GET /api/v1/combinations/interogate

This method allows you to interogate the Fingerbank database with a device information and get the details about it.

Supported Formats

Request : application/json, Response : application/json

Errors

Code Description
404 No device profiling result was found for the signatures that were provided.

Examples

Example body:
{"dhcp_fingerprint":"1,15,3,6,44,46,47,31,33,121,249,43"}

Example response:
{
    "created_at": "2014-10-13T03:14:45.000Z", 
    "device": {
        "created_at": "2014-09-09T15:09:51.000Z", 
        "id": 33, 
        "inherit": null, 
        "mobile?": false, 
        "name": "Microsoft Windows Vista/7 or Server 2008 (Version 6.0)", 
        "parent_id": 1, 
        "parents": [
            {
                "approved": true, 
                "created_at": "2014-09-09T15:09:50.000Z", 
                "id": 1, 
                "inherit": null, 
                "mobile": null, 
                "name": "Windows", 
                "parent_id": null, 
                "submitter_id": null, 
                "tablet": null, 
                "updated_at": "2014-09-09T15:09:50.000Z"
            }
        ], 
        "updated_at": "2014-09-09T15:09:52.000Z"
    }, 
    "id": 5733, 
    "score": 50, 
    "updated_at": "2014-11-13T17:39:36.000Z", 
    "version": null
} 

Example using curl using DHCPv4 fingerprint:
curl -X GET -d "{\"dhcp_fingerprint\":\"1,15,3,6,44,46,47,31,33,121,249,43\"}" --header "Content-type: application/json" https://fingerbank.inverse.ca/api/v1/combinations/interogate?key=

Example using curl without a body payload:
curl 'https://fingerbank.inverse.ca/api/v1/combinations/interogate?dhcp_fingerprint=1,15,3,6,44,46,47,31,33,121,249,43&key='

Example using curl using DHCPv4 fingerprint, User-Agent and MAC address:
curl -X GET -d "{\"dhcp_fingerprint\":\"1,121,3,6,15,119,252\", \"user_agent\":\"Mozilla/5.0 (iPad; CPU OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13G36 Safari/601.1\", \"mac\": \"e0b9ba88158a\"}" --header "Content-type: application/json" https://fingerbank.inverse.ca/api/v1/combinations/interogate?key=

Example using curl with behavioral analysis:
curl  -X GET -d "{\"dhcp_fingerprint\":\"1,15,3,6,44,46,47,31,33,121,249,43\", \"destination_hosts\":[\"updates.microsoft.com\"], \"mdns_services\":[\"_printer._tcp.local\"]}" --header "Content-type: application/json" 'https://fingerbank.inverse.ca/api/v1/combinations/interogate?behavioral_analysis=true&key='

Params

Param name Description
key
required

Your API key

Validations:

  • Must be a String


Metadata: 
Type: URL
debug
optional

Whether or not to add additionnal debug information in the response. ‘on’ activates it

Validations:

  • Must be a String


Metadata: 
Type: URL
user_agent
optional

The User Agent of the device

Validations:

  • Must be a String


Metadata: 
Type: payload
dhcp_fingerprint
optional

The DHCP fingerprint of the device

Validations:

  • Must be a String


Metadata: 
Type: payload
dhcp6_fingerprint
optional

The DHCPv6 fingerprint of the device

Validations:

  • Must be a String


Metadata: 
Type: payload
dhcp_vendor
optional

The DHCP vendor of the device

Validations:

  • Must be a String


Metadata: 
Type: payload
dhcp6_enterprise
optional

The DHCPv6 enterprise of the device

Validations:

  • Must be a String


Metadata: 
Type: payload
mac
optional

The MAC address of the device

Validations:

  • Must be a String


Metadata: 
Type: payload
behavioral_analysis
optional

Whether or not to perform behavioral analysis during this query.

Validations:

  • Must be a String


Metadata: 
Type: URL
destination_hosts
optional

The destination hosts (domains) this combination has send data to

Validations:

  • Must be an array of String


Metadata: 
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
mdns_services
optional

The MDNS services that this combination has advertised

Validations:

  • Must be an array of String


Metadata: 
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
upnp_user_agents
optional

The UPnP User Agents (USER-AGENT header) that this combination has advertised

Validations:

  • Must be an array of String


Metadata: 
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
upnp_server_strings
optional

The UPnP Server strings (SERVER header) that this combination has advertised

Validations:

  • Must be an array of String


Metadata: 
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
tcp_syn_signatures
optional

The TCP SYN signatures detected for this combination. The signatures must follow the p0f standard.

Validations:

  • Must be an array of String


Metadata: 
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
Example: 4:128+0:0:1460:8192,2:mss,nop,ws,nop,nop,sok:df,id+:0
tcp_syn_ack_signatures
optional

The TCP SYN-ACK signatures detected for this combination. The signatures must follow the p0f standard.

Validations:

  • Must be an array of String


Metadata: 
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
Example: 4:128+0:0:1460:8192,2:mss,nop,ws,nop,nop,sok:df,id+:0