4.1 IP Reputation
|
Request |
Value |
|
Method |
GET |
|
URL |
https://api.metadefender.com/v4/ip/:observable |
Summary
Retrieve information about given observable (IPv4 + IPv6, in future: URL, etc.) from CIF server.
Request
URL Parameters
|
|
Description |
Example |
|
:observable |
The observable that the user wants to scan |
109.229.210.250 |
Header Parameters
|
|
Description |
Allowed Values |
Required |
|
apikey |
Gives rights to use the endpoint (API Authentication Mechanisms) |
apikey |
YES |
Response
HTTP Status Codes
Please refer to Status Codes for more information.
Body
Example of a successful request:
{ "address": "109.229.210.250", "lookup_results": { "start_time": "2019-02-28T11:59:13.989Z", "detected_by": 1, "sources": [ { "provider": "zeustracker.abuse.ch", "assessment": "botnet, zeus", "detect_time": "2019-02-20T11:39:49.612487Z", "update_time": "2019-02-20T11:39:49.764370", "status": 3 }, { "provider": "reputation.alienvault.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 }, { "provider": "danger.rulez.sk", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 }, { "provider": "feodotracker.abuse.ch", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 }, { "provider": "malc0de.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 }, { "provider": "malwaredomainlist.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 }, { "provider": "phishtank.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 }, { "provider": "spamhaus.org", "assessment": "", "detect_time": "", "update_time": "2019-02-28T11:59:14.105Z", "status": 0 } ] }, "geo_info": { "continent": { "code": "EU", "name": "Europe" }, "country": { "code": "LV", "name": "Latvia" }, "city": { "code": "", "name": "" }, "location": { "latitude": 57, "longitude": 25 }, "registered_country": { "code": "LV", "name": "Latvia" }, "subdivisions": [] }}Example of the parameter being empty:
{ "success": false, "error": { "code": 400180, "messages": [ "Invalid format of input. Provide IPv4 or IPv6" ] }}Descriptions of response:
|
success |
A boolean value representing whether the request was successfully resolved or not. |
|
address |
This is usually an IP address, URI that is found in feeds of data but is not limited to those data types. |
|
geo_info |
Geolocation of address. |
|
detected_by |
The number of blacklisted sources. |
|
sources |
Source of the feed, usually the domain where the feed is from (e.g., example.com). |
Sample code (Node.js)
var http = require("https");var options = { "method": "GET", "hostname": [ "api", "metadefender", "com" ], "path": [ "v4", "ip", "109.229.210.250" ], "headers": { "apikey": process.env.APIKEY }};var req = http.request(options, function (res) { var chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { var body = Buffer.concat(chunks); console.log(body.toString()); });});req.end();Sample code (cURL)
curl -X GET \ https://api.metadefender.com/v4/ip/109.229.210.250 \ -H "apikey: ${APIKEY}"