4.5 Domain Reputation

Request

Value

Method

GET

URL

https://api.metadefender.com/v3/domain/:observable

Summary

Retrieve information about given fully qualified domain name (FQDN) from CIF server.

Request

URL Parameters

 

Description

Example

:observable

The observable that user wants to scan (fqdn)

dd.myapp.tcdn.qq.com

Header Parameters

 

Description

Allowed Values

Required

Authorization

Give rights to use the endpoint (API Authentication Mechanisms)

apikey

YES

Response

HTTP Status Codes

Please refer to Status Codes for more information.

Body

Example of successful scan request:

{
"success": true,
"data": {
"start_time": "2018-12-07T14:35:45.101Z",
"detected_by": 0,
"domain": "dd.myapp.tcdn.qq.com",
"scan_results": [
{
"source": "reputation.alienvault.com",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "danger.rulez.sk",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "feodotracker.abuse.ch",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "malc0de.com",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "malwaredomainlist.com",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "phishtank.com",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "spamhaus.org",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
},
{
"source": "zeustracker.abuse.ch",
"results": [
{
"alternativeid": "",
"assessment": "",
"confident": "",
"detecttime": "",
"updatetime": "2018-12-07T14:35:45.189Z",
"result": "unknown"
}
]
}
]
}
}

Example of invalid parameter:

{
"success": false,
"error": {
"code": 400180,
"messages": [
"Invalid format of input. Provide valid fully qualified domain name."
]
}
}

Descriptions of response:

data

The information from database.

success

Boolean value representing whether request was successfully resolved or not.

detected_by

Number of blacklisted sources.

source

Source of the feed, usually the domain where the feed is from (e.g., example.com).

alternativeid

Usually a URL pointing to the original data point (as a reference id).

detecttime

When the event was detected, most common timestamp formats are valid.

result

blacklisted, whitelisted, unknown

Errors

Please refer to Errors for more information.

Sample code (Node.js)

var http = require("https");
 
var options = {
"method": "GET",
"hostname": [
"api",
"metadefender",
"com"
],
"path": [
"v3",
"domain",
"dd.myapp.tcdn.qq.com"
],
"headers": {
"Authorization": "apikey " + process.env.APIKEY
}
};
 
var req = http.request(options, function (res) {
var chunks = [];
 
res.on("data", function (chunk) {
chunks.push(chunk);
});
 
res.on("end", function () {
var body = Buffer.concat(chunks);
console.log(body.toString());
});
});
 
req.end();

Sample code (cURL)

curl -X GET \
https://api.metadefender.com/v3/domain/dd.myapp.tcdn.qq.com \
-H 'Authorization: apikey ${APIKEY}'