Get Risk Score for Domain - Cloud Security API

{"type":"api","title":"Get Risk Score for Domain","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/570121d2-76a9-3f3f-bf01-6671496640c5","info":{"title":"Cisco Secure Access Investigate API","description":"The Secure Access Investigate API provides a complete view of domains in relation to IP and autonomous system number (ASN) information.\nYou can get the following domain information:\n\n* Domain status, risk score, and geolocation\n* Number of domain searches\n* Co-occurring domains\n* Subdomains of a domain\n* Tagged timeline of a domain, IP, or URL\n* Security reputation of a domain\n* Top accessed domains\n* WHOIS information for the domain\n* Threat intelligence data for domains, IPs, and URLs\n* Threat intelligence samples by file hash","version":"2.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Domain Status and Categorization"},{"name":"Domain Volume"},{"name":"Co-occurrences for a Domain"},{"name":"Passive DNS"},{"name":"Tagging Timeline"},{"name":"Subdomains for a Domain"},{"name":"Related Domains for a Domain"},{"name":"Security Information for a Domain"},{"name":"AS Information for a Domain"},{"name":"WHOIS Information for a Domain"},{"name":"Popularity List-Top Million Domains"},{"name":"Search Domain"},{"name":"Cisco Secure Malware Analytics Integration"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/investigate/investigate-overview.md","uri":"secure-access-api-reference-investigate-api-overview"}},"openapi":"3.0.0","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"investigate/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"scopes":{"investigate.investigate:read":"Investigate read access","investigate.bulk:read":"Investigate bulk read access"},"tokenUrl":"https://api.sse.cisco.com/auth/v2/token"}}}}},"spec":{"summary":"Get Risk Score for Domain","operationId":"getDomainsRiskScore","tags":["Security Information for a Domain","Secure Access"],"description":"The Investigate Risk Score is based on an analysis of\nthe lexical characteristics of the domain name\nand patterns in queries and requests to the domain.\nThe risk score is scaled from 0 to 100 where 100 is the highest risk\nand 0 represents no risk at all. Periodically, Investigate updates this score based\non additional inputs.\nA domain blocked by Secure Access receives a score of 100.","parameters":[{"name":"domain","in":"path","required":true,"description":"A domain name.","schema":{"type":"string"},"example":"cisco.com","$$ref":"#/components/parameters/domainParam"}],"security":[{"oauthFlow":["investigate.investigate:read"]}],"responses":{"200":{"description":"OK","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"The indicators and risk score for the destination.","properties":{"indicators":{"type":"array","items":{"type":"object","description":"The properties that contribute to the risk score: `indicator`, `normalized_score`, and `score`.","properties":{"indicator":{"type":"string"},"normalized_score":{"type":"integer"},"score":{"type":"number","format":"float"}}},"description":"A list of `indicator`, `normalized_score`, and `score` tuples. Each element is a behavioral\nor lexical feature that contributes to the calculation of the risk score.\nThe values of `normalized_score` range between 0 and 100,\nwhile `score` is the raw outcome from the statistical algorithms."},"risk_score":{"type":"number","format":"float","description":"The risk score."}},"example":{"indicators":[{"indicator":"Geo Popularity Score","normalized_score":2,"score":-3.610878169999999},{"indicator":"Keyword Score","normalized_score":3,"score":0.03586190445512534},{"indicator":"Lexical","normalized_score":52,"score":0.525},{"indicator":"Popularity 1 Day","normalized_score":100,"score":113.14},{"indicator":"Popularity 30 Day","normalized_score":100,"score":112.01},{"indicator":"Popularity 7 Day","normalized_score":100,"score":112.86},{"indicator":"Popularity 90 Day","normalized_score":100,"score":111.4},{"indicator":"TLD Rank Score","normalized_score":1,"score":0.010000315765229171},{"indicator":"Block Status","normalized_score":0,"score":0}],"risk_score":4},"$$ref":"#/components/schemas/RiskScore"},"example":{"indicators":[{"indicator":"Geo Popularity Score","normalized_score":2,"score":-3.610878169999999},{"indicator":"Keyword Score","normalized_score":3,"score":0.03586190445512534},{"indicator":"Lexical","normalized_score":52,"score":0.525},{"indicator":"Popularity 1 Day","normalized_score":100,"score":113.14},{"indicator":"Popularity 30 Day","normalized_score":100,"score":112.01},{"indicator":"Popularity 7 Day","normalized_score":100,"score":112.86},{"indicator":"Popularity 90 Day","normalized_score":100,"score":111.4},{"indicator":"TLD Rank Score","normalized_score":1,"score":0.010000315765229171},{"indicator":"Block Status","normalized_score":0,"score":0}],"risk_score":4}}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/404Error"},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"getDomainsRiskScore","method":"get","path":"/domains/risk-score/{domain}"}}