Endpoints of Threat Check API

New
  • Published on Apr 24, 2025
  • 1 minute(s) read

The Threat Check API endpoint is used by customers to determine if an IP address or a hostname is listed on a Silent Push IOFA feed. The API follows the OpenAPI 3.1 specification and returns JSON responses for both successful checks and error conditions.

Base URL

https://api.threatcheck.silentpush.com/v1/

Check if an Indicator Is Listed

  • Endpoint: GET /v1/

  • Description: Check if the specified indicator is on an IOFA Feed.

  • Response: JSON response containing a Boolean value.

Query Parameters

Parameter Name

Parameter Type

Description

Example

t

String

Type of indicator

name

ip

d

String

Type of data. The default is iofa .

iofa

u

String

Unique identifier of the organization that is making the request.

[insert example key]

q

String

IP address or hostname that the organization is investigating.

[insert example]

Example Request

  • GET /v1/?t=ip&d=iofa&u=12345&q=192.168.1.10
    Host: api.threatcheck.silentpush.com

Successful Response

When the query is successful, the API returns the following response:

  • HTTP Status Code: 200 OK

  • Response Body Example:
    {

     "query": "192.168.1.10",

     "is_listed": true,

     "listed_txt": "This IP is on the IOFA feed."

    }

Parameter Name

Parameter Type

Description

query

String

Echoes the provided indicator.

is_listed

Boolean

Indicates if the indicator is on an IOFA feed.

listed_txt

String

Provides additional context.

Error Responses

When the query is unsuccessful, the API will return one of the following errors:

  • HTTP Status Code: 400 Bad Request
    {

     "error": "The request parameters are missing or invalid."

    }

  • HTTP Status Code: 422 Unprocessable Entity
    {

     "detail": [

       {

         "loc": ["query", 0],

         "msg": "Value is not a valid IP address.",

         "type": "value_error"

       }

     ]

    }