API Documentation

Updated: Mar. 14, 2024

Table of contents

Making requests

GET https://falconsentinel.com/api/v1?apiKey=YOUR_API_KEY&ioc=apple*.com

Input parameters

apiKeyRequired. Your personal API key.
ioc

Required. Search term: exact IoC value or wildcard search (*).

Examples:

  • Domain: apple-cl.us, apple*.com*, google*.com
  • URL: http://picture-file.com, *//*facebook*
  • IP: 95.255.128.27, 2602:fc05::29, 178.0.*
  • CIDR: 8.0.0.0/8, 178.0.0.0/16, 172.67.0.0/24

Domains, URLs, and IPs lookups support wildcards (*).

Output format

{
  "total": 100,
  "results": [
    {
      "firstSeen": "2023-04-05T00:00:00Z",
      "lastSeen": "2023-10-02T00:00:00Z",
      "threatType": "generic",
      "iocType": "domain",
      "value": "apple.varifidogioeat.com"
    },
    {
      "firstSeen": "2023-07-22T00:00:00Z",
      "lastSeen": "2023-10-02T00:00:00Z",
      "threatType": "phishing",
      "iocType": "domain",
      "value": "apple.appleidil.com"
    },
    {}
  ]
}

Output parameters

totalTotal number of results for the given IoC query.
firstSeenDate when the IoC was first seen by our scanners. 9 March 2023 is the earliest date available, as we started collecting data on that date.
lastSeenDate when the IoC was last seen by our scanners.
threatTypeThreat type: attack, botnet, C&C, malware, phishing, spam, suspicious, tor, generic. Read more about threat types here.
iocTypeIoC type: IPv4, IPv6, URL, domain, CIDR.
valueFound IoC value.

Error codes

400Invalid parameters.
401Access restricted. Enter the correct API key.
402Access restricted. Check the credits balance.
429Too many requests. Try your call again later.
500Internal server error. Try your call again or contact us.

Credits balance

GET https://falconsentinel.com/api/v1/credits?apiKey=YOUR_API_KEY

Input parameters

apiKeyRequired. Your personal API key.

Contact Us

Got a technical issue? Want to send feedback about data feeds? Need details about our plans? Let us know. Please note that our service is for registered companies only. Requests from private individuals or emails that don't match the company domain name are ignored.