4.5 Domain Reputation
|
Request |
Value |
|
Method |
GET |
|
URL |
https://api.metadefender.com/v4/domain/:observable |
Summary
Retrieve information about a given fully qualified domain name (FQDN) from CIF server.
Request
URL Parameters
|
|
Description |
Example |
|
:observable |
The observable that the user wants to scan (fqdn) |
dd.myapp.tcdn.qq.com |
Header Parameters
|
|
Description |
Allowed Values |
Required |
|
apikey |
Give rights to use the endpoint (API Authentication Mechanisms) |
apikey |
YES |
Response
HTTP Status Codes
Please refer to Status Codes for more information.
Body
Example of a successful request:
{ "address": "dd.myapp.tcdn.qq.com", "lookup_results": { "start_time": "2019-02-28T12:06:53.401Z", "detected_by": 1, "sources": [ { "provider": "openphish.com", "assessment": "phishing", "detect_time": "2019-02-21T11:55:45.853232Z", "update_time": "2019-02-21T11:55:46.597482", "status": 1, }, { "provider": "reputation.alienvault.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "danger.rulez.sk", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "feodotracker.abuse.ch", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "malc0de.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "malwaredomainlist.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "phishtank.com", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "spamhaus.org", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 }, { "provider": "zeustracker.abuse.ch", "assessment": "", "detect_time": "", "update_time": "2019-02-28T12:06:53.516Z", "status": 0 } ] }}Example of an invalid parameter:
{ "error": { "code": 400180, "messages": [ "Invalid format of input. Provide valid fully qualified domain name." ] }}Descriptions of response:
|
success |
A boolean value representing whether the request was successfully resolved or not. |
|
detected_by |
The number of blacklisted sources. |
|
sources |
Source of the feed, usually the domain where the feed is from (e.g., example.com). |
Sample code (Node.js)
var http = require("https");var options = { "method": "GET", "hostname": [ "api", "metadefender", "com" ], "path": [ "v4", "domain", "dd.myapp.tcdn.qq.com" ], "headers": { "apikey": process.env.APIKEY }};var req = http.request(options, function (res) { var chunks = []; res.on("data", function (chunk) { chunks.push(chunk); }); res.on("end", function () { var body = Buffer.concat(chunks); console.log(body.toString()); });});req.end();Sample code (cURL)
curl -X GET \ https://api.metadefender.com/v4/domain/dd.myapp.tcdn.qq.com \ -H "apikey: ${APIKEY}"