Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API Examples

Reply

Filtering Lookalike Domains with API

New Member
Posts: 1
306     0

Hi,

I am looking to query a lookalike domains and filter on a specific custom domain.  However, when I use the API, I either get all results or a synatx error. How can I use the a filter with Lookalike domains.

 

For instance using curl, I want to get a list of all the lookalike domains for example.com.

 

If I use the below request (excluding the token), I get a very large set that includes all of my watched and custom lookalike domains successfully.

 

curl --location --request GET 'https://csp.infoblox.com/api/tdlad/v1/lookalike_domains'

 

 

But if I want to narrow the results down to example.com, 

curl --location --request GET 'https://csp.infoblox.com/api/tdlad/v1/lookalike_domains?_filter=target_domain==example.com'

 

I get the error 

{"error":[{"message":"Unexpected token example.com"}]}

 

I've tried with Postman and also with quotes and I always get some kind of error. I can use other parameters successfully such as _limit and _fields. It is just the _filter that causes an issue.

 

Does anyone have a valid filter I can use with Lookalike domains?

Re: Filtering Lookalike Domains with API

Techie
Posts: 7
307     0

Here' an exapmle URL for you:

https://csp.infoblox.com/api/tdlad/v1/lookalikes?_filter=target_domain=='evilclone.com'

 

the lookalike_domains call you used appears to be designed to provide the overall list, if you want details on something specific, you would want to use the lookalikes target instead.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You