_info": [
{
"title": "Basic Info",
"attributes": [
{
"name": "Network",
"value": "8.8.8.0/24"
},
{
"name": "ASN",
"value": 15169
},
{
"name": "AS Owner",
"value": "Google LLC"
},
{
"name": "Country",
"value": "US"
}
]
}
]
}
},
"security_vendor_analysis": {
"attributes": {
"value": "security_vendor_analysis",
"table_name": "VIRUS_TOTAL_SECURITY_VENDOR_ANALYSIS"
}
},
"related_files": {
"attributes": [
{
"title": "Communicating Files",
"value": "communicating_files",
"table_name": "VIRUS_TOTAL_RELATED_FILES"
},
{
"title": "Referrer Files",
"value": "referrer_files",
"table_name": "VIRUS_TOTAL_RELATED_FILES"
}
]
},
"ssl_certificate_info": {
"attributes": [
{
"title": "Data",
"attributes": [
{
"name": "Version",
"value": "V3"
},
{
"name": "Serial Number",
"value": "1C:34:4E:A3:D0:86:60:4A:10:45:4D:C1:95:A7:9E:32"
}
]
},
{
"title": "Issued To",
"attributes": [
{
"name": "Common Name (CN)",
"value": "dns.google"
}
]
},
{
"title": "Issued By",
"attributes": [
{
"name": "Common Name (CN)",
"value": "WR2"
},
{
"name": "Organization (O)",
"value": "Google Trust Services"
}
]
},
{
"title": "Validity Period",
"attributes": [
{
"name": "Issued On",
"value": "Monday, March 30, 2026 at 08:37:38 AM"
},
{
"name": "Expires On",
"value": "Monday, June 22, 2026 at 08:37:37 AM"
}
]
},
{
"title": "Fingerprints",
"attributes": [
{
"name": "SHA-256 Fingerprint",
"value": "4C 06 D4 2E ..."
},
{
"name": "SHA-1 Fingerprint",
"value": "E7 08 4D D5 ..."
}
]
}
]
},
"resolutions": {
"attributes": [
{
"value": "resolutions",
"table_name": "VIRUS_TOTAL_IP_RESOLUTIONS"
}
]
},
"whois_info": {
"attributes": [
{
"name": "NetRange",
"value": "8.8.8.0 - 8.8.8.255"
},
{
"name": "CIDR",
"value": "8.8.8.0/24"
},
{
"name": "NetName",
"value": "GOGL"
},
{
"name": "Organization",
"value": "Google LLC (GOGL)"
}
]
}
}
}
{
"data": {
"virus_total_info": {
"attributes": {
"indicator": "example.com",
"object_info": [
{
"name": "Type",
"value": "DOMAIN"
},
{
"name": "Creation Date",
"value": "1995-08-14 09:30:00"
},
{
"name": "Last Updated",
"value": "2026-04-22 11:55:54"
},
{
"name": "Community Score",
"value": "12"
}
],
"detection_score": 0,
"type": "DOMAIN",
"number_of_security_vendors": 94,
"other_info": [
{
"title": "Basic Info",
"attributes": [
{
"name": "Registrar",
"value": "RESERVED-Internet Assigned Numbers Authority"
}
]
},
{
"title": "Categories",
"attributes": [
{
"name": "Forcepoint ThreatSeeker",
"value": "Information Technology"
},
{
"name": "Sophos",
"value": "Information Technology"
}
]
}
]
}
},
"security_vendor_analysis": {
"attributes": {
"value": "security_vendor_analysis",
"table_name": "VIRUS_TOTAL_SECURITY_VENDOR_ANALYSIS"
}
},
"related_files": {
"attributes": [
{
"title": "Communicating Files",
"value": "communicating_files",
"table_name": "VIRUS_TOTAL_RELATED_FILES"
}
]
},
"ssl_certificate_info": {
"attributes": [
{
"title": "Issued To",
"attributes": [
{
"name": "Common Name (CN)",
"value": "example.com"
}
]
}
]
},
"related_domains": {
"attributes": [
{
"title": "Subdomains",
"value": "subdomains",
"table_name": "VIRUS_TOTAL_RELATED_DOMAINS"
}
]
},
"dns_records": {
"attributes": {
"value": "dns_records",
"table_name": "VIRUS_TOTAL_DNS_RECORDS"
}
},
"resolutions": {
"attributes": [
{
"value": "resolutions",
"table_name": "VIRUS_TOTAL_DOMAIN_RESOLUTIONS"
}
]
},
"whois_info": {
"attributes": [
{
"name": "Domain Name",
"value": "EXAMPLE.COM"
},
{
"name": "Registrar",
"value": "RESERVED-Internet Assigned Numbers Authority"
},
{
"name": "Creation Date",
"value": "1995-08-14T04:00:00Z"
},
{
"name": "Registry Expiry Date",
"value": "2026-08-13T04:00:00Z"
}
]
}
}
}
{
"data": {
"virus_total_info": {
"attributes": {
"indicator": "http://example.com/",
"object_info": [
{
"name": "Type",
"value": "URL"
},
{
"name": "Creation Date",
"value": "2010-10-16 12:30:30"
},
{
"name": "Last Updated",
"value": "2026-04-22 11:48:07"
},
{
"name": "Community Score",
"value": "-5"
}
],
"detection_score": 0,
"type": "URL",
"number_of_security_vendors": 91,
"other_info": [
{
"title": "Basic Info",
"attributes": [
{
"name": "No. of Times Submitted",
"value": 59908
},
{
"name": "Title",
"value": "Example Domain"
},
{
"name": "Last Serving IP",
"value": "104.20.23.154"
},
{
"name": "Network Location",
"value": "example.com"
}
]
},
{
"title": "Categories",
"attributes": [
{
"name": "Forcepoint ThreatSeeker",
"value": "Information Technology"
}
]
}
]
}
},
"security_vendor_analysis": {
"attributes": {
"value": "security_vendor_analysis",
"table_name": "VIRUS_TOTAL_SECURITY_VENDOR_ANALYSIS"
}
},
"html_info": {
"attributes": [
{
"name": "viewport",
"value": "width=device-width, initial-scale=1"
}
]
},
"http_response_headers": {
"attributes": [
{
"name": "Date",
"value": "Wed, 22 Apr 2026 06:18:14 GMT"
},
{
"name": "Server",
"value": "cloudflare"
},
{
"name": "content-type",
"value": "text/html"
},
{
"name": "cf-cache-status",
"value": "HIT"
}
]
}
}
}
{
"error": {
"code": "00000107",
"detail": "Incorrect element found in : indicator_type",
"title": "Invalid Parameter"
}
}
{
"error": {
"code": "00000101",
"title": "Unauthorized",
"detail": "Invalid OAuth Token"
}
}
{
"error": {
"code": "10001029",
"title": "Too Many Requests",
"detail": "Rate limit exceeded. Retry after some time."
}
}
{
"error": {
"code": "10f7c9",
"title": "The requested analysis is not available in VirusTotal."
}
}