4.5 Domain Reputation

Request

Value

Method

GET

URL

https://api.metadefender.com/v4/domain/:observable

Summary

Retrieve information about a given fully qualified domain name (FQDN) from CIF server.

Request

URL Parameters

 

Description

Example

:observable

The observable that the user wants to scan (fqdn)

dd.myapp.tcdn.qq.com

Header Parameters

 

Description

Allowed Values

Required

apikey

Give rights to use the endpoint (API Authentication Mechanisms)

apikey

YES

Response

HTTP Status Codes

Please refer to Status Codes for more information.

Body

Example of a successful request:

{
"address": "dd.myapp.tcdn.qq.com",
"lookup_results": {
"start_time": "2019-02-28T12:06:53.401Z",
"detected_by": 1,
"sources": [
{
"provider": "openphish.com",
"assessment": "phishing",
"detect_time": "2019-02-21T11:55:45.853232Z",
"update_time": "2019-02-21T11:55:46.597482",
"status": 1,
},
{
"provider": "reputation.alienvault.com",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "danger.rulez.sk",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "feodotracker.abuse.ch",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "malc0de.com",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "malwaredomainlist.com",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "phishtank.com",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "spamhaus.org",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
},
{
"provider": "zeustracker.abuse.ch",
"assessment": "",
"detect_time": "",
"update_time": "2019-02-28T12:06:53.516Z",
"status": 0
}
]
}
}

Example of an invalid parameter:

{
"error": {
"code": 400180,
"messages": [
"Invalid format of input. Provide valid fully qualified domain name."
]
}
}

Descriptions of response:

success

A boolean value representing whether the request was successfully resolved or not.

detected_by

The number of blacklisted sources.

sources

Source of the feed, usually the domain where the feed is from (e.g., example.com).

Errors

Please refer to Errors for more information.

Sample code (Node.js)

var http = require("https");
 
var options = {
"method": "GET",
"hostname": [
"api",
"metadefender",
"com"
],
"path": [
"v4",
"domain",
"dd.myapp.tcdn.qq.com"
],
"headers": {
"apikey": process.env.APIKEY
}
};
 
var req = http.request(options, function (res) {
var chunks = [];
 
res.on("data", function (chunk) {
chunks.push(chunk);
});
 
res.on("end", function () {
var body = Buffer.concat(chunks);
console.log(body.toString());
});
});
 
req.end();

Sample code (cURL)

curl -X GET \
https://api.metadefender.com/v4/domain/dd.myapp.tcdn.qq.com \
-H "apikey: ${APIKEY}"