Get Samples for Domain, IP, or URL - Legacy Umbrella API

{"type":"api","title":"Get Samples for Domain, IP, or URL","meta":{"id":"/apps/pubhub/media/legacy-umbrella-api/1f4bc296b06b13bab942ef791a49deeed880a9de/f963d12c-70c5-3340-bb7c-d5cff60c643a","info":{"title":"Investigate API","description":"Umbrella Investigate API","version":"1.1.4","contact":{"name":"Cloud Security Developer Community"}},"security":[{"bearerAuth":[]}],"tags":[{"name":"Domain Status and Categorization"},{"name":"Domain Volume"},{"name":"Co-occurrences for a Domain"},{"name":"Passive DNS"},{"name":"Tagging Timeline"},{"name":"Subdomains for a Domain"},{"name":"Related Domains for a Domain"},{"name":"Security Information for a Domain"},{"name":"AS Information for a Domain"},{"name":"WHOIS Information for a Domain"},{"name":"Umbrella Popularity List-Top Million Domains"},{"name":"Search Domain"},{"name":"Cisco Secure Malware Analytics Integration"}],"x-parser-conf":{"overview":{"markdownPath":"investigate/investigate-explorer-overview.md"}},"openapi":"3.0.0","servers":[{"url":"https://investigate.api.umbrella.com"}],"securitySchemes":{"bearerAuth":{"type":"http","scheme":"bearer"}}},"spec":{"summary":"Get Samples for Domain, IP, or URL","operationId":"getSamplesDestination","tags":["Cisco Secure Malware Analytics Integration"],"description":"Specify a domain, IP, or URL. Use the destination to search for all samples\nassociated with the destination. The default number of items in a response is 10. You can extend the limit.\nYou must have a license for Cisco Secure Malware Analytics to receive the samples data.\n\nCisco Secure Malware Analytics retains checksum samples for one year.\nYou may find that Umbrella Investigate previously listed a sample related\nto a destination. If Cisco Secure Malware Analytics no longer contains a sample\nrelated to the destination, Investigate does not display the sample in the list\nof associated samples.\n\nAn error may occur when the requested destination is not in a valid format,\nif the requested host is not found in our database, or if there is no data available\nfor the destination that you have requested. CIDR subnets (for example: 10.10.10.0/24) and pattern search is not supported.\n","parameters":[{"name":"destination","in":"path","required":true,"description":"A domain, IP, or URL. For example, 'cisco.com', 195.22.28.196, or 'https://cisco.com'.","schema":{"type":"string"},"$$ref":"#/components/parameters/destinationParam"},{"name":"limit","in":"query","required":false,"description":"The number of items to return from the collection. The default is 10.\nIncrease the limit to request a larger set of data.","schema":{"type":"integer","default":10},"$$ref":"#/components/parameters/limitParam"},{"name":"offset","in":"query","required":false,"description":"A number that represents an index into the collection. By default, the offset is 0 (the first record).","schema":{"type":"integer"},"$$ref":"#/components/parameters/offsetParam"},{"name":"sortby","in":"query","required":false,"description":"Sorts the sample based on optional values, [\"first-seen\", \"last-seen\", \"score\"].\nThe default value is score.","schema":{"type":"string","enum":["firstSeen","lastSeen","score"]},"$$ref":"#/components/parameters/sortbyScoreParam"}],"responses":{"200":{"description":"Everything worked as expected.","content":{"application/json":{"schema":{"type":"array","items":{"properties":{"query":{"type":"string"},"totalresults":{"type":"integer","format":"int64"},"moreDataAvailable":{"type":"boolean"},"limit":{"type":"integer","format":"int64"},"offset":{"type":"integer","format":"int64"},"samples":{"type":"array","items":{"properties":{"sha256":{"type":"string"},"sha1":{"type":"string"},"md5":{"type":"string"},"magictype":{"type":"string"},"threatscore":{"type":"integer","format":"int64"},"size":{"type":"integer","format":"int64"},"firstSeen":{"type":"string"},"lastSeen":{"type":"string"},"visible":{"type":"boolean"},"avresults":{"type":"array","items":{"properties":{"signature":{"type":"string"},"product":{"type":"string"}},"$$ref":"#/components/schemas/Avresult"}}},"$$ref":"#/components/schemas/Sample"}}},"$$ref":"#/components/schemas/Grid"},"$$ref":"#/components/schemas/Grids"},"example":[{"query":"google.com","totalResults":10,"moreDataAvailable":true,"limit":10,"offset":0,"samples":[{"sha256":"e9d3470c37dada28d5a32fb53a243c5b20def35bb01abf8f5403182cc2b91fdd","sha1":"de182fdcc3c0d473b90a0df0ad14c2074d1e7c50","md5":"282f80e8a2cf9e0e0dd72093787d99c6","magicType":"PE32 executable (GUI) Intel 80386, for MS Windows","threatScore":100,"size":192512,"firstSeen":"1460108539000","lastSeen":"1460108539000","visible":true,"avresults":[{"signature":"Win.Trojan.Ramnit","product":"ClamAV"},{"signature":"Win.Trojan.Parite","product":"ClamAV"}]}]}]}}},"400":{"description":"Invalid request","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized request","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/404Error"},"500":{"description":"Server error","content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"getSamplesDestination","security":[{"bearerAuth":[]}],"method":"get","path":"/samples/{destination}"}}