Skip to main content
GET
/
waap
/
v1
/
ip-info
/
top-domains
Get top attacked domains from a specific IP (account-scoped)
curl --request GET \
  --url https://api.gcore.com/waap/v1/ip-info/top-domains \
  --header 'Authorization: <api-key>'
[
  {
    "date": "2023-11-07T05:31:56Z",
    "domain": "<string>",
    "attack_types": [
      "<string>"
    ],
    "attacks": 1,
    "blocked": 1,
    "requests": 1,
    "sessions": 1,
    "paths": 1,
    "user_agents": 1,
    "duration": 1
  }
]

Authorizations

Authorization
string
header
required

API key for authentication. Make sure to include the word apikey, followed by a single space and then your token. Example: apikey 1234$abcdef

Query Parameters

ip
required

The IP address to check

Response

Successful Response

Maximum array length: 10
date
string<date-time>
required

First-seen timestamp for the IP+domain within retention period.

domain
string
required

Domain name.

Minimum string length: 1
attack_types
string[]
required

Distinct rule names seen for this IP+domain, sorted alphabetically.

attacks
integer
required

Total detected attacks.

Required range: x >= 0
blocked
integer
required

Blocked attacks.

Required range: x >= 0
requests
integer
required

Total requests.

Required range: x >= 0
sessions
integer
required

Distinct sessions.

Required range: x >= 0
paths
integer
required

Distinct URL paths excluding query strings.

Required range: x >= 0
user_agents
integer
required

Distinct user agents.

Required range: x >= 0
duration
integer
required

last_seen - first_seen in seconds within retention.

Required range: x >= 0