Silent Push

the silent push connector allows users to access a wide range of cyber threat intelligence and domain analysis services, enhancing security event context and aiding in threat investigation silent push is a comprehensive threat intelligence platform specializing in domain and ip analysis this connector enables swimlane turbine users to automate the retrieval of detailed information, risk scores, and enrichment data for domains and ip addresses by integrating with silent push, security teams can enhance their threat intelligence capabilities, streamline investigations, and rapidly respond to potential threats by leveraging actionable insights directly within their security workflows limitations none to date supported versions this silent push connector uses the v1 version api additional docs https //docs silentpush com/index html# configuration prerequisites to effectively utilize the silent push connector within swimlane, ensure you have the following prerequisites api key authentication with the following parameters url endpoint for the silent push api services api key unique identifier to authenticate requests to silent push authentication methods to utilize the silent push connector within the swimlane turbine platform, ensure you have the following prerequisites api key authentication url the endpoint url for the silent push api api key your unique identifier to authenticate with the silent push api capabilities this silent push connector provides the following capabilities asn takedown reputation bulk domain information bulk domain infratags bulk silent push risk score for a list of domains bulk silent push risk score for list ipv4 address domain enrichment domain information domain infratag domain search domain typosquatting search ipv4 enrichment ipv6 enrichment name server changes name server changes summary silent push risk score for domain and so on asn takedown reputation get a takedown reputation for asn https //help silentpush com/docs/asn takedown reputation bulk domain information get domain information for multiple domains https //docs silentpush com/domain html#bulk domain information bulk domain infratags get infratags for multiple domains with optional clustering https //docs silentpush com/domain html#bulk domain infratags get silent push risk score for multiple domains https //docs silentpush com/domain html#bulk silent push risk score for a list of domains get the silent push risk score for multiple ipv4 addresses https //help silentpush com/docs/bulk silent push risk score for a list of ipv4 addresses domain enrichment get domain enrichment information https //docs silentpush com/enrich html#domain enrichment domain information get domain information https //docs silentpush com/domain html#domain information domain infratag get infratag for domain https //docs silentpush com/domain html#domain infratag domain search search for domains that match specific criteria, including optional name servers, whois, network, and domain name patterns https //help silentpush com/docs/domain search domain typosquatting search find typosquatted variations of the domain optionally exclude selected infrastructure https //help silentpush com/docs/domain typosquatting search ipv4 enrichment get ipv4 enrichment information https //docs silentpush com/enrich html#ipv4 enrichment ipv6 enrichment get ipv6 enrichment information https //docs silentpush com/enrich html#ipv6 enrichment name server changes get name server changes for domain https //help silentpush com/docs/name server changes name server changes summary get a summary of name server changes for the domain https //help silentpush com/docs/name server changes summary get silent push risk score for domain https //docs silentpush com/domain html#silent push risk score for domain get the silent push risk score for the ipv4 address https //help silentpush com/docs/silent push risk score for ipv4 whois information get previously collected whois information for the domain https //help silentpush com/docs/whois information configurations silent push api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required x api key api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions asn takedown reputation retrieve the takedown reputation for a specified autonomous system number (asn) from silent push endpoint url api/v1/merge api/explore/takedownreputation/asn/{{asn}} method get input argument name type required description parameters explain number optional show information used to calculate the reputation score path parameters asn string required asn to get takedown reputation for input example {"parameters" {"explain" 1},"path parameters" {"asn" "13614"}} output parameter type description status code number http status code of the response reason string response reason phrase takedown reputation object output field takedown reputation takedown reputation asn number output field takedown reputation asn takedown reputation asn allocation age number output field takedown reputation asn allocation age takedown reputation asn allocation date number date value takedown reputation asn takedown reputation number output field takedown reputation asn takedown reputation takedown reputation asn takedown reputation explain object output field takedown reputation asn takedown reputation explain takedown reputation asn takedown reputation explain ips in asn number output field takedown reputation asn takedown reputation explain ips in asn takedown reputation asn takedown reputation explain ips num listed number output field takedown reputation asn takedown reputation explain ips num listed takedown reputation asn takedown reputation explain items num listed number output field takedown reputation asn takedown reputation explain items num listed takedown reputation asn takedown reputation explain listings max age number output field takedown reputation asn takedown reputation explain listings max age takedown reputation asname string name of the resource output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"takedown reputation" {"asn" 13335,"asn allocation age" 4014,"asn allocation date" 20100714,"asn takedown reputation" 0,"asn takedown reputation explain" {},"asname" "cloudflarenet, us"}}} bulk domain information retrieve detailed information for a list of domains provided in the input using the silent push connector endpoint url api/v1/merge api/explore/bulk/domaininfo method post input argument name type required description domains array optional list of domains to get information about input example {"json body" {"domains" \["silentpush com","google com"]}} output parameter type description status code number http status code of the response reason string response reason phrase domaininfo array output field domaininfo domaininfo age number output field domaininfo age domaininfo age score number score value domaininfo domain string output field domaininfo domain domaininfo first seen number output field domaininfo first seen domaininfo is new boolean output field domaininfo is new domaininfo is new score number score value domaininfo last seen number output field domaininfo last seen domaininfo query string output field domaininfo query domaininfo whois age string output field domaininfo whois age domaininfo whois created date string date value domaininfo zone string output field domaininfo zone domaininfo info string output field domaininfo info output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domaininfo" \[{},{}]}} bulk domain infratags retrieves infratags for multiple domains from silent push, optionally including clustering data requires a list of domains endpoint url api/v1/merge api/explore/domain/infratags method post input argument name type required description parameters mode string optional build infratags from live lookup data or from padns data parameters match string optional handling of self hosted infrastructure parameters as of string optional build infratags from padns data where the as of timestamp equivalent is between the first seen and the last seen timestamp automatically sets mode to padns parameters clusters number optional build clusters from infratags domains array optional list of domains to get infratags for input example {"parameters" {"mode" "live","match" "self","as of" "date"},"json body" {"domains" \["silawatergim club","fooldinort top","elbigiddim xyz"]}} output parameter type description status code number http status code of the response reason string response reason phrase infratags array output field infratags infratags domain string output field infratags domain infratags mode string output field infratags mode infratags tag string output field infratags tag tag clusters array output field tag clusters tag clusters 25 array output field tag clusters 25 tag clusters 25 domains array output field tag clusters 25 domains tag clusters 25 match string output field tag clusters 25 match tag clusters 50 array output field tag clusters 50 tag clusters 50 file name string name of the resource tag clusters 50 file string output field tag clusters 50 file tag clusters 75 array output field tag clusters 75 tag clusters 75 domains array output field tag clusters 75 domains tag clusters 75 match string output field tag clusters 75 match tag clusters 100 array output field tag clusters 100 tag clusters 100 file name string name of the resource tag clusters 100 file string output field tag clusters 100 file output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"infratags" \[{},{},{}],"tag clusters" \[{"25" \[{"domains" \["elbigiddim xyz","silawatergim club","fooldinort top"],"match" " cloudflare com "}]},{"50" \[]},{"75" \[{"domains" \["elbigiddim xyz","fooldinort top"],"match" " cloudflare com\ leaseweb\ porkbunllc"}]}]}} bulk silent push risk score for a list of domains retrieve silent push risk scores for multiple domains specified in the json body input endpoint url api/v1/merge api/explore/bulk/domain/riskscore method post input argument name type required description domains array optional list of domains to get risk scores for input example {"json body" {"domains" \["2021olympicupdates live","massgames space","micros0ft0nline one"]}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"domain" "micros0ft0nline one","sp risk score" 100},{"domain" "massgames space","sp risk score" 100},{"domain" "2021olympicupdates live","sp risk score" 100}]} bulk silent push risk score for list ipv4 address retrieve the silent push risk scores for a list of ipv4 addresses using a json body with 'ips' as a required field endpoint url api/v1/merge api/explore/bulk/ipv4/riskscore method post input argument name type required description ips array optional list of ipv4 addresses to get risk scores for input example {"json body" {"ips" \["87 246 7 245","77 247 110 204","45 153 160 139"]}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"ip" "87 246 7 245","sp risk score" 100},{"ip" "45 153 160 139","sp risk score" 100},{"ip" "77 247 110 204","sp risk score" 100}]} domain enrichment retrieve detailed enrichment information for a specified domain from silent push, using the 'domain' path parameter endpoint url api/v1/merge api/explore/enrich/domain/{{domain}} method get input argument name type required description parameters explain number optional show details of data used to calculate the different scores in the response parameters scan data number optional show details of data collected from host scanning path parameters domain string required domain name input example {"parameters" {"explain" 1,"scan data" 1},"path parameters" {"domain" "olex live"}} output parameter type description status code number http status code of the response reason string response reason phrase domain string frequency probability object output field domain string frequency probability domain string frequency probability avg probability number output field domain string frequency probability avg probability domain string frequency probability dga probability score number score value domain string frequency probability domain string output field domain string frequency probability domain domain string frequency probability domain string freq probabilities array output field domain string frequency probability domain string freq probabilities domain string frequency probability query string output field domain string frequency probability query domain urls object url endpoint for the request domain urls results summary object url endpoint for the request domain urls results summary alexa rank object url endpoint for the request domain urls results summary alexa top10k boolean url endpoint for the request domain urls results summary alexa top10k score number url endpoint for the request domain urls results summary dynamic domain score number url endpoint for the request domain urls results summary is dynamic domain boolean url endpoint for the request domain urls results summary is url shortener boolean url endpoint for the request domain urls results summary results number url endpoint for the request domain urls results summary url shortener score number url endpoint for the request domaininfo object output field domaininfo domaininfo age number output field domaininfo age domaininfo age score number score value domaininfo domain string output field domaininfo domain domaininfo first seen number output field domaininfo first seen domaininfo is new boolean output field domaininfo is new domaininfo is new score number score value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domain string frequency probability" {"avg probability" 9 674,"dga probability score" 0,"domain" "olex live","domain string freq probabilities" \[],"query" "olex live"},"domain urls" {"results summary" {}},"domaininfo" {"age" 69,"age score" 0,"domain" "olex live","first seen" 20220928,"is new"\ false,"is new score" 0,"last seen" 20221206,"query" "olex live","registrar" "","whois age" "","whois created date" "","zone" "live"},"ip domain information retrieve detailed information for a specified domain from silent push, including necessary path parameters endpoint url api/v1/merge api/explore/domain/domaininfo/{{domain}} method get input argument name type required description path parameters domain string required domain to get information about input example {"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase domaininfo object output field domaininfo domaininfo age number output field domaininfo age domaininfo age score number score value domaininfo domain string output field domaininfo domain domaininfo first seen number output field domaininfo first seen domaininfo is new boolean output field domaininfo is new domaininfo is new score number score value domaininfo last seen number output field domaininfo last seen domaininfo query string output field domaininfo query domaininfo whois age number output field domaininfo whois age domaininfo whois created date string date value domaininfo zone string output field domaininfo zone output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domaininfo" {"age" 536,"age score" 0,"domain" "silentpush com","first seen" 20200121,"is new"\ false,"is new score" 0,"last seen" 20210709,"query" "silentpush com","whois age" 536,"whois created date" "2020 01 20 08 14 27","zone" "com"}}} domain infratag retrieve the infratag for a given domain in silent push, with the domain specified as a required path parameter endpoint url api/v1/merge api/explore/domain/infratag/{{domain}} method get input argument name type required description parameters mode string optional build infratags from live lookup data or from padns data parameters match string optional handling of self hosted infrastructure parameters as of string optional build infratags from padns data where the as of timestamp equivalent is between the first seen and the last seen timestamp automatically sets mode to padns path parameters domain string required domain to get infratag for input example {"parameters" {"mode" "live","match" "self","as of" "date"},"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase infratag object output field infratag infratag domain string output field infratag domain infratag mode string output field infratag mode infratag tag string output field infratag tag output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"infratag" {"domain" "silentpush com","mode" "live","tag" "outlook com\ cloudflare com\ cloudflarenet\ enom"}}} domain search conducts a comprehensive search for domains based on criteria such as name servers, whois data, network, and domain patterns endpoint url api/v1/merge api/explore/domain/search method get input argument name type required description parameters domain string optional name or wildcard pattern of domain names to search for parameters domain regex string optional re2 regular expression overrides domain parameter pattern must be a valid re2 regular expression parameters nsname string optional name server name or wildcard pattern of name server used by domains use nsname=self to find domains hosting their own nameservers parameters mxname string optional mx server name or wildcard pattern of mx server used by domains use mxname=self to find domains hosting their own mailservers parameters first seen min string optional only domains that have a records seen for the first time after the given date parameters first seen max string optional only domains that have a records seen for the first time before the given date parameters first seen min mode string optional match mode for first seen min parameter strict (default) select a records that do not have any timestamps before first seen min any select a records that have at least one timestamp after first seen min parameters first seen max mode string optional match mode for first seen max parameter strict (default) select a records that do not have any timestamps after first seen max any select a records that have at least one timestamp before first seen max parameters last seen min string optional only domains that have a records last seen more recently than the given date parameters last seen max string optional only domains that have a records last seen earlier than the given date parameters last seen min mode string optional match mode for last seen min parameter strict select a records that do not have any timestamps before last seen min any (default) select a records that have at least one timestamp after first seen min parameters last seen max mode string optional match mode for last seen max parameter strict (default) select a records that do not have any timestamps after last seen max any select a records that have at least one timestamp before last seen max parameters asnum number optional as number to search, may be repeated multiple time for additional as numbers parameters asn number optional search for ip addresses in or not in the given as numbers default = in parameters asname string optional search all as numbers where the as name begins with parameters asname starts with string optional search all as numbers where the as name begins with parameters asname contains string optional search all as numbers where the as name contains parameters asn match string optional how to match as numbers any (default) match on any asnum given or derived from asname all asn diversity timeline must contain all asnums given as asnum parameter or derived from asname limit apply min and/or max limits as specified by optional asn match min and asn match max parameters parameters asn match max number optional maximum of the asnums given as asnum or derived from asname must appear in asn diversity timeline parameters asn match min number optional minimum of the asnums given as asnum or derived from asname must appear in asn diversity timeline parameters network string optional additional network and net mask give option as 1 1 1 1/24 network parameter may be given multiple times and the search will be performed as an 'or' condition parameters timeline number optional include details of ips, asns, first seen and last seen for each domain 0 (default) = do not include 1 = include timeline parameters first seen after string optional only domains that have been seen using the ns server in the "nsname=" parameter for the first time after the given date parameters first seen before string optional only domains that have been seen using the ns server in the "nsname=" parameter for the first time before the given date parameters registrar string optional name or partial name of registrar used to register domains no wildcards, the given string is used in partial match this is a slow search option and should only be used in combination with the domain match option input example {"parameters" {"domain" "example com","domain regex" " \\\\ com$","nsname" "ns1 example com","mxname" "mail example com","first seen min" "2024 01 01","first seen max" "2024 12 31","first seen min mode" "strict","first seen max mode" "strict","last seen min" "2024 01 01","last seen max" "2024 12 31","last seen min mode" "any","last seen max mode" "strict","asnum" 12345,"asn" 12345,"asname" "example as","asname starts with" "example","asname contains" "as","asn match" "any","asn match max" 10,"asn match min" 1,"network" "1 1 1 1/24","timeline" 1,"first seen after" "2024 01 01","first seen before" "2024 12 31","registrar" "example registrar","email" "admin\@example com","whois date after" "2024 01 01","nschange from ns" "old ns example com","nschange to ns" "new ns example com","nschange date after" "2024 01 01","nschange date before" "2024 12 31","cert date min" "2024 01 01","cert date max" "2024 12 31","cert issuer" "example ca","infratag" "mx\ mail example com","asn diversity" 5,"asn diversity min" 1,"asn diversity max" 10,"ip diversity all" 5,"ip diversity all min" 1,"ip diversity all max" 10,"ip diversity groups" 3,"ip diversity groups min" 1,"ip diversity groups max" 10,"limit" 100,"skip" 0,"prefer" "result","max wait" 25,"with metadata" 1}} output parameter type description status code number http status code of the response reason string response reason phrase records array output field records records asn diversity number output field records asn diversity records host string output field records host records ip diversity all number output field records ip diversity all records ip diversity groups number output field records ip diversity groups records timeline array output field records timeline records timeline asn number output field records timeline asn records timeline first seen string output field records timeline first seen records timeline ip string output field records timeline ip records timeline last seen string output field records timeline last seen output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"records" \[{},{},{}]}} domain typosquatting search identify potential typosquatted domain variations with options to exclude certain infrastructures using silent push endpoint url api/v1/merge api/explore/padns/search/typosquat method get input argument name type required description parameters autospoof string optional domain name for which to find spoofed variations automatically generates a regex used in search is overridden by the regex parameter, if given parameters regex string optional re2 regular expression pattern must be a valid re2 regular expression regex overrides any autospoof domain given parameters nsname string optional parameters for the domain typosquatting search action parameters match string optional finds domains not on (neq) or on (eq) name servers given as nsname parameters eq domains on name servers neq (default) domains not on name servers parameters net string optional find records where ip not in (default) or in subnet defined by netmask and additional network parameters in find records in subnet notin (default) find records not in subnet parameters network string optional additional network and net mask give option as 1 1 1 1/24 up to 5 additional networks may be given parameters asnum number optional as number to search, may be repeated multiple time for additional as numbers parameter may be used with qtype=a or qtype=ptr4 use to find records in the same as number parameters asn string optional find ptr4 or a records where ipv4 in or not in asn defined by asnum in find records in asn notin (default) find records not in asn parameters asname string optional search all as numbers where the as name begins with parameters asname starts with string optional search all as numbers where the as name begins with parameters asname contains string optional search all as numbers where the as name contains parameters reduce string optional aggregate timestamps for qname only (host) or for each qname=>qanswer observation (full) full (default) show timestamps for qname=>qanswer observations host show timestamps for distinct qname only parameters first seen after string optional first seen timestamp must be on or after this time default= 2592000 look back 30 days date yyyy mm dd (2021 07 09) fixed date epoch number (1625834953) fixed time in epoch format sec negative number ( 172800) relative time seconds ago time period negative number with time period ( 36h / 5d / 3w / 6m) relative time ago h hours, d days, w weeks, m months parameters first seen before string optional first seen timestamp must be on or before this time date yyyy mm dd (2021 07 09) fixed date epoch number (1625834953) fixed time in epoch format sec negative number ( 172800) relative time seconds ago time period negative number with time period ( 36h / 5d / 3w / 6m) relative time ago h hours, d days, w weeks, m months parameters last seen after string optional last seen timestamp must be on or after this time date yyyy mm dd (2021 07 09) fixed date epoch number (1625834953) fixed time in epoch format sec negative number ( 172800) relative time seconds ago time period negative number with time period ( 36h / 5d / 3w / 6m) relative time ago h hours, d days, w weeks, m months parameters last seen before string optional last seen timestamp must be on or before this time date yyyy mm dd (2021 07 09) fixed date epoch number (1625834953) fixed time in epoch format sec negative number ( 172800) relative time seconds ago time period negative number with time period ( 36h / 5d / 3w / 6m) relative time ago h hours, d days, w weeks, m months parameters as of string optional only return records where the as of timestamp equivalent is between the first seen and the last seen timestamp date yyyy mm dd (2021 07 09) fixed date epoch number (1625834953) fixed time in epoch format sec negative number ( 172800) relative time seconds ago time period negative number with time period ( 36h / 5d / 3w / 6m) relative time ago h hours, d days, w weeks, m months parameters sort string optional order results in specified order parameter may be repeated with different column names to produce a nested sorting effect sort last seen/last/time last synonyms for last seen column first seen/first/time first synonyms for first seen column query/rrname synonyms for query column answer/rdata synonyms for answer seen column order asc/+/up synonyms for ascending order desc/ /down synonyms for descending order parameters output format string optional padns (default) silent push padns output format cof common output format parameters limit number optional number of results to return default = 100 parameters skip number optional number of results to skip parameters prefer string optional result (default) return results if available before max wait timeout, otherwise return job id job id return job id immediately parameters max wait number optional number of seconds to wait for results before returning job id default = 25 value in the range from 0 to 25 parameters with metadata number optional include metadata object in response returned results, total results, job id 0 (default) = do not include 1 = include metadata input example {"parameters" {"autospoof" "example com","regex" " \\\\ com$","nsname" "ns1 example com","match" "neq","net" "notin","network" "1 1 1 1/24","asnum" 12345,"asn" "notin","asname" "example as","asname starts with" "example","asname contains" "as","reduce" "full","first seen after" " 2592000","first seen before" "2024 12 31","last seen after" " 2592000","last seen before" "2024 12 31","as of" "2024 01 01","sort" "last seen desc","output format" "padns","limit" 100,"skip" 0,"prefer" "result","max wait" 25,"with metadata" 0}} output parameter type description status code number http status code of the response reason string response reason phrase records array output field records records answer string output field records answer records asn number output field records asn records asname string name of the resource records count number count value records domain string output field records domain records first seen string output field records first seen records last seen string output field records last seen records query string output field records query records type string type of the resource output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"records" \[{},{}]}} ipv4 enrichment retrieve detailed enrichment information for a specified ipv4 address using silent push, requiring an 'ipv4' path parameter endpoint url api/v1/merge api/explore/enrich/ipv4/{{ipv4}} method get input argument name type required description parameters explain number optional show details of data used to calculate the different scores in the response parameters scan data number optional show details of data collected from ipv4 scanning path parameters ipv4 string required an ipv4 address input example {"parameters" {"explain" 1,"scan data" 1},"path parameters" {"ipv4" "96 43 250 251"}} output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn ip2asn asn number output field ip2asn asn ip2asn asn allocation age number output field ip2asn asn allocation age ip2asn asn allocation date number date value ip2asn asn rank number output field ip2asn asn rank ip2asn asn rank score number score value ip2asn asn reputation number output field ip2asn asn reputation ip2asn asn reputation explain object output field ip2asn asn reputation explain ip2asn asn reputation explain ips in asn number output field ip2asn asn reputation explain ips in asn ip2asn asn reputation explain ips num active number output field ip2asn asn reputation explain ips num active ip2asn asn reputation explain ips num listed number output field ip2asn asn reputation explain ips num listed ip2asn asn reputation score number score value ip2asn asn takedown reputation number output field ip2asn asn takedown reputation ip2asn asn takedown reputation explain object output field ip2asn asn takedown reputation explain ip2asn asn takedown reputation score number score value ip2asn asname string name of the resource ip2asn benign info object output field ip2asn benign info ip2asn benign info actor string output field ip2asn benign info actor ip2asn benign info known benign boolean output field ip2asn benign info known benign ip2asn benign info tags array output field ip2asn benign info tags ip2asn benign info tags file name string name of the resource ip2asn benign info tags file string output field ip2asn benign info tags file ip2asn date number date value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"ip2asn" \[{}]}} ipv6 enrichment retrieve detailed enrichment information for a specified ipv6 address from silent push, requiring an 'ipv6' path parameter endpoint url api/v1/merge api/explore/enrich/ipv6/{{ipv6}} method get input argument name type required description parameters explain number optional show details of data used to calculate the different scores in the response parameters scan data number optional show details of data collected from host scanning path parameters ipv6 string required ipv6 address to enrich input example {"parameters" {"explain" 1,"scan data" 1},"path parameters" {"ipv6" "2606 4700 4700 1111"}} output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn ip2asn asn number output field ip2asn asn ip2asn asn allocation age number output field ip2asn asn allocation age ip2asn asn allocation date number date value ip2asn asn rank number output field ip2asn asn rank ip2asn asn rank score number score value ip2asn asn reputation number output field ip2asn asn reputation ip2asn asn reputation explain object output field ip2asn asn reputation explain ip2asn asn reputation score number score value ip2asn asn takedown reputation number output field ip2asn asn takedown reputation ip2asn asn takedown reputation explain object output field ip2asn asn takedown reputation explain ip2asn asn takedown reputation score number score value ip2asn asname string name of the resource ip2asn date number date value ip2asn density number output field ip2asn density ip2asn ip string output field ip2asn ip ip2asn sp risk score number score value ip2asn sp risk score explain object output field ip2asn sp risk score explain ip2asn sp risk score explain sp risk score decider string unique identifier ip2asn subnet string output field ip2asn subnet output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"ip2asn" \[{}]}} name server changes retrieve the history of name server changes for a specified domain using silent push endpoint url api/v1/merge api/explore/domain/nschanges/{{domain}} method get input argument name type required description parameters summary number optional return results summary only path parameters domain string required domain to get name server changes for input example {"parameters" {"summary" 1},"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase nschanges object output field nschanges nschanges nschanges array output field nschanges nschanges nschanges nschanges circular change to boolean output field nschanges nschanges circular change to nschanges nschanges date number date value nschanges nschanges days ago number output field nschanges nschanges days ago nschanges nschanges domain string output field nschanges nschanges domain nschanges nschanges from expire boolean output field nschanges nschanges from expire nschanges nschanges from nameservers array name of the resource nschanges nschanges from ns in domain boolean output field nschanges nschanges from ns in domain nschanges nschanges from ns srv domain density object output field nschanges nschanges from ns srv domain density nschanges nschanges from ns srv domain density ns1 myhostns com number output field nschanges nschanges from ns srv domain density ns1 myhostns com nschanges nschanges from ns srv domain density ns2 myhostns com number output field nschanges nschanges from ns srv domain density ns2 myhostns com nschanges nschanges from ns srv domain density ns3 myhostns com number output field nschanges nschanges from ns srv domain density ns3 myhostns com nschanges nschanges from ns srv domain density low boolean output field nschanges nschanges from ns srv domain density low nschanges nschanges from parked boolean output field nschanges nschanges from parked nschanges nschanges from sinkhole boolean output field nschanges nschanges from sinkhole nschanges nschanges query string output field nschanges nschanges query nschanges nschanges to expire boolean output field nschanges nschanges to expire nschanges nschanges to nameservers array name of the resource nschanges nschanges to ns in domain boolean output field nschanges nschanges to ns in domain nschanges nschanges to ns srv domain density object output field nschanges nschanges to ns srv domain density nschanges nschanges to ns srv domain density henry ns cloudflare com number output field nschanges nschanges to ns srv domain density henry ns cloudflare com nschanges nschanges to ns srv domain density vida ns cloudflare com number unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"nschanges" {"nschanges" \[],"results summary" {}}}} name server changes summary retrieve a summary of name server changes for a specified domain using path parameters endpoint url api/v1/merge api/explore/domain/nschangessummary/{{domain}} method get input argument name type required description path parameters domain string required domain to get name server changes summary for input example {"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase nschanges object output field nschanges nschanges results summary object result of the operation nschanges results summary changes 0 7 days number result of the operation nschanges results summary changes 30 90 days number result of the operation nschanges results summary changes 7 30 days number result of the operation nschanges results summary changes last 30 days number result of the operation nschanges results summary changes last 7 days number result of the operation nschanges results summary changes last 90 days number result of the operation nschanges results summary domain string result of the operation nschanges results summary has change circular boolean result of the operation nschanges results summary has change expire from boolean result of the operation nschanges results summary has change expire to boolean result of the operation nschanges results summary has change ns in domain from boolean result of the operation nschanges results summary has change ns in domain to boolean result of the operation nschanges results summary has change ns srv domain density low from boolean result of the operation nschanges results summary has change ns srv domain density low to boolean result of the operation nschanges results summary has change parked from boolean result of the operation nschanges results summary has change parked to boolean result of the operation nschanges results summary has change sinkhole from boolean result of the operation nschanges results summary has change sinkhole to boolean result of the operation nschanges results summary last change number result of the operation nschanges results summary last change circular to boolean result of the operation nschanges results summary last change days ago number result of the operation output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"nschanges" {"results summary" {}}}} silent push risk score for domain retrieve the risk score for a specified domain from silent push, with the domain provided as a path parameter endpoint url api/v1/merge api/explore/domain/riskscore/{{domain}} method get input argument name type required description path parameters domain string required domain to get risk score for input example {"path parameters" {"domain" "regardlessnotice top"}} output parameter type description status code number http status code of the response reason string response reason phrase domain string output field domain sp risk score number score value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domain" "regardlessnotice top","sp risk score" 95}} silent push risk score for ipv4 retrieve the silent push risk score for a specified ipv4 address using path parameters endpoint url api/v1/merge api/explore/ipv4/riskscore/{{ipv4}} method get input argument name type required description path parameters ipv4 string required parameters for the silent push risk score for ipv4 action input example {"path parameters" {"ipv4" "1 1 1 1"}} output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn ip2asn ip string output field ip2asn ip ip2asn sp risk score number score value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"ip2asn" \[{}]}} whois information retrieve previously collected whois information for a specified domain using silent push endpoint url api/v1/merge api/explore/domain/whois/{{domain}} method get input argument name type required description path parameters domain string required domain to get whois information about input example {"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase whois array output field whois whois address string output field whois address whois city string output field whois city whois country string output field whois country whois created string output field whois created whois date number date value whois domain string output field whois domain whois emails array output field whois emails whois expires string output field whois expires whois name string name of the resource whois nameservers array name of the resource whois org string output field whois org whois query string output field whois query whois registrar string output field whois registrar whois state string output field whois state whois updated string output field whois updated whois whois server string output field whois whois server whois zipcode string output field whois zipcode output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"whois" \[{}]}} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt