This method allows you to interogate the Fingerbank database with a device information and get the details about it.

Supported Formats

Request : application/json, Response : application/json

Errors

401 This request is unauthorized. Either your key is invalid or wasn't specified.
403 This request is forbidden. Your account may have been blocked.
404 No device was found the the specified combination. It will be added to the unknown combinations list if you are part of the approved API submitters.

Examples

Example body:
{"dhcp_fingerprint":"1,15,3,6,44,46,47,31,33,121,249,43"}
Example response:
{
    "created_at": "2014-10-13T03:14:45.000Z", 
    "device": {
        "created_at": "2014-09-09T15:09:51.000Z", 
        "id": 33, 
        "inherit": null, 
        "mobile?": false, 
        "name": "Microsoft Windows Vista/7 or Server 2008 (Version 6.0)", 
        "parent_id": 1, 
        "parents": [
            {
                "approved": true, 
                "created_at": "2014-09-09T15:09:50.000Z", 
                "id": 1, 
                "inherit": null, 
                "mobile": null, 
                "name": "Windows", 
                "parent_id": null, 
                "submitter_id": null, 
                "tablet": null, 
                "updated_at": "2014-09-09T15:09:50.000Z"
            }
        ], 
        "updated_at": "2014-09-09T15:09:52.000Z"
    }, 
    "id": 5733, 
    "score": 50, 
    "updated_at": "2014-11-13T17:39:36.000Z", 
    "version": null
} 
Example using curl using DHCPv4 fingerprint:
curl -X GET -d "{\"dhcp_fingerprint\":\"1,15,3,6,44,46,47,31,33,121,249,43\"}" --header "Content-type: application/json" https://fingerbank.inverse.ca/api/v1/combinations/interogate?key=
Example using curl without a body payload:
curl 'https://fingerbank.inverse.ca/api/v1/combinations/interogate?dhcp_fingerprint=1,15,3,6,44,46,47,31,33,121,249,43&key='
Example using curl using DHCPv4 fingerprint, User-Agent and MAC address:
curl -X GET -d "{\"dhcp_fingerprint\":\"1,121,3,6,15,119,252\", \"user_agent\":\"Mozilla/5.0 (iPad; CPU OS 9_3_5 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13G36 Safari/601.1\", \"mac\": \"e0b9ba88158a\"}" --header "Content-type: application/json" https://fingerbank.inverse.ca/api/v1/combinations/interogate?key=
Example using curl with behavioral analysis:
curl  -X GET -d "{\"dhcp_fingerprint\":\"1,15,3,6,44,46,47,31,33,121,249,43\", \"destination_hosts\":[\"updates.microsoft.com\"], \"mdns_services\":[\"_printer._tcp.local\"]}" --header "Content-type: application/json" 'https://fingerbank.inverse.ca/api/v1/combinations/interogate?behavioral_analysis=true&key='

Params

Param name Description
key
required

Your API key


Value:

Must be String


Metadata:
Type: URL
debug
optional

Whether or not to add additionnal debug information in the response. 'on' activates it


Value:

Must be String


Metadata:
Type: URL
user_agent
optional

The User Agent of the device


Value:

Must be String


Metadata:
Type: payload
dhcp_fingerprint
optional

The DHCP fingerprint of the device


Value:

Must be String


Metadata:
Type: payload
dhcp6_fingerprint
optional

The DHCPv6 fingerprint of the device


Value:

Must be String


Metadata:
Type: payload
dhcp_vendor
optional

The DHCP vendor of the device


Value:

Must be String


Metadata:
Type: payload
dhcp6_enterprise
optional

The DHCPv6 enterprise of the device


Value:

Must be String


Metadata:
Type: payload
mac
optional

The MAC address of the device


Value:

Must be String


Metadata:
Type: payload
behavioral_analysis
optional

Whether or not to perform behavioral analysis during this query.


Value:

Must be String


Metadata:
Type: URL
destination_hosts
optional

The destination hosts (domains) this combination has send data to


Value:

Must be an array of String


Metadata:
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
mdns_services
optional

The MDNS services that this combination has advertised


Value:

Must be an array of String


Metadata:
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
upnp_user_agents
optional

The UPnP User Agents (USER-AGENT header) that this combination has advertised


Value:

Must be an array of String


Metadata:
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
upnp_server_strings
optional

The UPnP Server strings (SERVER header) that this combination has advertised


Value:

Must be an array of String


Metadata:
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
tcp_syn_signatures
optional

The TCP SYN signatures detected for this combination. The signatures must follow the p0f standard.


Value:

Must be an array of String


Metadata:
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
Example: 4:128+0:0:1460:8192,2:mss,nop,ws,nop,nop,sok:df,id+:0
tcp_syn_ack_signatures
optional

The TCP SYN-ACK signatures detected for this combination. The signatures must follow the p0f standard.


Value:

Must be an array of String


Metadata:
Type: payload
Behavioral data: This is behavioral data and will not be persisted to the database.
  Make sure you include the behavioral_analysis parameter in your query.
Example: 4:128+0:0:1460:8192,2:mss,nop,ws,nop,nop,sok:df,id+:0