ThreatJammer.com User API

OpenAPI apis-guru security

The public API open to the users. .

General information

Description

Threat Jammer supports two end-user REST APIs: the User API and the Report API. The end-user uses the User API to interact with the different databases, heuristics, and machine learning processes. Devices use the Report API to interact with Threat Jammer. This document will explain how to use the User API and interact with the different services, create a token, interpret the quota information, and create the HTTP request to interact with the User API.

Authentication

The API is protected by a Bearer authentication schema. Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. It is used to authenticate the user. All the different endpoints expect a Bearer token in the Authorization header.

Example:

You can obtain a token after registering on the website for free.

Region specific tokens

All the Bearer tokens contain information about the authorized region. The developers have to use a token created for the region they want to use. A token used in a different region will return a 401 Unauthorized error.

Global errors

The API will return the following permanent errors:

a 401 Unauthorized error if the token is not valid, or does not belong to the region.
a 401 Unauthorized error if the token does not exist.
a 401 Unauthorized error if the token is malformed.
a 403 Forbidden error if the subscription level is not enough. Some endpoints are only available for paid subscription levels.

And these temporary errors:

a 429 Too Many Requests error if the quota is exceeded (see below).

Quota limits

Every request to the User API will consume one (1) quota point.

The API has two rate limiting processes:

a quota limit of 5000 requests per month for the FREE account. The limit is reset every month.
a quota limit of 10 requests per minute for the FREE account. The limit is reset every minute and implements a sliding window mechanism.

Homepage: https://api.apis.guru/v2/specs/threatjammer.com/1.2.20.json
Provider: threatjammer.com
OpenAPI version: 3.0.2
Spec (JSON): https://api.apis.guru/v2/specs/threatjammer.com/1.2.20/openapi.json
Spec (YAML): https://api.apis.guru/v2/specs/threatjammer.com/1.2.20/openapi.yaml

Tools (98)

Extracted live via the executor SDK.

allowlistDataQueryAndManagement.changeStatusOfTheAllowlistV1AllowlistPublicAllowlistIdPut
What
Change the status of an allow list to ACTIVE or INACTIVE. An INACTIVE list will not be used by the service. An ACTIVE list will be used by the service. As an optional parameter it can be provided an expiry date in seconds since epoch. If not provided, the list will never expire.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
Parameters
In the query string the ID of the allow list to change the status. In the body the JSON object with the following fields:
- status: The status of the list. It can be ACTIVE or INACTIVE.
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the status is not ACTIVE or INACTIVE, it will return a 422 error. If the expiry is not a valid timestamp, it will return a 422 error. If the allow list is not a valid UUID, it will return a 422 error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.changeStatusOfTheOriginAllowlistV1AllowlistPrivateAllowlistIdOriginPut
What
Change the status of the origin of an allow list to ACTIVE, INACTIVE or DELETED.
An ACTIVE origin will apply the allow list to the protocol and domain of the origin. An origin can be created and activated simply toogling the ACTIVE status. As an optional parameter it can be provided an ttl or Time To Live parameter of the origin in the list in seconds. After the TTL expires, the origin will be removed from the list. If the TTL is not provided, the origin will never expire.
An INACTIVE origin will not apply the allow list to the protocol and domain of the origin.
A DELETED origin will be removed from the list. It will not be used by the service anymore. The user can activate it again with the ACTIVE status.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
This operation is not available in the Freemium plan.
Parameters
In the query string the ID of the allow list to change the status. In the body the JSON object with the following fields:
- origin: The protocol and domain of the origin. It can be http://example.com or https://example.com.
- status: The status of the list. It can be ACTIVE, INACTIVE or DELETED.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the status is not ACTIVE or INACTIVE, it will return a 422 error. If the TTL is negative in the past, it will return a 422 error. If the allow list is not a valid UUID, it will return a 422 error. If the origin is not a valid URL, it will return a 400 error. If the allowlist is not active, it will returna 409 error. If the origin is not found in the set owned by the user, it will return a 404 error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.changeStatusOfTheOriginAllowlistV1AllowlistPublicAllowlistIdOriginPut
What
Change the status of the origin of an allow list to ACTIVE, INACTIVE or DELETED.
An ACTIVE origin will apply the allow list to the protocol and domain of the origin. An origin can be created and activated simply toogling the ACTIVE status. As an optional parameter it can be provided an ttl or Time To Live parameter of the origin in the list in seconds. After the TTL expires, the origin will be removed from the list. If the TTL is not provided, the origin will never expire.
An INACTIVE origin will not apply the allow list to the protocol and domain of the origin.
A DELETED origin will be removed from the list. It will not be used by the service anymore. The user can activate it again with the ACTIVE status.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
This operation is not available in the Freemium plan.
Parameters
In the query string the ID of the allow list to change the status. In the body the JSON object with the following fields:
- origin: The protocol and domain of the origin. It can be http://example.com or https://example.com.
- status: The status of the list. It can be ACTIVE, INACTIVE or DELETED.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the status is not ACTIVE or INACTIVE, it will return a 422 error. If the TTL is negative in the past, it will return a 422 error. If the allow list is not a valid UUID, it will return a 422 error. If the origin is not a valid URL, it will return a 400 error. If the allowlist is not active, it will returna 409 error. If the origin is not found in the set owned by the user, it will return a 404 error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.createPrivateAllowlistOfTheUserV1AllowlistPrivatePost
What
Creates a new allowlist with the information given and binded to the current user. The parameters are:
- name
- description
- tags
- expiry
- Time to Live (TTL)
- Resource Type (CIDR, AS, COUNTRY, CONTINENT, DATACENTER_ID and USER AGENT)
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response. The operation will also return the UUID of the list.
Parameters
In the query string the ID of the private allow list to delete.
In the body the following parameters:
- name: A human readable name of the list.
- description: A long detailed information about what the list contains and how it is used.
- tags: A list of tags that describe the list.
- ttl: (Optional) The Time To Live of the list, in seconds. If it does not exist, it will never expire.
- resource_type: The type of resource that the list contains. It can be CIDR, AS, COUNTRY, CONTINENT, DATACENTER_ID or USER AGENT.
Result
It should always return a 202 Accepted response with the UUID of the new list in the body.
Errors
- If the information is not valid, it will return a 422 (Unprocessable Entity) error.
- If the ttl is negative, it will return a 400 (Bad Request) error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.deleteTheAllowlistContentV1AllowlistPrivateAllowlistIdContentDelete
What
Delete all the content of a private allowlist of the user. This will remove all the elements, and there is no way to recover them.
Parameters
Pass the private allowlist ID as query parameter.
Result
If successful, it will return a 202 (Accepted) response with an empty body. The operation is asynchronous,and can take several seconds to complete.
Errors
- If the allow list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private allowlist ID does not exist, it will return a 404 (Not found) error.
It will also return the API Global errors described in the API description.
allowlistDataQueryAndManagement.deleteTheAllowlistV1AllowlistPrivateAllowlistIdDelete
What
Delete all the bindings between a user and a private allowlist. This will remove the content of the allowlist, the allowlist from the user and also all the origins that are using the allowlist.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request willimmediately return a 202 Accepted response.
Parameters
In the query string the ID of the private allow list to delete.
Result
It should always return a 202 Accepted response with an empty body.
Errors
- If the list does not exist, it will return a 404 error.
- If the allow list is not a valid UUID, it will return a 422 error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.deleteTheAllowlistV1AllowlistPublicAllowlistIdDelete

What
Delete all the bindings between a user and an allowlist. This will remove the allowlist from the user and also all the origins that are using the allowlist.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
Parameters
In the query string the ID of the allow list to change the status.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the allow list is not a valid UUID, it will return a 422 error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getAllowlistContentV1AllowlistPrivateAllowlistIdContentGet
What
Returns the content of the private allowlist of the user. The content can be CIDRs, ASNs, countries, continents or datacenter IDs.
Parameters
Pass the private allowlist ID as query parameter.
Result
The result is a JSON object with the following structure:
- self: the URI to the content of the list.
- cidrs: (Optional) list of CIDRs in the list.
- asns: (Optional) list of ASNs in the list.
- countries: (Optional) list of countries in the list.
- continents: (Optional) list of continents in the list.
- datacenters: (Optional) list of datacenters in the list.
Errors
- If the allow list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private allowlist ID does not exist, it will return a 404 (Not found) error.
It will also return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getAllOwnedAllowlistsByResourceTypeV1AllowlistPublicOwnedResourceTypeGet
What
Obtain the set of public allow lists selected by the user and wich ones are not filtering by the resource type.
Parameters
The resource type to filter. The values can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as an allowlist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getAllPrivateAllowlistsByResourceTypeV1AllowlistPrivateAllResourceTypeGet
What
Obtain the set of private allow lists of the user available in the service filtering by resource type. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID
Parameters
The resource type to filter. The values can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as a allowlist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
- If the resource type is not valid, it will return a 400 error.
It will also return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getAllPrivateAllowlistsV1AllowlistPrivateAllGet
What
Obtain the set of private allow lists of the user available in the service.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as a allowlist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getAllPublicAllowlistsByResourceTypeV1AllowlistPublicAllResourceTypeGet
What
Obtain the set of public allow lists available in the service and also which ones are already selected by the user and wich ones are not filtering by the resource type.
Parameters
The resource type to filter. The values can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
If the list is already selected by the user, the JSON object will also contain the following fields:
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
- origins: list of websites that are using the list as an allowlist.
  - self: the URI to all the list of origins.
  - lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getAllPublicAllowlistsV1AllowlistPublicAllGet
What
Obtain the set of public allow lists available in the service and also which ones are already selected by the user and wich ones are not.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
If the list is already selected by the user, the JSON object will also contain the following fields:
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
- origins: list of websites that are using the list as an allowlist.
  - self: the URI to all the list of origins.
  - lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getPublicAllowlistsOwnedByTheUserV1AllowlistPublicOwnedGet
What
Obtain the set of public allow lists available in the service selected by the user.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as an allowlist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getSingleAllowlistV1AllowlistPrivateAllowlistIdGet
What
Obtain the details of the private allow list of the user available in the service.
Parameters
Pass the private allowlist ID as query parameter.
Result
The result is a JSON object with the following structure:
- self: the URI to individual information of the list.
- name: A human readable name of the list.
- description: A long detailed information about what the list contains and how it is used.
- resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
- list_type: The type of the list. It can be ALLOW or DENY.
- created_at: Unix timestamp in seconds when the list was created.
- updated_at: Unix timestamp in seconds when the list was updated.
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
- origins: list of websites that are using the list as a allowlist.
  - self: the URI to all the list of origins.
  - lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
- If the allow list is not a valid UUID, it will return a 422 error.
- If the private allowlist ID does not exist, it will return a 404 error.
It will also return the API Global errors described in the API description.
allowlistDataQueryAndManagement.getSingleAllowlistV1AllowlistPublicAllowlistIdGet
What
Obtain the details of an allow list available in the service.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual information of the list.
- name: A human readable name of the list.
- description: A long detailed information about what the list contains and how it is used.
- resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
- list_type: The type of the list. It can be ALLOW or DENY.
- status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIREDit means that the list is not available anymore if not renewed.
- created_at: Unix timestamp in seconds when the list was created.
- updated_at: Unix timestamp in seconds when the list was updated.
If the list is already selected by the user, the JSON object will also contain the following fields: - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire. - origins: list of websites that are using the list as an allowlist. - self: the URI to all the list of origins. - lists: list of lists that the origin is using. - self: the URI to the individual information of the list. - origin: the protocol and domain of the website that is using the list. - status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed. - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire. - created_at: Unix timestamp in seconds when the list was created. - updated_at: Unix timestamp in seconds when the list was updated.
Errors
If the list does not exist, it will return a 404 error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.queryResourceAllowlistsV1AllowlistPublicIpAddressGet
What
Obtain the list of all the different public allowlists where the IP address entered by the user is. The public allowlists are the ones activated by the user, but managed by Threatjammer administrators.
Parameters
The endpoint accepts the address parameter as query string.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- cidrs: the URI of the lists of CIDRs where the IP was found.
- country: the URIs where the lists of countries where the IP address was found
- continent: the URI where the continent where the IP address was found.
- asn: the URIs where the list of continents of the ASN where the IP address was found.
- datacenter: the URIs of the lists of datacenters where the IP address was found. If not found, the result is an empty string.
Errors
- a 422 Unprocessable Entity error if the IP address was malformed.
It will also return the API Global errors described in the API description.
allowlistDataQueryAndManagement.queryResourceDenylistsV1AllowlistPrivateIpAddressGet
What
Obtain the list of all the different private allowlists where the IP address entered by the user. The allowlisted forbidden datasets are the ones submitted manually by the user from files or indidual items.
Parameters
The endpoint accepts the address parameter as query string.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- cidrs: the URI of the lists of CIDRs where the IP was found.
- country: the URIs where the lists of countries where the IP address was found
- continent: the URI where the continent where the IP address was found.
- asn: the URIs where the list of continents of the ASN where the IP address was found.
- datacenter: the URIs of the lists of datacenters where the IP address was found. If not found, the result is an empty string.
- reported: the URI of the information of the IP address reported by the user. For allowlist should be empty.
Errors
- a 422 Unprocessable Entity error if the IP address was malformed.
It will also return the API Global errors described in the API description.
allowlistDataQueryAndManagement.updatePrivateAllowlistOfTheUserV1AllowlistPrivateAllowlistIdPut
What
Updates the information that describes the allowlist of the user in the system. The parameters that can be modified are:
- name
- description
- tags
- expiry
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
Parameters
In the query string the ID of the private allow list to delete.
In the body the following parameters:
- name: (Optional) A human readable name of the list.
- description: (Optional) A long detailed information about what the list contains and how it is used.
- tags: (Optional) A list of tags that describe the list.
- expiry: (Optional) Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
Result
It should always return a 202 Accepted response with an empty body.
Errors
- If the list does not exist, it will return a 404 (Not found) error.
- If the list is a default list, it will return a 403 (Forbidden) error.
- If the allow list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the expiry is not a valid timestamp, it will return a 422 (Unprocessable Entity) error.
- If the expiry is in the past, it will return a 400 (Bad Request) error.
- If the name is not a string, it will return a 422 (Unprocessable Entity) error.
- If the description is not a string, it will return a 422 (Unprocessable Entity) error.
It will return the API Global errors described in the API description.
allowlistDataQueryAndManagement.updatePrivateContentOfTheAllowlistOfTheUserV1AllowlistPrivateAllowlistIdContentPut
What
Add or remove content of a private allowlist of the user. The content can be CIDRs, ASNs, countries, continents or datacenter IDs.
The number of elements allowed in all the lists are limited depending on the plan of the user:
- Free: 100 elements
- Basic: 1000 elements
- Premium: 10000 elements
Parameters
Pass the private allowlist ID as query parameter.
In the body the following parameters:
- append: (Optional) Add CIDRs, ASNs, countries, continents or datacenter IDs to add to the list. It's not possible to mix different resource types in the same list.
- remove: (Optional) Extract CIDRs, ASNs, countries, continents or datacenter IDs to add to the list. It's not possible to mix different resource types in the same list.
Result
If successful, it will return a 202 (Accepted) response with an empty body. The operation is asynchronous,and can take several seconds to complete.
Errors
- If the allow list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private allowlist ID does not exist, it will return a 404 (Not found) error.
- If the append or remove parameters are not processable, it will return a 422 (Unprocessable Entity) error.
- If the number of elements in the lists is over the limit, it will return a 413 (Payload Too Large) error.
It will also return the API Global errors described in the API description.
authenticationTokenManagementInThisRegion.queryTokenActivityV1TokenActivityGet
What
Obtain the list of all the activity events of the current user in the selected region. The purpose of this function is to show what actions performed a user with the specific token.
Parameters
The following pagination parameters are required as query string parameters:
- page: (Optional) the page number to retrieve. The first page is 1. Default is 1.
- page_size: (Optional) the number of items per page. Default is 20.
The token is obtained automatically from the Bearer in the header.
Result
The result is a JSON object with the following fields:
- self: the URI to all activities of the token.
- activities: a list of activities performed by the user with the token.
  - self: the URI to individual activity information.
  - event: ID of the reference of the event type.
  - description: Human readable description of the event.
  - data: the payload of the event. It can be empty.
  - source: A JSON object with the following fields:
    
    address: the IP address of the client.
    
    ua_string: the user agent string of the client.
    
    status_code: the HTTP status code of the response.
    
    uri: the URI of the request.
    
    body: the body of the request.
    
    method: the HTTP method of the request.
  - created_at: the date and time when the token was created in UNIX timestamp in milliseconds.
Errors
It will return the API Global errors described in the API description.
authenticationTokenManagementInThisRegion.queryTokenInfoV1TokenGet
What
Obtain the list of all the token attributes of the current user in the selected region. The purpose of this function is to show the current values of the user's quota.
Parameters
No parameters are required. The token is obtained automatically from the Bearer in the header.
Result
The result is a JSON object with the following fields:
- self: the URI to individual token information.
- region_id: the name of the region where the token is valid.
- last_month_bucket_init_value: the initial value of the monthly bucket.
- last_month_bucket_value: the current value of consumed quota in the monthly bucket.
- last_month_bucket_refresh: Unix timestamp in milliseconds of the next monthly bucket reset.
- last_minute_bucket_init_value: the initial value of the per minute bucket.
- last_minute_bucket_value: the current value of consumed quota in the per minute bucket.
- last_minute_bucket_refresh: Unix timestamp in milliseconds of the next per minute bucket reset.
- last_minute_bucket_refill_ratio: the number of tokens to add every second to the per minute bucket.
- status: the status of the token. The only allowed value is ENABLED.
- created_at: the date and time when the token was created in UNIX timestamp in milliseconds.
- updated_at: the date and time when the token was last updated in UNIX timestamp in milliseconds.
Errors
It will return the API Global errors described in the API description.
autonomousSystemsInformation.queryAsnPrefixesListV1AsnNumberPrefixesGet
What
Obtain the full list of IPv4 and IPv6 prefixes of the Autonomous System Number (ASN) passed as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- number: (Mandatory) The ASN number to be queried.
Result
The result is a JSON object with the following structure:
- self: the URI of the API call
- asn: the URI to query the full details of the ASN.
- prefixes_v4: the list of IPv4 prefixes that belong to the ASN. Each element of the list is a JSON object with the following structure:
  - self: the URI to individual IPv4 prefix.
  - asn: the URI to query the full details of the ASN.
  - object_type: the type of the prefix. The allowed values are: IPv4.
  - maintainer: the information about the maintainer of this prefix in the registry.
  - description: the description of the prefix as registered in the registry.
  - registry_date: the date of registration of the prefix in the registry. The format is YYYY-MM-DD.
  - registry_status: the URI of the status of the prefix as stored in the registry.
  - score: The risk score of the prefix. It ranges from 0 to 99.
  - risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
- prefixes_v6: the list of IPv6 prefixes that belong to the ASN. Each element of the list is a JSON object with the following structure:
  - self: the URI to individual IPv6 prefix.
  - asn: the URI to query the full details of the ASN.
  - object_type: the type of the prefix. The allowed values are: IPv6.
  - maintainer: the information about the maintainer of this prefix in the registry.
  - description: the description of the prefix as registered in the registry.
  - registry_date: the date of registration of the prefix in the registry. The format is YYYY-MM-DD.
  - registry_status: the URI of the status of the prefix as stored in the registry.
  - score: The risk score of the prefix. It ranges from 0 to 99.
  - risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the AS was not found.
- a 422 Unprocessable Entity error if the AS number is malformed.
It will also return the API Global errors described in the API description.
autonomousSystemsInformation.queryAsnPrefixInformationV1AsnPrefixPost
What
Obtain the IPv4 or IPv6 prefix and the Autonomous System information of the CIDR passed in the body as a POST method. This endpoint works around the problem of passing '/' addresses in the URI.
Parameters
The endpoint accepts only the following parameter in the body as a JSON object:
- prefix: (Mandatory) The CIDR v4 or v6 to be queried.
Result
The result is a JSON object with the following structure:
- self: the URI to individual IPv4 prefix.
- asn: the URI to query the full details of the ASN.
- object_type: the type of the prefix. The allowed values are: IPv4 or IPv6.
- maintainer: the information about the maintainer of this prefix in the registry.
- description: the description of the prefix as registered in the registry.
- registry_date: the date of registration of the prefix in the registry. The format is YYYY-MM-DD.
- registry_status: the URI of the status of the prefix as stored in the registry.
- score: The risk score of the prefix. It ranges from 0 to 99.
- risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the prefix information was not found.
- a 422 Unprocessable Entity error if the CIDR is malformed.
It will also return the API Global errors described in the API description.
autonomousSystemsInformation.queryAsnV1AsnNumberGet
What
Obtain the full details of the Autonomous System Number (ASN) passed as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- number: (Mandatory) The ASN number to be queried.
Result
The result is a JSON object with the following structure:
- self: the URI of the API call
- name: the name of the Autonomous System as registered in the registries databases.
- description: the description of the Autonomous System as registered in the registries databases.
- country_code: the ISO 3166-1 alpha-2 country code of the Autonomous System.
- registry_date: the date of registration of the Autonomous System in the registry. The format is YYYY-MM-DD.
- registry: the URI of the registry where the Autonomous System is registered.
- status: the status of the Autonomous System as stored in the registry.
- prefixes: the URI to the list of prefixes that belong to the Autonomous System.
- score: The risk score of the Autonomous System. It ranges from 0 to 99.
- risk: The risk of the Autonomous System. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the AS was not found.
- a 422 Unprocessable Entity error if the AS number is malformed.
It will also return the API Global errors described in the API description.
autonomousSystemsInformation.queryIpAddressNetworkInformationV1AsnIpIpAddressGet
What
Obtain the IPv4 or IPv6 prefix and the Autonomous System information of the IP address passed as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- ip_address: (Mandatory) The IPv4 or IPv6 address to be queried.
Result
The result is a JSON object with the following structure:
- self: the URI to individual IPv4 prefix.
- asn: the URI to query the full details of the ASN.
- object_type: the type of the prefix. The allowed values are: IPv4 or IPv6.
- maintainer: the information about the maintainer of this prefix in the registry.
- description: the description of the prefix as registered in the registry.
- registry_date: the date of registration of the prefix in the registry. The format is YYYY-MM-DD.
- registry_status: the URI of the status of the prefix as stored in the registry.
- score: The risk score of the prefix. It ranges from 0 to 99.
- risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the prefix information was not found.
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
autonomousSystemsInformation.queryRegistryByTheNameV1AsnRegistryCodeGet
What
Obtain the information about the Regional Internet Registries (RIRs) given as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the RIR. Possible values are: iana, arin, ripencc, afrinic, apnic, lacnic.
Result
The result is a JSON object with the following structure:
- self: the URI to individual RIR.
- name: the RIR name.
- code: the internal code of the RIR in the system.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
autonomousSystemsInformation.queryRegistryNamesV1AsnRegistryAllGet
What
Obtain the list of Regional Internet Registries (RIRs) entities worldwide.
Parameters
No parameters are required.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual RIR.
- name: the RIR name.
- code: the internal code of the RIR in the system. Possible values are: iana, arin, ripencc, afrinic, apnic, lacnic.
Errors
It will return the API Global errors described in the API description.
autonomousSystemsInformation.queryStatusByTheNameV1AsnStatusCodeGet
What
Obtain the information about the status of an object in the registry as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the status in the registry. Possible values are: assigned, reserved, allocated, available.
Result
The result is a JSON object with the following structure:
- self: the URI to individual status.
- name: the human readable name of the status.
- code: the internal code of the status in the system.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
autonomousSystemsInformation.queryStatusNamesV1AsnStatusAllGet
What
Obtain the list of status of an object can be in a registry.
Parameters
No parameters are required.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- name: the code name.
- code: the internal code of the status in the system. Possible values are: assigned, reserved, allocated, available.
Errors
It will return the API Global errors described in the API description.
dataAssessment.assessIpSetCsvV1AssessIpCsvPost
What
Obtain a numerical score and a risk assessment of all the IP addresses uploaded with a text file.
Parameters
- A text file with a list of public IPv4 or IPv6 addresses.
- A header Content-Type: multipart/form-data is required.
- (optional) in the query string the parameeter strict_parse: If set to true, no malformed IP addresses allowed, returning an error. If set to false, malformed IP addresses will be ignored.
Example:
curl -X 'POST' \ 'https://dublin.api.threatjammer.com/v1/asses/ip/csv[?strict_parse=true|false]' \ -H 'accept: application/json' \ -H 'Authorization: Bearer YOUR_API_KEY' \ -H 'Content-Type: multipart/form-data' \ -F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
Result
The result contains a list of the result for each IP address, with two main sets of data:
- The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
- The list of information gathered from the IP address to obtain the score.
The result is a JSON object with the following structure:
- self: the URI of the API call
- score: The score of the IP address. It ranges from 0 to 99.
- risk: The risk of the IP address. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
- reason: It's a human readable representation of the reason of the risk.
- datasets: The IP address was found in the these lists of datasets used to obtain the risk score. Datasets are described as a list of URIs.
- sources: The IP address was found in the these source lists at an specific time with a specific risk score. Sources are described as a list of URIs.
- log: The activity of the IP address in the different datasets used to obtain the risk score. The log is a URI reference.
- asn: The information about the Autonomous System (AS) of the IP address. The AS is described as an URI.
- asn_prefix: The information about the Autonomous System (AS) network prefix of the IP address. The prefix is described as an URI.
- datacenter: If the IP address is part of a datacenter pool, the information about the datacenter is described as an URI.
- datacenter_prefix: The information about the Datacenter network prefix of the IP address. The asn_prefix and datacenter_prefix can be the same, but it is not mandatory. The prefix is described as an URI.
- denylisted: If the IP address was denylisted by the user, the information about the denylisted IP address is described as an URI.
- first_appearence: URI to the first appearance of the IP address in the different datasets used to obtain the risk score.
- last_appearence: URI to the last appearance of the IP address in the different datasets used to obtain the risk score.
Errors
The endpoint will return the following errors:
- a 422 Unprocessable Entity error if the IP address is malformed.
The private IP addresses will be ignored, if any.
When the strict_parse parameter is set to true, the endpoint will return the following errors:
- a 400 Bad Request.
It will also return the API Global errors described in the API description.
```
curl -X 'POST' \  'https://dublin.api.threatjammer.com/v1/asses/ip/csv[?strict_parse=true|false]' \  -H 'accept: application/json' \  -H 'Authorization: Bearer YOUR_API_KEY' \  -H 'Content-Type: multipart/form-data' \  -F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
```
dataAssessment.assessIpSetV1AssessIpPost
What
Obtain a numerical score and a risk assessment of all the IP addresses passed as argument.
Parameters
A list of public IPv4 or IPv6 addresses is required in the body of the request.
Result
The result contains a list of the result for each IP address, with two main sets of data:
- The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
- The list of information gathered from the IP address to obtain the score.
The result is a JSON object with the following structure:
- self: the URI of the API call
- score: The score of the IP address. It ranges from 0 to 99.
- risk: The risk of the IP address. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
- reason: It's a human readable representation of the reason of the risk.
- datasets: The IP address was found in the these lists of datasets used to obtain the risk score. Datasets are described as a list of URIs.
- sources: The IP address was found in the these source lists at an specific time with a specific risk score. Sources are described as a list of URIs.
- log: The activity of the IP address in the different datasets used to obtain the risk score. The log is a URI reference.
- asn: The information about the Autonomous System (AS) of the IP address. The AS is described as an URI.
- asn_prefix: The information about the Autonomous System (AS) network prefix of the IP address. The prefix is described as an URI.
- datacenter: If the IP address is part of a datacenter pool, the information about the datacenter is described as an URI.
- datacenter_prefix: The information about the Datacenter network prefix of the IP address. The asn_prefix and datacenter_prefix can be the same, but it is not mandatory. The prefix is described as an URI.
- denylisted: If the IP address was denylisted by the user, the information about the denylisted IP address is described as an URI.
- first_appearence: URI to the first appearance of the IP address in the different datasets used to obtain the risk score.
- last_appearence: URI to the last appearance of the IP address in the different datasets used to obtain the risk score.
Errors
The endpoint will return the following errors:
- a 422 Unprocessable Entity error if the IP address is malformed.
The private IP addresses will be ignored, if any.
It will also return the API Global errors described in the API description.
dataAssessment.assessIpV1AssessIpIpAddressGet
What
Obtain a numerical score and a risk assessment of the IP address passed as argument.
Parameters
The only argument accepted in the query string is a public IPv4 or IPv6 addresses.
Result
The result contains two main sets of data:
- The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
- The list of information gathered from the IP address to obtain the score.
The result is a JSON object with the following structure:
- self: the URI of the API call
- score: The score of the IP address. It ranges from 0 to 99.
- risk: The risk of the IP address. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
- reason: It's a human readable representation of the reason of the risk.
- datasets: The IP address was found in the these lists of datasets used to obtain the risk score. Datasets are described as a list of URIs.
- sources: The IP address was found in the these source lists at an specific time with a specific risk score. Sources are described as a list of URIs.
- log: The activity of the IP address in the different datasets used to obtain the risk score. The log is a URI reference.
- asn: The information about the Autonomous System (AS) of the IP address. The AS is described as an URI.
- asn_prefix: The information about the Autonomous System (AS) network prefix of the IP address. The prefix is described as an URI.
- datacenter: If the IP address is part of a datacenter pool, the information about the datacenter is described as an URI.
- datacenter_prefix: The information about the Datacenter network prefix of the IP address. The asn_prefix and datacenter_prefix can be the same, but it is not mandatory. The prefix is described as an URI.
- denylisted: If the IP address was denylisted by the user, the information about the denylisted IP address is described as an URI.
- first_appearence: URI to the first appearance of the IP address in the different datasets used to obtain the risk score.
- last_appearence: URI to the last appearance of the IP address in the different datasets used to obtain the risk score.
Errors
The endpoint will return the following errors:
- a 400 Bad Request error if the IP address is not public.
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
datacenterInformation.queryDatacenterPrefixesListV1DatacenterDatacenterIdPrefixesGet
What
Obtain the full list of IPv4 and IPv6 prefixes of the Datacenter passed as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- datacenter_id: (Mandatory) The internal Datacenter ID to be queried.
Result
The result is a JSON object with the following structure:
- self: the URI of the API call
- datacenter_id: the URI to query the full details of the Datacenter.
- prefixes_v4: the list of IPv4 prefixes that belong to the Datacenter. Each element of the list is a JSON object with the following structure:
  - self: the URI to individual IPv4 prefix.
  - datacenter_id: the URI to query the full details of the Datacenter.
  - score: The risk score of the prefix. It ranges from 0 to 99.
  - risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
  - min_score: The minimum risk score of the prefix. It ranges from 0 to 99.
  - max_score: The maximum risk score of the prefix. It ranges from 0 to 99.
  - ip_abuse_total: The total number of IPs that have been reported as abuse in the range.
- prefixes_v6: the list of IPv6 prefixes that belong to the Datacenter. Each element of the list is a JSON object with the following structure:
  - self: the URI to individual IPv4 prefix.
  - datacenter_id: the URI to query the full details of the Datacenter.
  - score: The risk score of the prefix. It ranges from 0 to 99.
  - risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
  - min_score: The minimum risk score of the prefix. It ranges from 0 to 99.
  - max_score: The maximum risk score of the prefix. It ranges from 0 to 99.
  - ip_abuse_total: The total number of IPs that have been reported as abuse in the range.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the Datacenter was not found.
- a 422 Unprocessable Entity error if the Datacenter number is malformed.
It will also return the API Global errors described in the API description.
datacenterInformation.queryDatacenterPrefixInformationV1DatacenterPrefixPost
What
Obtain the IPv4 or IPv6 prefix and the Datacenter information of the CIDR passed in the body as a POST method. This endpoint works around the problem of passing '/' addresses in the URI.
Parameters
The endpoint accepts only the following parameter in the body as a JSON object:
- prefix: (Mandatory) The CIDR v4 or v6 to be queried.
Result
- The result is a JSON object with the following structure:
  - self: the URI to individual IPv4 prefix.
  - datacenter_id: the URI to query the full details of the Datacenter.
  - score: The risk score of the prefix. It ranges from 0 to 99.
  - risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
  - min_score: The minimum risk score of the prefix. It ranges from 0 to 99.
  - max_score: The maximum risk score of the prefix. It ranges from 0 to 99.
  - ip_abuse_total: The total number of IPs that have been reported as abuse in the range.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the prefix information was not found.
- a 422 Unprocessable Entity error if the CIDR is malformed.
It will also return the API Global errors described in the API description.
datacenterInformation.queryDatacenterV1DatacenterDatacenterIdGet
What
Obtain the details of the Datacenter ID passed as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- datacenter_id: (Mandatory) The internal Datacenter ID to be queried.
Result
The result is a JSON object with the following structure:
- self: the URI of the API call
- name: the generic name of the Datacenter. The database takes the name from different sources, so it may be different from the real name.
- description: a full name of the Datacenter. It contains more details about the Datacenter.
- source: website of the company that owns the Datacenter.
- asn: the URI to the ASN of the Datacenter.
- status: the status of the Datacenter. It can be: enabled or disabled.
- prefixes: the URI to the list of prefixes that belong to the Datacenter.
- score: The risk score of the Datacenter. It ranges from 0 to 99.
- risk: The risk of the Datacenter. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the Datacenter was not found.
- a 422 Unprocessable Entity error if the Datacenter is malformed.
It will also return the API Global errors described in the API description.
datacenterInformation.queryIpAddressNetworkInformationV1DatacenterIpIpAddressGet
What
Obtain the IPv4 or IPv6 prefix and the Datacenter information of the IP address passed as a parameter.
Parameters
The endpoint accepts only the following parameter in the path:
- ip_address: (Mandatory) The IPv4 or IPv6 address to be queried.
Result
- The result is a JSON object with the following structure:
  - self: the URI to individual IPv4 prefix.
  - datacenter_id: the URI to query the full details of the Datacenter.
  - score: The risk score of the prefix. It ranges from 0 to 99.
  - risk: The risk of the prefix. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
  - min_score: The minimum risk score of the prefix. It ranges from 0 to 99.
  - max_score: The maximum risk score of the prefix. It ranges from 0 to 99.
  - ip_abuse_total: The total number of IPs that have been reported as abuse in the range.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if the prefix information was not found.
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
dataLogging.logChangeIdV1LogIpIdLogchangeIdGet
What
Obtain the full detail of a specific log change.
Parameters
The endpoint accepts only the following parameters in the path:
- logchange_id: (Mandatory) A unique integer of the change event log.
Result
The result is a JSON object with the following structure:
- self: the URI of the API call
- cidr: The CIDR affected by the change.
- score: The score of the IP address when the event happened. It ranges from 0 to 99.
- risk: The risk of the IP address when the event happened. The allowed values are: LOW, MEDIUM, HIGH. It's a human readable representation of the score.
- dataset: The URI of the dataset where the change was logged.
- source: The URI of the data source where the change was found.
- lapse: The time elapsed between the event found and the moment the source was queried. The possible values are: 1H, 6H, 12H, 1D, 7D, 30D, 90D, 180D, 365D.
- action: The action that was performed on the IP address. The allowed values are: ADD, DELETE.
- timestamp: The UNIX timestamp in milliseconds when the change was logged.
Errors
The endpoint will return the following errors:
- a 404 Not Found error if there is no event in the log with the logchange_ID given.
- a 422 Unprocessable Entity error if the logchange_ID is malformed.
It will also return the API Global errors described in the API description.
dataLogging.logchangesIpV1LogIpIpAddressGet
What
Obtain a list of changes logged in the different datasets of the IP address given.
Parameters
The endpoint accepts the following parameters in the path:
- ip_address: (Mandatory) The public IPv4 or IPv6 addresses to be queried.
The endpoint accepts the following parameters in the query string:
- dataset: (Optional) Name of the dataset to filter the query. If not given, then all datasets are queried. If given, then only the changes logged in the given dataset are returned. The list of datasets is obtained from the /v1/dataset/ip endpoint.
- logged_after: (Optional) The UNIX timestamp in milliseconds of the earliest date to be included in the query. If not given, then the earliest date is the date of the first change logged in the dataset.
Result
The result is a JSON object with the following structure:
- self: the URI of the API call
- logs: The list of log changes. Each element of the list is a JSON object of a specific log change with the structure described in the endpoint /v1/log/ip/id/logchange_id.
Errors
The endpoint will return the following errors:
- a 400 Bad Request error if the IP address is not public.
- a 400 Bad Request error if the timestamp is in the future.
- a 400 Bad Request error if the dataset is not a string that can have numbers, upper and lower case letters, and underscores.
- a 404 Not Found error if the dataset was not found.
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
dataSources.getAllSourcesV1SourceIpGet
What
Obtain the full meta information of all the source lists available for the subscription level of the user. A source list is a collection of resources combined together with other sources to create a dataset.
A source list has some unique properties. The most relevant ones are the score and risk. The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
Each source list groups several collections of resource by the lapse of time or time range that they are related to according to their age. Each group by time range has a score and a risk.
Parameters
The endpoint does not accept any parameter. The subscription level is obtained from the token provided in the header.
Result
The result is a JSON object with a self reference and a list of JSON objects with the following fields:
- self: the URI to individual source list information.
- dataset: the URI to the dataset that aggregates the resources of this list.
- name: the unique name of the source list. Must be uppercase letters, numbers and underscores.
- description: a human readable long description of the source list.
- source: Origin of the list.
- url: The URL where the source list was found.
- refresh: The refresh period of the source list.
- minimum_score: The minimum score found in the different source list time ranges. Is in the range 0-99.
- maximum_score: The maximum score found in the different source list time ranges. Is in the range 0-99.
- minimum_risk: The minimum human readable risk score found in the different source list time ranges. Can be UNKNOWN, LOW, MEDIUM or HIGH.
- maximum_risk: The maximum human readable risk score found in the different source list time ranges. Can be UNKNOWN, LOW, MEDIUM or HIGH.
- time_range: the list of URIs pointing to the different source list time ranges information.
- updated_at: The UNIX timestamp in milliseconds of last update of the source list.
Errors
It will return the API Global errors described in the API description.
dataSources.getSourceAndTimerangeInfoV1SourceIpSourceRangeTimeRangeGet
What
Obtain the meta information of the source list and the time range given as arguments. A source list is a collection of resources combined together with other sources to create a dataset. A source list has some unique properties. The most relevant ones are the score and risk. The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
The time ranges or lapse of time of each source are how the resources are stored according to their age. Each group by time range has a score and a risk.
Parameters
The endpoint accepts the following two parameters in the path:
- source: (Mandatory) The code name that identifies uniquely the source list in the platform. It must be composed of uppercase letters, numbers and underscores.
- time_range: (Mandatory) The code name that identifies uniquely the time ranges. Must be: 1H, 6H, 12H, 1D, 7D, 30D, 90D, 180D y 365D.
Result
The result is a JSON object with the following fields:
- self: the URI to individual source list and time range information.
- source: the URI to individual source list information.
- items: Number of elements in the source list in the time range given.
- lapse: The lapse of time or time range of the specific source list. Can be 1H, 6H, 12H, 1D, 7D, 30D, 90D, 180D or 365D.
- score: The score found in the source list time range. Is in the range 0-99.
- risk: The human readable risk score found in the source list time range. Can be UNKNOWN, LOW, MEDIUM or HIGH.
- updated_at: The UNIX timestamp in milliseconds of last update of the source list.
Errors
- a 404 Not Found error if the source list code name was not found.
- a 404 Not Found error if the time range was not found.
- a 422 Unprocessable Entity error if source list code name or time ranges does not follow the naming convention.
It will return the API Global errors described in the API description.
dataSources.getSourceInfoV1SourceIpSourceGet
What
Obtain the full meta information of the source list given as argument. A source list is a collection of resources combined together with other sources to create a dataset. A source list has some unique properties. The most relevant ones are the score and risk. The score is a number between 0 and 99 describing the probability of the IP address being a malicious one, being 0 means that the IP address is not malicious and is not a threat. Being 99 means that the service behind the IP address is probably malicious an certainly a threat.
Each source list groups several collections of resource by the lapse of time or time range that they are related to according to their age. Each group by time range has a score and a risk.
Parameters
The endpoint accepts only the following parameter in the path:
- source: (Mandatory) The code name that identifies uniquely the source list in the platform. It must be composed of uppercase letters, numbers and underscores.
Result
The result is a JSON object with the following fields:
- self: the URI to individual source list information.
- dataset: the URI to the dataset that aggregates the resources of this list.
- name: the unique name of the source list. Must be uppercase letters, numbers and underscores.
- description: a human readable long description of the source list.
- source: Origin of the list.
- url: The URL where the source list was found.
- refresh: The refresh period of the source list.
- minimum_score: The minimum score found in the different source list time ranges. Is in the range 0-99.
- maximum_score: The maximum score found in the different source list time ranges. Is in the range 0-99.
- minimum_risk: The minimum human readable risk score found in the different source list time ranges. Can be UNKNOWN, LOW, MEDIUM or HIGH.
- maximum_risk: The maximum human readable risk score found in the different source list time ranges. Can be UNKNOWN, LOW, MEDIUM or HIGH.
- time_range: the list of URIs pointing to the different source list time ranges information.
- updated_at: The UNIX timestamp in milliseconds of last update of the source list.
Errors
- a 404 Not Found error if the source list code name was not found.
- a 422 Unprocessable Entity error if source list code name does not follow the naming convention.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.changeStatusOfTheDenylistV1DenylistPublicDenylistIdPut
What
Change the status of an deny list to ACTIVE or INACTIVE. An INACTIVE list will not be used by the service. An ACTIVE list will be used by the service. As an optional parameter it can be provided an expiry date in seconds since epoch. If not provided, the list will never expire.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
Parameters
In the query string the ID of the deny list to change the status. In the body the JSON object with the following fields:
- status: The status of the list. It can be ACTIVE or INACTIVE.
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the status is not ACTIVE or INACTIVE, it will return a 422 error. If the expiry is not a valid timestamp, it will return a 422 error. If the deny list is not a valid UUID, it will return a 422 error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.changeStatusOfTheOriginDenylistV1DenylistPrivateDenylistIdOriginPut
What
Change the status of the origin of a deny list to ACTIVE, INACTIVE or DELETED.
An ACTIVE origin will apply the deny list to the protocol and domain of the origin. An origin can be created and activated simply toogling the ACTIVE status. As an optional parameter it can be provided an ttl or Time To Live parameter of the origin in the list in seconds. After the TTL expires, the origin will be removed from the list. If the TTL is not provided, the origin will never expire.
An INACTIVE origin will not apply the deny list to the protocol and domain of the origin.
A DELETED origin will be removed from the list. It will not be used by the service anymore. The user can activate it again with the ACTIVE status.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
This operation is not available in the Freemium plan.
Parameters
In the query string the ID of the deny list to change the status. In the body the JSON object with the following fields:
- origin: The protocol and domain of the origin. It can be http://example.com or https://example.com.
- status: The status of the list. It can be ACTIVE, INACTIVE or DELETED.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the status is not ACTIVE or INACTIVE, it will return a 422 error. If the TTL is negative in the past, it will return a 422 error. If the deny list is not a valid UUID, it will return a 422 error. If the origin is not a valid URL, it will return a 400 error. If the denylist is not active, it will returna 409 error. If the origin is not found in the set owned by the user, it will return a 404 error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.changeStatusOfTheOriginDenylistV1DenylistPublicDenylistIdOriginPut
What
Change the status of the origin of a deny list to ACTIVE, INACTIVE or DELETED.
An ACTIVE origin will apply the deny list to the protocol and domain of the origin. An origin can be created and activated simply toogling the ACTIVE status. As an optional parameter it can be provided an ttl or Time To Live parameter of the origin in the list in seconds. After the TTL expires, the origin will be removed from the list. If the TTL is not provided, the origin will never expire.
An INACTIVE origin will not apply the deny list to the protocol and domain of the origin.
A DELETED origin will be removed from the list. It will not be used by the service anymore. The user can activate it again with the ACTIVE status.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
This operation is not available in the Freemium plan.
Parameters
In the query string the ID of the deny list to change the status. In the body the JSON object with the following fields:
- origin: The protocol and domain of the origin. It can be http://example.com or https://example.com.
- status: The status of the list. It can be ACTIVE, INACTIVE or DELETED.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the status is not ACTIVE or INACTIVE, it will return a 422 error. If the TTL is negative in the past, it will return a 422 error. If the deny list is not a valid UUID, it will return a 422 error. If the origin is not a valid URL, it will return a 400 error. If the denylist is not active, it will returna 409 error. If the origin is not found in the set owned by the user, it will return a 404 error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.createPrivateDenylistOfTheUserV1DenylistPrivatePost
What
Creates a new denylist with the information given and binded to the current user. The parameters are:
- name
- description
- tags
- expiry
- Time to Live (TTL)
- Resource Type (CIDR, AS, COUNTRY, CONTINENT, DATACENTER_ID and USER AGENT)
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response. The operation will also return the UUID of the list.
Parameters
In the query string the ID of the private deny list to delete.
In the body the following parameters:
- name: A human readable name of the list.
- description: A long detailed information about what the list contains and how it is used.
- tags: A list of tags that describe the list.
- ttl: (Optional) The Time To Live of the list, in seconds. If it does not exist, it will never expire.
- resource_type: The type of resource that the list contains. It can be CIDR, AS, COUNTRY, CONTINENT, DATACENTER_ID or USER AGENT.
Result
It should always return a 202 Accepted response with the UUID of the new list in the body.
Errors
- If the information is not valid, it will return a 422 (Unprocessable Entity) error.
- If the ttl is negative, it will return a 400 (Bad Request) error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.deleteAllIpAddressesReportedByTheUserV1DenylistReportedIpAllDelete

What
Delete all the IP addresses that have been automatically reported by the user. This option cannot be reverted.
Parameters
No parameters are required.
Result
A successful result is an empty response with the the HTTP status code 204 No Content.
Errors
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.deleteAnIpAddressReportedByTheUserV1DenylistReportedIpIpAddressDelete
What
Delete an IP address that was automatically reported by the user. This option cannot be reverted.
Parameters
The endpoint accepts the following parameters in the path:
- ip_address: (Mandatory) The public IPv4 or IPv6 addresses to be deleted.
Result
A successful result is an empty response with the the HTTP status code 204 No Content.
Errors
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.deleteTheDenylistContentV1DenylistPrivateDenylistIdContentDelete
What
Delete all the content of a private denylist of the user. This will remove all the elements, and there is no way to recover them.
Parameters
Pass the private denylist ID as query parameter.
Result
If successful, it will return a 202 (Accepted) response with an empty body. The operation is asynchronous,and can take several seconds to complete.
Errors
- If the deny list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private denylist ID does not exist, it will return a 404 (Not found) error.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.deleteTheDenylistV1DenylistPrivateDenylistIdDelete
What
Delete all the bindings between a user and a private denylist. This will remove the content of the denylist, the denylist from the user and also all the origins that are using the denylist.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request willimmediately return a 202 Accepted response.
The default lists External sources reported CIDRs and Default denylist cannot be deleted, but can be emptied. Please refer to the documentation to delete the content.
Parameters
In the query string the ID of the private deny list to delete.
Result
It should always return a 202 Accepted response with an empty body.
Errors
- If the list does not exist, it will return a 404 (Not found) error.
- If the list is a default list, it will return a 403 (Forbidden) error.
- If the deny list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.deleteTheDenylistV1DenylistPublicDenylistIdDelete

What
Delete all the bindings between a user and an denylist. This will remove the denylist from the user and also all the origins that are using the denylist.
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
Parameters
In the query string the ID of the deny list to change the status.
Result
It should always return a 202 Accepted response with an empty body.
Errors
If the list does not exist, it will return a 404 error. If the deny list is not a valid UUID, it will return a 422 error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.getAllOwnedDenylistsByResourceTypeV1DenylistPublicOwnedResourceTypeGet
What
Obtain the set of public deny lists selected by the user and wich ones are not filtering by the resource type.
Parameters
The resource type to filter. The values can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as an denylist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.getAllPrivateDenylistsByResourceTypeV1DenylistPrivateAllResourceTypeGet
What
Obtain the set of private deny lists of the user available in the service filtering by resource type. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID
These lists are different datasets:
- Lists that are part of the automatically reported data from the Report IP, focused on honeypots and automaticreporting from external sources. The name is External sources reported CIDRs. The resource type is CIDR.
- Lists that are part of the automatically denylisted by the Threat Jammer service. The name is Default denylist. The resource type is CIDR.
- Lists that are created by the user.
Parameters
The resource type to filter. The values can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as a denylist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
- If the resource type is not valid, it will return a 422 (Unprocessable Entity) error.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.getAllPrivateDenylistsV1DenylistPrivateAllGet
What
Obtain the set of private deny lists of the user available in the service. These lists are different datasets:
- Lists that are part of the automatically reported data from the Report IP, focused on honeypots and automaticreporting from external sources. The name is External sources reported CIDRs.
- Lists that are part of the automatically denylisted by the Threat Jammer service. The name is Default denylist.
- Lists that are created by the user.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as a denylist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.getAllPublicDenylistsByResourceTypeV1DenylistPublicAllResourceTypeGet
What
Obtain the set of public deny lists available in the service and also which ones are already selected by the user and wich ones are not filtering by the resource type.
Parameters
The resource type to filter. The values can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
If the list is already selected by the user, the JSON object will also contain the following fields:
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
- origins: list of websites that are using the list as an denylist.
  - self: the URI to all the list of origins.
  - lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.getAllPublicDenylistsV1DenylistPublicAllGet
What
Obtain the set of public deny lists available in the service and also which ones are already selected by the user and wich ones are not.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
If the list is already selected by the user, the JSON object will also contain the following fields:
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
- origins: list of websites that are using the list as an denylist.
  - self: the URI to all the list of origins.
  - lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.getDenylistContentV1DenylistPrivateDenylistIdContentGet
What
Returns the content of the private denylist of the user. The content can be CIDRs, ASNs, countries, continents or datacenter IDs.
Parameters
Pass the private denylist ID as query parameter.
Result
The result is a JSON object with the following structure:
- self: the URI to the content of the list.
- cidrs: (Optional) list of CIDRs in the list.
- asns: (Optional) list of ASNs in the list.
- countries: (Optional) list of countries in the list.
- continents: (Optional) list of continents in the list.
- datacenters: (Optional) list of datacenters in the list.
Errors
- If the deny list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private denylist ID does not exist, it will return a 404 (Not found) error.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.getPublicDenylistsOwnedByTheUserV1DenylistPublicOwnedGet
What
Obtain the set of public deny lists available in the service selected by the user.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to the status of all the lists.
- lists: a list of JSON objects with the available lists:
  - self: the URI to individual information of the list.
  - name: A human readable name of the list.
  - description: A long detailed information about what the list contains and how it is used.
  - resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
  - list_type: The type of the list. It can be ALLOW or DENY.
  - status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
  - created_at: Unix timestamp in seconds when the list was created.
  - updated_at: Unix timestamp in seconds when the list was updated.
  - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
  - origins: list of websites that are using the list as an denylist.
    
    self: the URI to all the list of origins.
    
    lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.getSingleDenylistV1DenylistPrivateDenylistIdGet
What
Obtain the details of the private deny list of the user available in the service.
Parameters
Pass the private denylist ID as query parameter.
Result
The result is a JSON object with the following structure:
- self: the URI to individual information of the list.
- name: A human readable name of the list.
- description: A long detailed information about what the list contains and how it is used.
- resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
- list_type: The type of the list. It can be ALLOW or DENY.
- created_at: Unix timestamp in seconds when the list was created.
- updated_at: Unix timestamp in seconds when the list was updated.
- expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
- origins: list of websites that are using the list as a denylist.
  - self: the URI to all the list of origins.
  - lists: list of lists that the origin is using.
    
    self: the URI to the individual information of the list.
    
    origin: the protocol and domain of the website that is using the list.
    
    status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed.
    
    expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
    
    created_at: Unix timestamp in seconds when the list was created.
    
    updated_at: Unix timestamp in seconds when the list was updated.
Errors
- If the deny list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private denylist ID does not exist, it will return a 404 (Not found) error.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.getSingleDenylistV1DenylistPublicDenylistIdGet
What
Obtain the details of an deny list available in the service.
Parameters
No parameters
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual information of the list.
- name: A human readable name of the list.
- description: A long detailed information about what the list contains and how it is used.
- resource_type: The type of the list. It can be CIDR, AS, COUNTRY, CONTINENT or DATACENTER_ID.
- list_type: The type of the list. It can be ALLOW or DENY.
- status: The status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIREDit means that the list is not available anymore if not renewed.
- created_at: Unix timestamp in seconds when the list was created.
- updated_at: Unix timestamp in seconds when the list was updated.
If the list is already selected by the user, the JSON object will also contain the following fields: - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire. - origins: list of websites that are using the list as an denylist. - self: the URI to all the list of origins. - lists: list of lists that the origin is using. - self: the URI to the individual information of the list. - origin: the protocol and domain of the website that is using the list. - status: the status of the list. It can be ACTIVE or INACTIVE or EXPIRED. If the list is EXPIRED it means that the list is not available anymore if not renewed. - expiry: Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire. - created_at: Unix timestamp in seconds when the list was created. - updated_at: Unix timestamp in seconds when the list was updated.
Errors
If the list does not exist, it will return a 404 error.
It will return the API Global errors described in the API description.
denylistDataQueryAndManagement.queryAllTheIpAddressesReportedByTheUserV1DenylistReportedIpGet
What
Obtain the list of all the IPv4 or IPv6 addresses that have been automatically reported by the user. A user can report automatically an IP address with the asynchronous API. The reported IP addresses differ from the ones managed with the endpoint /v1/denylist/private/ip/%s. As a rule of thumb, the reported IP addresses are the ones submitted by devices like honeypots, firewalls, log engines, etc. The denylisted IP addresses are the ones submitted manually by the user from files or indidual items.
Parameters
The endpoint accepts the following parameters in the query string:
- dataset: (Optional) Name of the dataset to filter the query. If not given, then all datasets are queried. If given, then only the changes logged in the given dataset are returned. The list of datasets is obtained from the /v1/dataset/ip endpoint.
- reported_before: (Optional) The UNIX timestamp in milliseconds of the earliest reported date to be included in the query. If not given, then the earliest date is current time.
- reported_after: (Optional) The UNIX timestamp in milliseconds of the oldest reported date to be included in the query. If not given, then the oldest date is the first event logged.
- expires_before: (Optional) The UNIX timestamp in milliseconds of the earliest expiry date to be included in the query. If not given, then the earliest date is current time.
- expires_after: (Optional) The UNIX timestamp in milliseconds of the oldest expiry date to be included in the query. If not given, then the oldest date is the first event logged.
- greater_than: (Optional) Restricts the result displaying only the IP addresses reported more times than the given value. It must be an integer greater than 0.
- less_than: (Optional) Restricts the result displaying only the IP addresses reported less times than the given value. It must be an integer greater than 0.
- ip_protocol_version: (Optional) Restricts the result displaying only the IP addresses with the given IP protocol version. Values are: ALL, IPV4, IPV6. If not given, then all IP addresses are returned.
- output_format: (Optional) The format of the output. Values are: JSON, CSV, AWS-WAF. If not given, then the default format is JSON. AWS-WAF is the format used by AWS WAF to import ipsets in the service. You can find more information about AWS WAF import .
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- addresses: a list of JSON objects with the following fields:
  - self: the URI to individual reported IP information.
  - last_report: Unix timestamp in milliseconds when the IP address was last reported.
  - expiry: Unix timestamp in milliseconds when the IP address will expire and be removed.
  - total_reports: Total number of reports for the IP address.
  - protocol: IP protocol version of the IP address. Same value as the ip_protocol_version parameter if given.
  - dataset: Name of the dataset where the IP address was reported. Must be a value from the /v1/dataset/ip endpoint.
  - tags: A list of strings with the tags associated to the IP address at the origin device. It helps to classify the origin of the report.
Errors
- a 400 Bad Request error if any timestamp is in the future.
- a 400 Bad Request error if the dataset is not a string that can have numbers, upper and lower case letters, and underscores.
- a 404 Not Found error if the dataset was not found.
- a 422 Unprocessable Entity error if some of the parameters are malformed.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.queryAnIpAddressesReportedByTheUserV1DenylistReportedIpIpAddressGet
What
Obtain the details of an IPv4 or IPv6 addresses that have been automatically reported by the user. A user can report automatically an IP address with the asynchronous API. The reported IP address differs from the ones managed with the endpoint /v1/denylist/private/ip/%s. As a rule of thumb, the reported IP addresses are the ones submitted by devices like honeypots, firewalls, log engines, etc. The denylisted IP addresses are the ones submitted manually by the user from files or indidual items.
Parameters
The endpoint accepts the following parameters in the path:
- ip_address: (Mandatory) The public IPv4 or IPv6 addresses to be queried.
Result
The result is a JSON object with the following fields:
- self: the URI to individual reported IP information.
- last_report: Unix timestamp in milliseconds when the IP address was last reported.
- expiry: Unix timestamp in milliseconds when the IP address will expire and be removed.
- total_reports: Total number of reports for the IP address.
- protocol: IP protocol version of the IP address. Values can be IPV4 or IPV6.
- dataset: Name of the dataset where the IP address was reported. Must be a value from the /v1/dataset/ip endpoint.
- tags: A list of strings with the tags associated to the IP address at the origin device. It helps to classify the origin of the report.
Errors
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.queryResourceDenylistsV1DenylistPrivateIpAddressGet
What
Obtain the list of all the different denylists where the IP address entered by the user. The denylisted forbidden datasets are the ones submitted manually by the user from files or indidual items.
Parameters
The endpoint accepts the address parameter as query string.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- cidrs: the URI of the lists of CIDRs where the IP was found.
- country: the URIs where the lists of countries where the IP address was found
- continent: the URI where the continent where the IP address was found.
- asn: the URIs where the list of continents of the ASN where the IP address was found.
- datacenter: the URIs of the lists of datacenters where the IP address was found. If not found, the result is an empty string.
- reported: the URI of the information of the IP address reported by the user.
Errors
- a 422 Unprocessable Entity error if the IP address was malformed.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.queryResourceDenylistsV1DenylistPublicIpAddressGet
What
Obtain the list of all the different public denylists where the IP address entered by the user is. The public denylists are the ones activated by the user, but managed by Threatjammer administrators.
Parameters
The endpoint accepts the address parameter as query string.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- cidrs: the URI of the lists of CIDRs where the IP was found.
- country: the URIs where the lists of countries where the IP address was found
- continent: the URI where the continent where the IP address was found.
- asn: the URIs where the list of continents of the ASN where the IP address was found.
- datacenter: the URIs of the lists of datacenters where the IP address was found. If not found, the result is an empty string.
Errors
- a 422 Unprocessable Entity error if the IP address was malformed.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.updatePrivateContentOfTheDenylistOfTheUserV1DenylistPrivateDenylistIdContentPut
What
Add or remove content of a private denylist of the user. The content can be CIDRs, ASNs, countries, continents or datacenter IDs.
The number of elements allowed in all the lists are limited depending on the plan of the user:
- Free: 100 elements
- Basic: 1000 elements
- Premium: 10000 elements
Parameters
Pass the private denylist ID as query parameter.
In the body the following parameters:
- append: (Optional) Add CIDRs, ASNs, countries, continents or datacenter IDs to add to the list. It's not possible to mix different resource types in the same list.
- remove: (Optional) Extract CIDRs, ASNs, countries, continents or datacenter IDs to add to the list. It's not possible to mix different resource types in the same list.
Result
If successful, it will return a 202 (Accepted) response with an empty body. The operation is asynchronous,and can take several seconds to complete.
Errors
- If the deny list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the private denylist ID does not exist, it will return a 404 (Not found) error.
- If the append or remove parameters are not processable, it will return a 422 (Unprocessable Entity) error.
- If the number of elements in the lists is over the limit, it will return a 413 (Payload Too Large) error.
It will also return the API Global errors described in the API description.
denylistDataQueryAndManagement.updatePrivateDenylistOfTheUserV1DenylistPrivateDenylistIdPut
What
Updates the information that describes the denylist of the user in the system. The parameters that can be modified are:
- name
- description
- tags
- expiry
This is an asynchronous operation. It can take several seconds until the operation completes, but the request will immediately return a 202 Accepted response.
The default lists External sources reported CIDRs and Default denylist cannot be updated.
Parameters
In the query string the ID of the private deny list to delete.
In the body the following parameters:
- name: (Optional) A human readable name of the list.
- description: (Optional) A long detailed information about what the list contains and how it is used.
- tags: (Optional) A list of tags that describe the list.
- expiry: (Optional) Unix timestamp in seconds when the list will expire. If it does not exist, it will never expire.
Result
It should always return a 202 Accepted response with an empty body.
Errors
- If the list does not exist, it will return a 404 (Not found) error.
- If the list is a default list, it will return a 403 (Forbidden) error.
- If the deny list is not a valid UUID, it will return a 422 (Unprocessable Entity) error.
- If the expiry is not a valid timestamp, it will return a 422 (Unprocessable Entity) error.
- If the expiry is in the past, it will return a 400 (Bad Request) error.
- If the name is not a string, it will return a 422 (Unprocessable Entity) error.
- If the description is not a string, it will return a 422 (Unprocessable Entity) error.
It will return the API Global errors described in the API description.
geolocation.assessIpSetCsvV1GeoCsvPost
What
Get the geo location data of all the IP addresses uploaded in a text file. This information includes:
- Latitude and longitude
- Time zone
- Accuracy radius
- Postal code
- City name
- Region
- Country
- Country of the service provider
- Continent
- Reverse PTR hostnames
Parameters
- A text file with a list of public IPv4 or IPv6 addresses.
- A header Content-Type: multipart/form-data is required.
- (optional) in the query string the parameeter strict_parse: If set to true, no malformed IP addresses allowed, returning an error. If set to false, malformed IP addresses will be ignored.
Example:
curl -X 'POST' \ 'https://dublin.api.threatjammer.com/v1/geo/csv[?strict_parse=true|false]' \ -H 'accept: application/json' \ -H 'Authorization: Bearer YOUR_API_KEY' \ -H 'Content-Type: multipart/form-data' \ -F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
Result
The result contains a list of the result for each IP address, with the following data set:
The result is a JSON object with the following structure:
- self: the URI of the API call
- accuracy_radius: The radius in kilometers around the specified location where the IP address is likely to be.
- asn_country_iso_code: The ISO code of the country of the Autonomous System (AS) owner of the IP address.
- city_geoname_code:``: City geoname code. The geoname code by is a unique identifier assigned to each geographical point on the globe.
- city_name:``: City name, in english. The developer can use the geoname code to localize the name of the city.
- continent_code: The continent code. It can be any of the following: AF, AN, AS, EU, NA, OC, SA.
- country_iso_code: The country ISO 3166-1 alpha-2 code.
- hostnames: The list of hostnames associated with the IP address obtained from the reverse DNS lookup.
- latitude: The latitude of the geolocation.
- longitude: The longitude of the geolocation.
- postal_code:``: The postal code of the city.
- region_geoname_code:``: The geoname code of the region.
- region_name:``: The region name, in english. The developer can use the geoname code to localize the name of the region.
- time_zone: The name of the time zone.
Errors
The endpoint will return the following errors:
- a 422 Unprocessable Entity error if the IP address is malformed.
The private IP addresses will be ignored, if any.
When the strict_parse parameter is set to true, the endpoint will return the following errors:
- a 400 Bad Request.
It will also return the API Global errors described in the API description.
```
curl -X 'POST' \  'https://dublin.api.threatjammer.com/v1/geo/csv[?strict_parse=true|false]' \  -H 'accept: application/json' \  -H 'Authorization: Bearer YOUR_API_KEY' \  -H 'Content-Type: multipart/form-data' \  -F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
```
geolocation.geolocateIpSetV1GeoPost
What
Get the geo location data of all the IP addresses passed as argument. This information includes:
- Latitude and longitude
- Time zone
- Accuracy radius
- Postal code
- City name
- Region
- Country
- Country of the service provider
- Continent
- Reverse PTR hostnames
Parameters
A list of public IPv4 or IPv6 addresses is required in the body of the request.
Result
The result contains a list of the result for each IP address, with the following data set:
The result is a JSON object with the following structure:
- self: the URI of the API call
- accuracy_radius: The radius in kilometers around the specified location where the IP address is likely to be.
- asn_country_iso_code: The ISO code of the country of the Autonomous System (AS) owner of the IP address.
- city_geoname_code:``: City geoname code. The geoname code by is a unique identifier assigned to each geographical point on the globe.
- city_name:``: City name, in english. The developer can use the geoname code to localize the name of the city.
- continent_code: The continent code. It can be any of the following: AF, AN, AS, EU, NA, OC, SA.
- country_iso_code: The country ISO 3166-1 alpha-2 code.
- hostnames: The list of hostnames associated with the IP address obtained from the reverse DNS lookup.
- latitude: The latitude of the geolocation.
- longitude: The longitude of the geolocation.
- postal_code:``: The postal code of the city.
- region_geoname_code:``: The geoname code of the region.
- region_name:``: The region name, in english. The developer can use the geoname code to localize the name of the region.
- time_zone: The name of the time zone.
Errors
The endpoint will return the following errors:
- a 422 Unprocessable Entity error if the IP address is malformed.
The private IP addresses will be ignored, if any.
It will also return the API Global errors described in the API description.
geolocation.geolocateIpV1GeoIpAddressGet
What
Get the geo location data of the IP address passed as argument. This information includes:
- Latitude and longitude
- Time zone
- Accuracy radius
- Postal code
- City name
- Region
- Country
- Country of the service provider
- Continent
- Reverse PTR hostnames
Parameters
The only argument accepted in the query string is a public IPv4 or IPv6 addresses.
Result
The result contains the following set of data:
The result is a JSON object with the following structure:
- self: the URI of the API call
- accuracy_radius: The radius in kilometers around the specified location where the IP address is likely to be.
- asn_country_iso_code: The ISO code of the country of the Autonomous System (AS) owner of the IP address.
- city_geoname_code:``: City geoname code. The geoname code by is a unique identifier assigned to each geographical point on the globe.
- city_name:``: City name, in english. The developer can use the geoname code to localize the name of the city.
- continent_code: The continent code. It can be any of the following: AF, AN, AS, EU, NA, OC, SA.
- country_iso_code: The country ISO 3166-1 alpha-2 code.
- hostnames: The list of hostnames associated with the IP address obtained from the reverse DNS lookup.
- latitude: The latitude of the geolocation.
- longitude: The longitude of the geolocation.
- postal_code:``: The postal code of the city.
- region_geoname_code:``: The geoname code of the region.
- region_name:``: The region name, in english. The developer can use the geoname code to localize the name of the region.
- time_zone: The name of the time zone.
Errors
The endpoint will return the following errors:
- a 400 Bad Request error if the IP address is not public.
- a 422 Unprocessable Entity error if the IP address is malformed.
It will also return the API Global errors described in the API description.
originManagementInThisRegion.queryAllOriginInformationV1OriginAllGet
What
Obtain the attributes of all the origins of the user in the selected region. The purpose of this function is to display the information of configuration of the origins and also access to the live data of the origins.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
No parameters are required.
Result
The result is a list of JSON objects with the following fields:
- self: the URI to the request to obtain all the origins of the user.
- origins: A list of JSON objects with the following fields:
  - self: the URI to the request to obtain the full details of an origin.
  - origin: the protocol and the domain where the origin token is valid.
  - status: the status of the origin token. The only allowed values are ENABLED and DISABLED.
  - token: the URI to the request to obtain the token of the origin.
  - data: a JSON object containing all the parameters of the origin as key-value pairs.
  - logs: the URI to the request to obtain the log activity in the origin.
  - addresses: the URI to the request to obtain the list of IP addresses active in the origin.
  - cookies: the URI to the request to obtain the list of cookies active in the origin.
  - created_at: the date and time when the origin token was created in UNIX timestamp in milliseconds.
  - updated_at: the date and time when the origin token was last updated in UNIX timestamp in milliseconds.
Errors
It will return the API Global errors described in the API description.
originManagementInThisRegion.queryOriginAddressStatusInformationV1OriginAddressesGet
What
Obtain the status that trigger the change in the status of the origin of a specific IP address. The status will also describe the current state of the status and the information that triggered the change.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the full details of the status of an origin.
- addresses: a list of JSON objects with the following fields:
  - address: the IP address of the origin.
  - status: the status of IP address for the given origin.
  - log_id: the ID of the log that triggered the change in the status of the origin.
  - expiry: the date and time when the origin status will expire in UNIX timestamp in milliseconds.
  - created_at: the date and time when the origin status was created in UNIX timestamp in milliseconds.
  - updated_at: the date and time when the origin status was last updated in UNIX timestamp in milliseconds.
Errors
- a 404 Not Found error if the origin is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.queryOriginCookieIdStatusInformationV1OriginCookiesGet
What
Obtain the status that trigger the change in the status of the origin of the cookie ID used to track the users. The status will also describe the current state of the status and the information that triggered the change.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the full details of the status of an origin.
- addresses: a list of JSON objects with the following fields:
  - cookie_id: the ID of the tracking cookie for the origin.
  - status: the status of tracking cookie ID for the given origin.
  - log_id: the ID of the log that triggered the change in the status of the origin.
  - expiry: the date and time when the origin status will expire in UNIX timestamp in milliseconds.
  - created_at: the date and time when the origin status was created in UNIX timestamp in milliseconds.
  - updated_at: the date and time when the origin status was last updated in UNIX timestamp in milliseconds.
Errors
- a 404 Not Found error if the origin is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.queryOriginInformationV1OriginGet
What
Obtain the attributes of the origin of the user passed as argument in the selected region. The purpose of this function is to display the information of configuration of the origin and also access to the live data of the origin.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the full details of an origin.
- origin: the protocol and the domain where the origin token is valid.
- status: the status of the origin token. The only allowed values are ENABLED and DISABLED.
- token: the URI to the request to obtain the token of the origin.
- data: a JSON object containing all the parameters of the origin as key-value pairs.
- logs: the URI to the request to obtain the log activity in the origin.
- addresses: the URI to the request to obtain the list of IP addresses active in the origin.
- cookies: the URI to the request to obtain the list of cookies active in the origin.
- created_at: the date and time when the origin token was created in UNIX timestamp in milliseconds.
- updated_at: the date and time when the origin token was last updated in UNIX timestamp in milliseconds.
Errors
- a 404 Not Found error if the origin token is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.queryOriginScriptsV1OriginScriptsGet
What
Obtain the code snippets of the origin of the user passed as argument in the selected region. The purpose of this function is to help the user to integrate the javascript library in their website with a preconfigured script that contains the origin token.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the full details of an origin.
- detection: code snippet to integrate into the website described in the origin to detect malicious activity.
Errors
- a 404 Not Found error if the origin token is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.queryOriginStatusDetailsV1OriginStatusDetailsGet
What
Obtain the full list and description of the different status available in the platform.
Parameters
No parameters needed.
Result
The result is a JSON list with the following fields:
- self: the URI to the request to obtain the list.
- list: a JSON list with the following elements each one with the following fields:
  - self: the URI to the status detail.
  - description: a human readable description of the status.
  - cardinality: The number describing the cardinality of the status.
Errors
It will return the API Global errors described in the API description.
originManagementInThisRegion.queryOriginStatusDetailV1OriginStatusDetailStatusIdGet
What
Obtain the description of a status available in the platform.
Parameters
A status_id parameter in the path of the request:
- PASS
- BLOCK
- CHALLENGE
- BYPASS
- IGNORE
Result
The result is a JSON object with the following fields:
- self: the URI to the status detail.
- description: a human readable description of the status.
- cardinality: The number describing the cardinality of the status.
Errors
- a 400 Bad Request error if the origin status is not any of the available ones.
It will return the API Global errors described in the API description.
originManagementInThisRegion.queryOriginStatusV1OriginStatusPost
What
Obtain the current status of the origin for a given IP address and/or cookie ID. The values can be correlated, but they are not required to be. The status will also describe the following information:
- PASS: The traffic should not be intercepted, but should be analyzed and a positive detection should trigger a change in the status.
- BLOCK: The traffic must be intercepted and redirected to a blocking page. Only a timeout of the IP address or Cookie ID, a solved challenge or a manual status change can change the status.
- CHALLENGE: The traffic must be intercepted and redirected to a page where the user must solve a challenge. If the challenge is succesfully solved the status will change to PASS. If the user fails to change the challenge a specific amount of times, the status can change to BLOCK.
- BYPASS: The traffic should not be tapped even if it is suspected to be malicious, as long as the timeout has not expired. When the timeout is reached, it should revert to a previous state instead of going to PASS.
- IGNORE: Whatever happens to the traffic of the user, it should not be tapped. Once the time expires, it should return to the state PASS.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
The body should have at least one of the following fields:
- address: The IP address of the user to query.
- cookie_id: The ID of the tracking cookie of the user to query.
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the full details of the cookie_id and address status of an origin.
- cookie_id: a JSON object with the following fields:
  - cookie_id: the ID of the tracking cookie for the origin.
  - status: the URI to the status detail of the cookie ID.
  - log_id: (Optional) the ID of the log that triggered the change in the status of the origin.
  - expiry: (Optional) the date and time when the origin status will expire in UNIX timestamp in milliseconds.
  - created_at: (Optional) the date and time when the origin status was created in UNIX timestamp in milliseconds.
  - updated_at: (Optional) the date and time when the origin status was last updated in UNIX timestamp in milliseconds.
- address: a JSON object with the following fields:
  - address: the address for the origin.
  - status: the URI to the status detail of the cookie ID.
  - log_id: (Optional) the ID of the log that triggered the change in the status of the origin.
  - expiry: (Optional) the date and time when the origin status will expire in UNIX timestamp in milliseconds.
  - created_at: (Optional) the date and time when the origin status was created in UNIX timestamp in milliseconds.
  - updated_at: (Optional) the date and time when the origin status was last updated in UNIX timestamp in milliseconds.
Errors
- a 404 Not Found error if the origin is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.queryOriginTrafficAnalysisV1OriginTrafficAnalysisGet
What
Obtain the traffic analysis of the origin in the specified time range and interval. Theanalysis will return the number of requests and the anomalies detected like:
- number of requests
- overall score
- malicious synthetic traffic (bad bot traffic)
- IP in a denylist
- IP in a datacenter
- user uses a headless webdriver
- Autonomous System (ASN) of the IP is risky
- The location of the IP address and the ASN is different
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
To restrict the analysis to a specific time range, add the following parameters to the querystring:
- from_timestamp: the start date and time of the analysis in UNIX timestamp in milliseconds.
- to_timestamp: (Optional) the end date and time of the analysis in UNIX timestamp in milliseconds.
- interval: (Optional) the interval of the analysis in minutes. The default value is 60 minutes (HOURLY). Possible values are: HOURLY.
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the traffic analysis for the origin.
- from_timestamp: the start date and time of the analysis in UNIX timestamp in milliseconds.
- to_timestamp: the end date and time of the analysis in UNIX timestamp in milliseconds.
- interval: the interval of the analysis. Possible values are: HOURLY.
- data: a JSON list with the following elements each one with the following fields:
  - timestamp: the date and time of the analysis in UNIX timestamp in milliseconds.
  - total: the total number of requests.
  - score_high: the number of requests with a high score (bad traffic).
  - bots: the number of requests from bad bots.
  - denylists: the number of requests from IPs in a denylist.
  - datacenters: the number of requests from IPs in a datacenter.
  - webdrivers: the number of requests from IPs using a headless webdriver.
  - asn_risky: the number of requests from IPs with a risky ASN.
  - network_country_mismatches: the number of requests from IPs with a different location than the ASN.
Errors
- a 404 Not Found error if the origin token is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.queryOriginTrafficClientV1OriginClientAnalysisGet
What
Obtain the type of clients of trhe traffic in the specified time range and interval. Thequery will return the number of requests and the different type of CLIENTs and CRAWLERs.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the querystring of the request, add the origin of the user to the query parameter with the following format:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
Then, the origin must be urlencoded. Example:
https://example.com
https%3A%2F%2Fexample.com
The querystring must be like this:
?query=https%3A%2F%2Fexample.com
To restrict the query to a specific time range, add the following parameters to the querystring:
- from_timestamp: the start date and time of the analysis in UNIX timestamp in milliseconds.
- to_timestamp: (Optional) the end date and time of the analysis in UNIX timestamp in milliseconds.
- interval: (Optional) the interval of the analysis in minutes. The default value is 60 minutes (HOURLY). Possible values are: HOURLY.
Result
The result is a JSON object with the following fields:
- self: the URI to the request to obtain the traffic client analysis for the origin.
- from_timestamp: the start date and time of the analysis in UNIX timestamp in milliseconds.
- to_timestamp: the end date and time of the analysis in UNIX timestamp in milliseconds.
- interval: the interval of the analysis. Possible values are: HOURLY.
- data: a JSON list with the following elements each one with the following fields:
  - timestamp: the date and time of the analysis in UNIX timestamp in milliseconds.
  - total: the total number of requests.
  - client_*: the number of requests from a specific client. The possible clients are: browser, crawler, email, library, mobile_browser, multimedia_player, offline_browser, unrecognized, ua_anonymizer, validator, wap_browser.
  - crawler_*: the number of requests from a specific crawler. The possible crawlers are:feed_fetcher, link_checker, marketing, screenshot_creator, search_engine_bot,site_monitor, speed_tester, tool, uncategorized, unrecognized, virus_scanner,vulnerability_scanner, web_scraper.
Errors
- a 404 Not Found error if the origin token is not found.
- a 400 Bad Request error if the origin does not have the correct format.
It will return the API Global errors described in the API description.
```
https://example.com
```
```
https%3A%2F%2Fexample.com
```
```
?query=https%3A%2F%2Fexample.com
```
originManagementInThisRegion.updateConfigurationOriginV1OriginPut
What
Modify the configuration metadata of the origin of the user in the selected region.
The origin is a combination of protocol and domain (Ex: ) and the origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
In the body of the request, add the origin of the user and the config parameter with the following format for the origin:1. Protocol: Can be http or https. 2. Domain: The domain of the origin.
The config parameter is a JSON object containing the configuration of the origin. It only accepts the existing parameters obtained from the GET request of the origin. If the parameter is not present in the config object, it will fail to store it. It's not necessary to send all the parameters, only the ones that need to be updated.
Result
The result is the JSON object with all the new values of the origin configuration.
Errors
- a 404 Not Found error if the origin token is not found.
- a 400 Bad Request error if the origin does not have the correct format.
- a 400 Bad Request error if the config parameter is not a JSON object or unknown parameters are sent.
It will return the API Global errors described in the API description.
originTokenManagementInThisRegion.createANewOriginTokenV1OriginTokenNewPost
What
Creates a new origin token for the user passing as argument the origin. The origin parameter is the protocol and the domain where the origin token is valid.
The origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
The origin with the protocol and domain is required in the body of the request in the parameter origin. The allowed protocols are https://, and http://.
Result
The result is a JSON object with the new origin token and the following fields:
- self: the URI to individual origin token information.
- region_id: the name of the region where the origin token is valid.
- origin: the protocol and the domain where the origin token is valid.
- status: the status of the origin token. The only allowed values are ENABLED and DISABLED.
- created_at: the date and time when the origin token was created in UNIX timestamp in milliseconds.
- updated_at: the date and time when the origin token was last updated in UNIX timestamp in milliseconds.
Errors
It will return the API Global errors described in the API description.
It will also return the following errors:
- a 400 Bad Request error if the origin does not have the correct format.
- a 409 Conflict error if the origin token already exists.
originTokenManagementInThisRegion.deleteTokenV1OriginTokenDelete
What
Deletes the origin token passed as argument of the user in the selected region. Once the token is deleted, it will no longer be valid and the protocol and domain of the origin will no longer be under protection.
To delete an origin token, the user must be the owner and the token must be DISABLED first.
Parameters
The Origin Token is required in the body of the request in the parameter origin_token_id.
Result
If successful, the result will be an empty response with a status code of 204 No Content.
Errors
It will return the API Global errors described in the API description.
It will also return the following errors:
- a 404 Not Found error if the origin token is not found.
- a 409 Conflict error if the origin token is not disabled.
originTokenManagementInThisRegion.disableOriginTokenV1OriginTokenDisablePut
What
Disable an enabled origin token passed as argument of the user in the selected region. When a token is enabled, it will participate in the protection of the origin protocol and domain. If the token is disabled, it will not participate in the protection of the origin protocol and domain.
To disable an origin token, the user must be the owner. If the token is already disabled, the function will not perform any action. If the token is enabled, it will be disabled.
Parameters
The Origin Token is required in the body of the request in the parameter origin_token_id.
Result
If successful, the result will be an empty response with a status code of 204 No Content.
Errors
It will return the API Global errors described in the API description.
It will also return the following errors:
- a 404 Not Found error if the origin token is not found.
originTokenManagementInThisRegion.enableOriginTokenV1OriginTokenEnablePut
What
Enable a disabled origin token passed as argument of the user in the selected region. When a token is enabled, it will participate in the protection of the origin protocol and domain. If the token is disabled, it will not participate in the protection of the origin protocol and domain.
To enable an origin token, the user must be the owner. If the token is already enabled, the function will not perform any action. If the token is disabled, it will be enabled.
Parameters
The Origin Token is required in the body of the request in the parameter origin_token_id.
Result
If successful, the result will be an empty response with a status code of 204 No Content.
Errors
It will return the API Global errors described in the API description.
It will also return the following errors:
- a 404 Not Found error if the origin token is not found.
originTokenManagementInThisRegion.queryAllOriginTokensInTheRegionV1OriginTokenAllGet
What
Obtain the attributes of all the origin tokens of the user in the selected region. The purpose of this function is to show what protocol and domain is linked to all the tokens.
The origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
No parameters are required.
Result
The result is a list of JSON objects with the following fields:
- self: the URI to individual origin token information.
- region_id: the name of the region where the origin token is valid.
- origin: the protocol and the domain where the origin token is valid.
- status: the status of the origin token. The only allowed values are ENABLED and DISABLED.
- created_at: the date and time when the origin token was created in UNIX timestamp in milliseconds.
- updated_at: the date and time when the origin token was last updated in UNIX timestamp in milliseconds.
Errors
It will return the API Global errors described in the API description.
originTokenManagementInThisRegion.queryOriginTokenInfoV1OriginTokenPost
What
Obtain the attributes of the given origin token of the user in the selected region. The purpose of this function is to show what protocol and domain is linked to the token.
The origin token is a special key used in conjunction with javascript library used for abuse detection. This key is owned by the user and is used to identify the origin of the request. Hence, the protocol and domain of the origin must be the one where the javascript is loaded.
Parameters
The Origin Token is required in the body of the request in the parameter origin_token_id.
Result
The result is a JSON object with the following fields:
- self: the URI to individual origin token information.
- region_id: the name of the region where the origin token is valid.
- origin: the protocol and the domain where the origin token is valid.
- status: the status of the origin token. The only allowed values are ENABLED and DISABLED.
- created_at: the date and time when the origin token was created in UNIX timestamp in milliseconds.
- updated_at: the date and time when the origin token was last updated in UNIX timestamp in milliseconds.
Errors
It will return the API Global errors described in the API description.
platformDatasets.queryDatatasetInformationOfAllTheResourceTypesV1DatasetIpGet
What
Obtain the list of all the datasets available in the platform. A dataset is a collection of different data sources that are related to a specific topic. The name of the dataset describes the specific topic.
Parameters
No parameters are required.
Result
The result is a JSON object with a list of the following JSON objects:
- self: the URI to individual status.
- types: a list of JSON objects with the following fields:
  - self: the URI to individual dataset information.
  - type: what type of dataset is this. The only allowed value is ip.
  - name: the name of the dataset in human readable form.
  - description: a human readable long description of the dataset.
  - status: the status of the dataset. The only allowed value is ENABLED.
  - items: the number of 'live' items in the dataset when the request is performed.
Errors
It will return the API Global errors described in the API description.
platformDatasets.queryDatatasetInformationOfTheResourceTypeV1DatasetIpNameGet
What
Get the detailed information of the dataset queried by the name. A dataset is a collection of different data sources that are related to a specific topic. The name of the dataset describes the specific topic.
Parameters
The endpoint accepts only the following parameter in the path:
- name: (Mandatory) The code name that identifies uniquely the dataset in the platform. It must be composed of uppercase letters, numbers and underscores.
Result
The result is a JSON object with the following fields:
- self: the URI to individual dataset information.
- type: what type of dataset is this. The only allowed value is ip.
- name: the name of the dataset in human readable form.
- description: a human readable long description of the dataset.
- status: the status of the dataset. The only allowed value is ENABLED.
- items: the number of 'live' items in the dataset when the request is performed.
Errors
- a 404 Not Found error if the dataset code name was not found.
- a 422 Unprocessable Entity error if dataset code name does not follow the naming convention.
It will also return the API Global errors described in the API description.
userAgent.parseUserAgentsCsvV1UaCsvPost
What
Get the information found in the list of User Agents uploaded as a CSV file. This information includes:
- Type
- Render Engine
- Version
- Vendor
- Operating System
- Device
- How common is the agent worldwide
Parameters
- A text file with a list of User Agents.
- A header Content-Type: multipart/form-data is required.
Example:
curl -X 'POST' \ 'https://dublin.api.threatjammer.com/v1/ua/csv' \ -H 'accept: application/json' \ -H 'Authorization: Bearer YOUR_API_KEY' \ -H 'Content-Type: multipart/form-data' \ -F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
Result
The result contains a list of the result for each User Agent, with the following data set:
The result is a JSON object with the following structure:
- self: the URI of the API call
- string: The full user agent string passed as argument.
- classification: The classification of the user agent. It can be one of the following: CRAWLER, CLIENT, UNKNOWN.
- type: An URI to the type of user agent used to identify the client (browser, bot, crawler, etc.).
- agent: Name of the agent and the version, if any.
- engine: Agent render engine.
- version: Version of the agent.
- latest: Latests known version of the agent.
- family: URI to the family of the agent.
- vendor: URI to the vendor or company that produces the agent.
- os: URI to the operating system used by the agent.
- device: URI to the device used by the agent.
- frequent: If the agent is frequently used worlwide or not. The values are COMMON, RARE, and UNKNOWN.
Errors
The endpoint will return the API Global errors described in the API description.
```
curl -X 'POST' \  'https://dublin.api.threatjammer.com/v1/ua/csv' \  -H 'accept: application/json' \  -H 'Authorization: Bearer YOUR_API_KEY' \  -H 'Content-Type: multipart/form-data' \  -F 'csv_file=@YOUR_TEXT_FILE;type=text/csv'
```
userAgent.parseUserAgentsV1UaPost
What
Get the information found in the list of User Agents passed as argument. This information includes:
- Type
- Render Engine
- Version
- Vendor
- Operating System
- Device
- How common is the agent worldwide
Parameters
A list of User Agents are required in the body of the request.
Result
The result contains a list of the result for each User Agent, with the following data set:
The result is a JSON object with the following structure:
- self: the URI of the API call
- string: The full user agent string passed as argument.
- classification: The classification of the user agent. It can be one of the following: CRAWLER, CLIENT, UNKNOWN.
- type: An URI to the type of user agent used to identify the client (browser, bot, crawler, etc.).
- agent: Name of the agent and the version, if any.
- engine: Agent render engine.
- version: Version of the agent.
- latest: Latests known version of the agent.
- family: URI to the family of the agent.
- vendor: URI to the vendor or company that produces the agent.
- os: URI to the operating system used by the agent.
- device: URI to the device used by the agent.
- frequent: If the agent is frequently used worlwide or not. The values are COMMON, RARE, and UNKNOWN.
Errors
The endpoint will return the API Global errors described in the API description.
userAgent.parseUserAgentV1UaUserAgentUrlencodedGet
What
Get the information found in the User Agent passed as argument. This information includes:
- Type
- Render Engine
- Version
- Vendor
- Operating System
- Device
- How common is the agent worldwide
Parameters
The only argument accepted in the query string is an URL encoded User Agent string.
Result
The result contains the following set of data:
The result is a JSON object with the following structure:
- self: the URI of the API call
- string: The full user agent string passed as argument.
- classification: The classification of the user agent. It can be one of the following: CRAWLER, CLIENT, UNKNOWN.
- type: An URI to the type of user agent used to identify the client (browser, bot, crawler, etc.).
- agent: Name of the agent and the version, if any.
- engine: Agent render engine.
- version: Version of the agent.
- latest: Latests known version of the agent.
- family: URI to the family of the agent.
- vendor: URI to the vendor or company that produces the agent.
- os: URI to the operating system used by the agent.
- device: URI to the device used by the agent.
- frequent: If the agent is frequently used worlwide or not. The values are COMMON, RARE, and UNKNOWN.
Errors
The endpoint will return the API Global errors described in the API description.
userAgent.queryDeviceByCodeV1UaDeviceCodeGet
What
Obtain the details of a device of a User Agent.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the device origin of a User Agent. The value must be an alphanumeric upper case string.
Result
The result is a JSON object with the following structure:
- self: the URI to the device.
- description: the human readable description of the device.
- code: the internal code of the device in the system.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
userAgent.queryFamilyByCodeV1UaFamilyCodeGet
What
Obtain the details of a family of a User Agent.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the family of a User Agent. The value must be an alphanumeric upper case string.
Result
The result is a JSON object with the following structure:
- self: the URI to the family.
- description: the human readable description of the famly.
- code: the internal code of the family in the system.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
userAgent.queryOsByCodeV1UaOsCodeGet
What
Obtain the details of the Operating System of a User Agent.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the Operating System at the origin of a User Agent. The value must be an alphanumeric upper case string.
Result
The result is a JSON object with the following structure:
- self: the URI to the OS.
- description: the human readable description of the OS.
- code: the internal code of the OS in the system.
- family: the family of the OS.
- vendor: the vendor or manufacturer of the OS.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
userAgent.queryTypeByCodeV1UaTypeCodeGet
What
Obtain the details of a type of a User Agent.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the type of a User Agent. The value must be an alphanumeric upper case string.
Result
The result is a JSON object with the following structure:
- self: the URI to the type.
- description: the human readable description of the type.
- code: the internal code of the type in the system.
- type: the type of the User Agent. Can be INTERACTIVE, CRAWLER or UNKNOWN if the type is not known.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
userAgent.queryVendorByCodeV1UaVendorCodeGet
What
Obtain the details of a vendor of a User Agent.
Parameters
The endpoint accepts only the following parameter in the path:
- code: (Mandatory) The code that identifies uniquely the vendor or manufacurer of a User Agent. The value must be an alphanumeric upper case string.
Result
The result is a JSON object with the following structure:
- self: the URI to the vendor.
- description: the human readable description of the vendor.
- code: the internal code of the vendor in the system.
Errors
- a 422 Unprocessable Entity error if the code is not one of the available.
It will also return the API Global errors described in the API description.
openapi.previewSpec

Preview an OpenAPI document before adding it as a source
openapi.addSource

Add an OpenAPI source and register its operations as tools

General information

Description

Authentication

Region specific tokens

Global errors

Quota limits

Tools (98)

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What

Parameters

Result

Errors

What