Silent Push

the silent push connector provides actionable cybersecurity intelligence by offering domain and ip address analysis, infratag retrieval, and risk scoring silent push is a cutting edge platform specializing in domain and ip address analysis, providing detailed enrichment information and risk assessments the silent push turbine connector allows users to retrieve comprehensive domain details, infratags, and risk scores, as well as enrich ipv4 and ipv6 addresses with ease by integrating with swimlane turbine, security teams can automate the ingestion and analysis of domain and ip data, enhancing threat intelligence and accelerating incident response within their security operations limitations none to date supported versions this silent push connector uses the v1 version api additional docs https //docs silentpush com/index html# configuration prerequisites to effectively utilize the silent push connector within swimlane turbine, ensure you have the following prerequisites api key authentication url the endpoint url for the silent push api api key a valid api key to authenticate requests to the silent push service authentication methods to utilize the silent push connector within the swimlane turbine platform, ensure you have the following prerequisites api key authentication url the endpoint url for the silent push api api key your unique identifier to authenticate with the silent push api capabilities this silent push connector provides the following capabilities bulk domain information bulk domain infratags bulk silent push risk score for a list of domains domain enrichment domain information domain infratag ipv4 enrichment ipv6 enrichment silent push risk score for domain bulk domain information get domain information for multiple domains https //docs silentpush com/domain html#bulk domain information bulk domain infratags get infratags for multiple domains with optional clustering https //docs silentpush com/domain html#bulk domain infratags get silent push risk score for multiple domains https //docs silentpush com/domain html#bulk silent push risk score for a list of domains domain enrichment get domain enrichment information https //docs silentpush com/enrich html#domain enrichment domain information get domain information https //docs silentpush com/domain html#domain information domain infratag get infratag for domain https //docs silentpush com/domain html#domain infratag ipv4 enrichment get ipv4 enrichment information https //docs silentpush com/enrich html#ipv4 enrichment ipv6 enrichment get ipv6 enrichment information https //docs silentpush com/enrich html#ipv6 enrichment get silent push risk score for domain https //docs silentpush com/domain html#silent push risk score for domain configurations silent push api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required x api key api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions bulk domain information retrieve detailed information for multiple domains simultaneously using the silent push connector endpoint url api/v1/merge api/explore/bulk/domaininfo method post input argument name type required description domains array optional list of domains to get information about input example {"json body" {"domains" \["silentpush com","google com"]}} output parameter type description status code number http status code of the response reason string response reason phrase domaininfo array output field domaininfo domaininfo age number output field domaininfo age domaininfo age score number score value domaininfo domain string output field domaininfo domain domaininfo first seen number output field domaininfo first seen domaininfo is new boolean output field domaininfo is new domaininfo is new score number score value domaininfo last seen number output field domaininfo last seen domaininfo query string output field domaininfo query domaininfo whois age string output field domaininfo whois age domaininfo whois created date string date value domaininfo zone string output field domaininfo zone domaininfo info string output field domaininfo info output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domaininfo" \[{},{}]}} bulk domain infratags retrieve infratags for a list of domains, with the option to include clustering information endpoint url api/v1/merge api/explore/domain/infratags method post input argument name type required description parameters mode string optional build infratags from live lookup data or from padns data parameters match string optional handling of self hosted infrastructure parameters as of string optional build infratags from padns data where the as of timestamp equivalent is between the first seen and the last seen timestamp automatically sets mode to padns parameters clusters number optional build clusters from infratags domains array optional list of domains to get infratags for input example {"parameters" {"mode" "live","match" "self","as of" "date"},"json body" {"domains" \["silawatergim club","fooldinort top","elbigiddim xyz"]}} output parameter type description status code number http status code of the response reason string response reason phrase infratags array output field infratags infratags domain string output field infratags domain infratags mode string output field infratags mode infratags tag string output field infratags tag tag clusters array output field tag clusters tag clusters 25 array output field tag clusters 25 tag clusters 25 domains array output field tag clusters 25 domains tag clusters 25 match string output field tag clusters 25 match tag clusters 50 array output field tag clusters 50 tag clusters 50 file name string name of the resource tag clusters 50 file string output field tag clusters 50 file tag clusters 75 array output field tag clusters 75 tag clusters 75 domains array output field tag clusters 75 domains tag clusters 75 match string output field tag clusters 75 match tag clusters 100 array output field tag clusters 100 tag clusters 100 file name string name of the resource tag clusters 100 file string output field tag clusters 100 file output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"infratags" \[{},{},{}],"tag clusters" \[{"25" \[{"domains" \["elbigiddim xyz","silawatergim club","fooldinort top"],"match" " cloudflare com "}]},{"50" \[]},{"75" \[{"domains" \["elbigiddim xyz","fooldinort top"],"match" " cloudflare com\ leaseweb\ porkbunllc"}]}]}} bulk silent push risk score for a list of domains retrieve silent push risk scores for a list of domains provided in the input json body endpoint url api/v1/merge api/explore/bulk/domain/riskscore method post input argument name type required description domains array optional list of domains to get risk scores for input example {"json body" {"domains" \["2021olympicupdates live","massgames space","micros0ft0nline one"]}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {},"reason" "ok","json body" \[{"domain" "micros0ft0nline one","sp risk score" 100},{"domain" "massgames space","sp risk score" 100},{"domain" "2021olympicupdates live","sp risk score" 100}]} domain enrichment retrieve detailed enrichment information for a specified domain from silent push, requiring the 'domain' path parameter endpoint url api/v1/merge api/explore/enrich/domain/{{domain}} method get input argument name type required description parameters explain number optional show details of data used to calculate the different scores in the response parameters scan data number optional show details of data collected from host scanning path parameters domain string required domain name input example {"parameters" {"explain" 1,"scan data" 1},"path parameters" {"domain" "olex live"}} output parameter type description status code number http status code of the response reason string response reason phrase domain string frequency probability object output field domain string frequency probability domain string frequency probability avg probability number output field domain string frequency probability avg probability domain string frequency probability dga probability score number score value domain string frequency probability domain string output field domain string frequency probability domain domain string frequency probability domain string freq probabilities array output field domain string frequency probability domain string freq probabilities domain string frequency probability query string output field domain string frequency probability query domain urls object url endpoint for the request domain urls results summary object url endpoint for the request domain urls results summary alexa rank object url endpoint for the request domain urls results summary alexa top10k boolean url endpoint for the request domain urls results summary alexa top10k score number url endpoint for the request domain urls results summary dynamic domain score number url endpoint for the request domain urls results summary is dynamic domain boolean url endpoint for the request domain urls results summary is url shortener boolean url endpoint for the request domain urls results summary results number url endpoint for the request domain urls results summary url shortener score number url endpoint for the request domaininfo object output field domaininfo domaininfo age number output field domaininfo age domaininfo age score number score value domaininfo domain string output field domaininfo domain domaininfo first seen number output field domaininfo first seen domaininfo is new boolean output field domaininfo is new domaininfo is new score number score value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domain string frequency probability" {"avg probability" 9 674,"dga probability score" 0,"domain" "olex live","domain string freq probabilities" \[],"query" "olex live"},"domain urls" {"results summary" {}},"domaininfo" {"age" 69,"age score" 0,"domain" "olex live","first seen" 20220928,"is new"\ false,"is new score" 0,"last seen" 20221206,"query" "olex live","registrar" "","whois age" "","whois created date" "","zone" "live"},"ip domain information retrieve detailed information for a specified domain from silent push, including path parameters endpoint url api/v1/merge api/explore/domain/domaininfo/{{domain}} method get input argument name type required description path parameters domain string required domain to get information about input example {"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase domaininfo object output field domaininfo domaininfo age number output field domaininfo age domaininfo age score number score value domaininfo domain string output field domaininfo domain domaininfo first seen number output field domaininfo first seen domaininfo is new boolean output field domaininfo is new domaininfo is new score number score value domaininfo last seen number output field domaininfo last seen domaininfo query string output field domaininfo query domaininfo whois age number output field domaininfo whois age domaininfo whois created date string date value domaininfo zone string output field domaininfo zone output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domaininfo" {"age" 536,"age score" 0,"domain" "silentpush com","first seen" 20200121,"is new"\ false,"is new score" 0,"last seen" 20210709,"query" "silentpush com","whois age" 536,"whois created date" "2020 01 20 08 14 27","zone" "com"}}} domain infratag retrieve the infratag associated with a specified domain in silent push, requiring the domain as a path parameter endpoint url api/v1/merge api/explore/domain/infratag/{{domain}} method get input argument name type required description parameters mode string optional build infratags from live lookup data or from padns data parameters match string optional handling of self hosted infrastructure parameters as of string optional build infratags from padns data where the as of timestamp equivalent is between the first seen and the last seen timestamp automatically sets mode to padns path parameters domain string required domain to get infratag for input example {"parameters" {"mode" "live","match" "self","as of" "date"},"path parameters" {"domain" "silentpush com"}} output parameter type description status code number http status code of the response reason string response reason phrase infratag object output field infratag infratag domain string output field infratag domain infratag mode string output field infratag mode infratag tag string output field infratag tag output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"infratag" {"domain" "silentpush com","mode" "live","tag" "outlook com\ cloudflare com\ cloudflarenet\ enom"}}} ipv4 enrichment retrieve detailed enrichment information for a specified ipv4 address using silent push endpoint url api/v1/merge api/explore/enrich/ipv4/{{ipv4}} method get input argument name type required description parameters explain number optional show details of data used to calculate the different scores in the response parameters scan data number optional show details of data collected from ipv4 scanning path parameters ipv4 string required an ipv4 address input example {"parameters" {"explain" 1,"scan data" 1},"path parameters" {"ipv4" "96 43 250 251"}} output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn ip2asn asn number output field ip2asn asn ip2asn asn allocation age number output field ip2asn asn allocation age ip2asn asn allocation date number date value ip2asn asn rank number output field ip2asn asn rank ip2asn asn rank score number score value ip2asn asn reputation number output field ip2asn asn reputation ip2asn asn reputation explain object output field ip2asn asn reputation explain ip2asn asn reputation explain ips in asn number output field ip2asn asn reputation explain ips in asn ip2asn asn reputation explain ips num active number output field ip2asn asn reputation explain ips num active ip2asn asn reputation explain ips num listed number output field ip2asn asn reputation explain ips num listed ip2asn asn reputation score number score value ip2asn asn takedown reputation number output field ip2asn asn takedown reputation ip2asn asn takedown reputation explain object output field ip2asn asn takedown reputation explain ip2asn asn takedown reputation score number score value ip2asn asname string name of the resource ip2asn benign info object output field ip2asn benign info ip2asn benign info actor string output field ip2asn benign info actor ip2asn benign info known benign boolean output field ip2asn benign info known benign ip2asn benign info tags array output field ip2asn benign info tags ip2asn benign info tags file name string name of the resource ip2asn benign info tags file string output field ip2asn benign info tags file ip2asn date number date value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"ip2asn" \[{}]}} ipv6 enrichment retrieve detailed enrichment information for a specified ipv6 address using silent push endpoint url api/v1/merge api/explore/enrich/ipv6/{{ipv6}} method get input argument name type required description parameters explain number optional show details of data used to calculate the different scores in the response parameters scan data number optional show details of data collected from host scanning path parameters ipv6 string required ipv6 address to enrich input example {"parameters" {"explain" 1,"scan data" 1},"path parameters" {"ipv6" "2606 4700 4700 1111"}} output parameter type description status code number http status code of the response reason string response reason phrase ip2asn array output field ip2asn ip2asn asn number output field ip2asn asn ip2asn asn allocation age number output field ip2asn asn allocation age ip2asn asn allocation date number date value ip2asn asn rank number output field ip2asn asn rank ip2asn asn rank score number score value ip2asn asn reputation number output field ip2asn asn reputation ip2asn asn reputation explain object output field ip2asn asn reputation explain ip2asn asn reputation score number score value ip2asn asn takedown reputation number output field ip2asn asn takedown reputation ip2asn asn takedown reputation explain object output field ip2asn asn takedown reputation explain ip2asn asn takedown reputation score number score value ip2asn asname string name of the resource ip2asn date number date value ip2asn density number output field ip2asn density ip2asn ip string output field ip2asn ip ip2asn sp risk score number score value ip2asn sp risk score explain object output field ip2asn sp risk score explain ip2asn sp risk score explain sp risk score decider string unique identifier ip2asn subnet string output field ip2asn subnet output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"ip2asn" \[{}]}} silent push risk score for domain retrieve the risk score for a specified domain from silent push, requiring the domain as a path parameter endpoint url api/v1/merge api/explore/domain/riskscore/{{domain}} method get input argument name type required description path parameters domain string required domain to get risk score for input example {"path parameters" {"domain" "regardlessnotice top"}} output parameter type description status code number http status code of the response reason string response reason phrase domain string output field domain sp risk score number score value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"domain" "regardlessnotice top","sp risk score" 95}} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt