Customers use the Threat Check API endpoint to determine whether an IP address or hostname is listed on a Silent Push Indicators of Future Attack (IOFAâ„¢) feed. The API follows the OpenAPI 3.1 specification and returns JSON responses for both successful checks and error conditions.
Base URL
https://api.threatcheck.silentpush.com/v1/
Check if an Indicator is Listed
Endpoint:
GET /v1/Description: Check if the specified indicator is on an IOFA Feed.
Response: JSON response containing a Boolean value.
Query parameters
Parameter name | Parameter type | Description | Example |
|---|---|---|---|
| String | Type of indicator |
|
| String | Type of data. The default is |
|
| String | Unique identifier of the organization that is making the request (Access Key found in the app’s Subscription page) | [insert example key] |
| String | IP address or hostname that the organization is investigating. | [insert example] |
Example Request
GET /v1/?t=ip&d=iofa&u=12345&q=192.168.1.10Host: api.threatcheck.silentpush.com
Successful Response
When the query is successful, the API returns the following response:
HTTP Status Code:
200 OKResponse Body Example:
{
"query": "192.168.1.10",
"is_listed": true,
"listed_txt": "This IP is on the IOFA feed."
}Parameter name | Parameter type | Description |
|---|---|---|
| String | Echoes the provided indicator. |
| Boolean | Indicates if the indicator is on an IOFA feed. |
| String | Provides additional context. |
Error Responses
When the query is unsuccessful, the API will return one of the following errors:
HTTP status code: 400 Bad Request
{
"error": "The request parameters are missing or invalid."
}HTTP status code: 422 Unprocessable Entity
{
"detail": [
{
"loc": ["query", 0],
"msg": "Value is not a valid IP address.",
"type": "value_error"
}
]
}