AIONCLOUD Docs
1.1 Get a token

Method & URL

POST https://console.aioncloud.com/aioncloud-api/v1.0/account/token

Request informations

Name Type & Value
Header
R Content-Type string application/json
Body
R auth JSONObject
R email string ex) test@monitorapp.com
R password string ex) test1234!

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/aioncloud-api/v1.0/account/token \
        -H "Content-Type" : "application/json" \
        -d '{
                    "auth": {
                            "email": "test@monitorapp.com",
                            "password": "test1234!"
                                }
                        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 201
Body
token JSONObject
email string ex) test@monitorapp.com
expires string ex) 2019-07-15T17:25:55Z Coordinated Universal Time (UTC)
token string ex) 088849f7477f2d687c29df99b7d79f51d6...

Sample Response

# Successful token issue.
< HTTP/1.1 201 Created
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "token": {
        "expires": "2018-07-15T17:25:55Z",
        "email": "test@monitorapp.com",
        "token": "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"
    }
}
# Failed to issue token: Username does not exist.
< HTTP/1.1 401 Unauthorized
< Content-Type: application/json
< Content-Length: 46
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "false",
    "msg": "Email is not exists"
}
# Failed to issue token: Password mismatch.
< HTTP/1.1 401 Unauthorized
< Content-Type: application/json
< Content-Length: 47
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "false",
    "msg": "Authentication filed"
}

1.2 Delete token

Method & URL

DELETE https://console.aioncloud.com/aioncloud-api/v1.0/account/token

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string ex) 088849f7477f2d687c29df99b7d79f51d6...

Sample Request

# Sample Request
curl -v -X DELETE https://console.aioncloud.com/aioncloud-api/v1.0/account/token \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 204

Sample Response

# Successfully deleted Token.
< HTTP/1.1 204 No Content
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< 
# Token deletion failure: Token does not exist.
< HTTP/1.1 404 not Found
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< 

1.3 Token validation

Method & URL

HEAD https://console.aioncloud.com/aioncloud-api/v1.0/account/token

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string ex) 088849f7477f2d687c29df99b7d79f51d6...

Sample Request

# Sample Request
curl -v -X HEAD https://console.aioncloud.com/aioncloud-api/v1.0/account/token \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200

Sample Response

# Token valid check succeede.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<
# Token valid check failed: Token expiration.
< HTTP/1.1 403 Forbidden
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.4 Get Token details

Method & URL

GET https://console.aioncloud.com/aioncloud-api/v1.0/account/token

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string ex) 088849f7477f2d687c29df99b7d79f51d6...

Sample Request

# Sample Request
curl -v -X HEAD https://console.aioncloud.com/aioncloud-api/v1.0/account/token \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
token JSONObject
email string ex) test@monitorapp.com
expires string ex) 2019-07-15T17:25:55Z
token string ex) 088849f7477f2d687c29df99b7d79f51d6...

Sample Response

# Successful getting details of the token.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "token": {
        "expires": "2018-07-15T17:25:55Z",
        "email": "test@monitorapp.com",
        "token": "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"
    }
}
# Token valid check failed.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.1 Domain registration

Method & URL

POST https://console.aioncloud.com/waf-api/v1.0/domain

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string ex) 088849f7477f2d687c29df99b7d79f51d6...
Body
R domain_name string ex) test.aioncloud.com
R protocols string array http, https
R type string ip, cname
R address string ex) 1.2.3.4
R ports string array ex) 80, 443
R cert_type string ai_cert, my_cert, no_cert ai_cert : AIONCLOUD SSL certificate my_cert : My certificate no_cert : I don't need certificate
O certfile string ex) -----BEGIN CERTIFICATE-----\nMII ... use only this parameter when you select my_cert
O keyfile string ex) -----BEGIN RSA PRIVATE KEY-----\nMII ... use only this parameter when you select my_cert

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/aioncloud-api/v1.0/account/token \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "domain_name": "test.aioncloud.com",
            "protocols": [
                "http",
                "https"
            ],
            "type": "ip",
            "address": "1.2.3.4",
            "ports": [
                "80",
                "443"
            ],
            "cert_type": "my_cert",
            "certfile": "-----BEGIN CERTIFICATE-----\nMIIG2TCCBcGgAwIBAgIRAMXYRPb2QcixIR9cogInXJwwDQYJKo.....,
            "keyfile": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAndYo5jlsaohATHBkGaLHz5F3LsPof/Xas....."
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
cname string ex) "5cef4223dbcab6c2985edef9.aioncloud.net need to change your domain DNS setting using this cname.

Sample Response

# Successful getting details of the token.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "cname": "5cef4223dbcab6c2985edef9.aioncloud.net"
}
# Token valid check failed.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.2 Get domain information

Method & URL

GET https://console.aioncloud.com/waf-api/v1.0/domain?page=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string ex) 088849f7477f2d687c29df99b7d79f51d6...
Query
R page ex) 1

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/waf-api/v1.0/domain?page=1 \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
port string array ex) 80, 443
domain_name string ex) test.aioncloud.com
domain_id string ex) 1708 domain ID
dns_status string not changed, healthy check to complete DNS setting for AIONCLOUD service.
plan string free, 20GB, 50GB, 100GB ..
cname string ex) 5cef4223dbcab6c2985edef9.aioncloud.net
waf_ip string ex) 13.124.222.68
org_ip string ex) 1.2.3.4 Webserver IP
proto string array http, https protocol
webserver_id string array ex) 1706 For distinguish Webserver ID of AIONCLOUD
email string ex) test@aioncloud.com
regDate string ex) 2019-05-30T11:38:28Z Domain registration date
actDate string ex) 2019-05-30T11:38:28Z Domain DNS setting finish date
region string ex) ap-northeast-2
group string ex) 1 AIONCLOUD group number

Sample Response

# Successful getting details of the domain information.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< [
{
    "port": [
        "80",
        "443"
    ],
    "domain_name": "test.aioncloud.com",
    "domain_id": "1708",
    "dns_status": "not changed",
    "plan": "free",
    "cname": "5cef4223dbcab6c2985edef9.aioncloud.net",
    "waf_ip": "13.124.222.68",
    "org_ip": "1.2.3.4",
    "proto": [
        "http",
        "https"
    ],
    "webserver_id": [
        "1706",
        "1707"
    ],
    "email": "test@aioncloud.com",
    "regDate": "2019-05-30T11:38:28Z",
    "actDate": "",
    "inactDate": "",
    "region": "ap-northeast-2",
    "group": "1"
}
]
# Token valid check failed.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.3 Modify domain information

Method & URL

PUT https://console.aioncloud.com/waf-api/v1.0/domain

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R domain_name string ex) test.aioncloud.com
R cert_type string ai_cert, my_cert, no_cert ai_cert : AIONCLOUD SSL certificate my_cert : My certificate no_cert : I don't need certificate
O certfile string ex) -----BEGIN CERTIFICATE-----\nMII ... use only this parameter when you select my_cert
O keyfile string ex) -----BEGIN RSA PRIVATE KEY-----\nMII ... use only this parameter when you select my_cert
O address string ex) 1.2.3.4 Webserver IP
R edit_info JSONObject

Sample Request

# Sample Request
curl -v -X PUT https://console.aioncloud.com/waf-api/v1.0/domain \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "domain_name": "test.aioncloud.com",
            "cert_type": "no_cert",
            "certfile": "-----BEGIN CERTIFICATE-----\nMIIG2TCCBcGgAwIBAgIRAMXYRPb2QcixIR9cogInXJwwDQYJKo\ngZAxCzAJBgNVBAYTAk.....",
            "keyfile": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAndYo5jlsaohATHBkGaLHz5F3LsPof/XDMn4QDp\nCGQlY0rlze9YG0v....",
            "address": "1.2.3.4",
            "edit_info": [
                {
                    "flag": "insert",
                    "port": "8080",
                    "proto": "http"
                },
                {
                    "flag": "update",
                    "port": "8070",
                    "array_index": "0"
                }
            ]
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful modifying domain information.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": ""
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.4 Delete domain

Method & URL

DELETE https://console.aioncloud.com/waf-api/v1.0/domain

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R domain_name string ex) test.aioncloud.com

Sample Request

# Sample Request
curl -v -X DELETE https://console.aioncloud.com/waf-api/v1.0/domain \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{"domain_name": "test.aioncloud.com"}'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful deleting domain information.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": ""
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.5 Get domain traffic usage

Method & URL

GET https://console.aioncloud.com/waf-api/v1.0/domain/traffic?domain=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R domain ex) test.aioncloud.com

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/waf-api/v1.0/domain/traffic?domain=test.aioncloud.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
traffic int ex) 289.13 Megabytes
visits int ex) 59981
threats int ex) 440

Sample Response

# Successful getting details of traffic usage.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "traffic": 289.13,
    "visits": 59981,
    "threats": 440
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.6. Get dns information

Method & URL

GET https://console.aioncloud.com/waf-api/v1.0/domain/dns?dname=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R dname ex) aioncloud.com Root-domain

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/waf-api/v1.0/domain/dns?dname=aioncloud.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
name string ex) aioncloud.com
rrsets JSONObject array
ttl int ex) 3600
type string ex) CNAME, A
records JSONObject array
content string ex) 5dae89d6f9f00e8e2531b6e7.aioncloud.net. Record value

Sample Response

# Successful getting details of traffic usage.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "name": "aioncloud.com.",
    "rrsets": [
        {
            "name": "www.aioncloud.com.",
            "ttl": 3600,
            "type": "CNAME",
            "records": [
                {
                    "content": "5dafb6c70c4fb14b6826c0e6.aioncloud.net",
                    "disabled": false
                }
            ]
        },
        {
            "name": "docs.aioncloud.com.",
            "ttl": 3600,
            "type": "A",
            "records": [
                {
                    "content": "13.124.29.11",
                    "disabled": false
                }
            ]
        }
    ]
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.7. DNS record registration

Method & URL

POST https://console.aioncloud.com/waf-api/v1.0/domain/dns/record

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R dname string ex) aioncloud.com Root-domain
type string ex) CNAME, A
R name string ex) www Only sub-domain value
R data string ex) 1.2.3.4 Record value

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/waf-api/v1.0/domain/dns/record \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
                "dname":"aioncloud.net",
                "type":"CNAME",
                "name":"www",
                "data":"5dafb6c70c4fb14b6826c0e6.aioncloud.net"
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful getting details of traffic usage.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status":"success"
    ,"msg":""
}
# Request fail.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<{
    "status":"false",
    "msg":"data parameter is not valid"
}

1.8. Delete dns record

Method & URL

DELETE https://console.aioncloud.com/waf-api/v1.0/domain/dns/record

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R dname string ex) aioncloud.com Root-domain
R name string ex) www Only sub-domain value

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/waf-api/v1.0/domain/dns/record \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
                "dname":"aioncloud.net",
                "name":"www"
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful getting details of traffic usage.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status":"success"
    ,"msg":""
}
# Request fail.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<{
    "status":"false",
    "msg":"data parameter is not valid"
}

2.1 Get policy information

Method & URL

GET https://console.aioncloud.com/waf-api/v1.0/policy?domain=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R domain string ex) test.aioncloud.com

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/waf-api/v1.0/policy?domain=test.aioncloud.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
attack JSONObject Attack policy
allowed_http_method string ON, OFF HTTP Method Restrictions Detection
app_weak string ON, OFF Application Vulnerability Detection
command_injection string ON, OFF Command Injection Detection
csrf string ON, OFF CSRF Detection
default_page string ON, OFF Vulnerable Page Access Detection
dir_listing string ON, OFF Directory Listing
directory_traversal string ON, OFF Directory Access Detection
error_cloaking string ON, OFF Error Page Cloaking
header_weak string ON, OFF Header Vulnerability Detection
malicious_file string ON, OFF Malicious File Upload Detection
protocol_violation string ON, OFF Abnormal HTTP Request Detection
scanner string ON, OFF Scanner/Proxy/Spambot Detection
sql_injection string ON, OFF SQL Injection
system_file_access string ON, OFF System Access Detection
ws_weak string ON, OFF Web Server Vulnerability Detection
xss string ON, OFF XSS
user_define JSONObject User defined policy
ssl_cert JSONObject SSL Certificate
ssl_redirect JSONObject 80->443 Redirect

Sample Response

# Successful getting details of policy.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "attack": {
        "allowed_http_method": "ON",
        "app_weak": "ON",
        "command_injection": "ON",
        "csrf": "ON",
        "default_page": "ON",
        "dir_listing": "ON",
        "directory_traversal": "ON",
        "error_cloaking": "ON",
        "header_weak": "ON",
        "malicious_file": "ON",
        "protocol_violation": "ON",
        "scanner": "ON",
        "sql_injection": "ON",
        "system_file_access": "ON",
        "ws_weak": "ON",
        "xss": "ON"
    },
    "user_define": {
        "brute_force_detection": {
            "block": "",
            "count": "",
            "enable": "OFF",
            "period": "",
            "url": ""
        },
        "bypass": "0",
        "dos_detection": "OFF",
        "geoip": null,
        "ip_blacklist": [
            "35.166.228.65"
        ],
        "ip_whitelist": [],
        "url_whitelist": []
    },
    "ssl_cert": {
        "ssl_subject": "CN=*.aioncloud.com,OU=Domain Control Validated+OU=PositiveSSL Wildcard",
        "ssl_dnsname": "*.aioncloud.com, aioncloud.com",
        "ssl_issuer": "CN=COMODO RSA Domain Validation Secure Server CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB",
        "ssl_notbefore": "2017-09-29",
        "ssl_notafter": "2018-11-07",
        "ssl_webserver_id": "1473"
    },
    "ssl_redirect": {
        "http_redirect": "OFF"
    }
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

2.2 Modify policy

Method & URL

POST https://console.aioncloud.com/waf-api/v1.0/policy

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R dname JSONObject Domain name(Host)
O attack JSONObject Attack policy
O user_define JSONObject User defined policy
O ssl JSONObject SSL policy

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/waf-api/v1.0/policy \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "dname": {
                "dname": "test.pareduner.net"
            },
            "attack": {
                "sql_injection": "ON",
                "allowed_http_method": "OFF",
                "app_weak": "ON",
                "command_injection": "ON",
                "csrf": "OFF",
                "default_page": "OFF",
                "dir_listing": "OFF",
                "directory_traversal": "OFF",
                "error_cloaking": "OFF",
                "header_weak": "OFF",
                "malicious_file": "ON",
                "protocol_violation": "OFF",
                "scanner": "OFF",
                "system_file_access": "OFF",
                "ws_weak": "OFF",
                "xss": "ON"
            },
            "user_define": {
                "brute_force_detection": {
                    "enable": "ON",
                    "period": "10",
                    "count": "100",
                    "block": "60",
                    "url": "index.php"
                },
                "dos_detection": "ON",
                "geoip": ["AE", "AF", "AL"],
                "ip_blacklist": ["3.3.3.3"],
                "ip_whitelist": ["1.2.3.4", "4.3.2.1"],
                "url_whitelist": ["admin.php", "login.php"]
            },
            "ssl": {
                "redirect": "ON",
                "ssl_certificate": {
                    "cert": "-----BEGIN CERTIFICATE-----\nMIIFVDCCBDygAwIBAgIQLXT4HVvY7FqA5dbJdrtjajANBgkq.....",
                    "key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAndYo5jlsaohATHBkGaLHz5F3LsPof/....."
                }
            }
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful applied.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": ""
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

2.3 Set policy bypass

Method & URL

POST https://console.aioncloud.com/waf-api/v1.0/policy/bypass

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R dname string ex) test.aioncloud.com
R usable string 0, 1 0: disable, 1: enable

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/waf-api/v1.0/policy/bypass \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "dname": "test.aioncloud.com",
            "usable": "1"
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful applied.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": ""
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

2.4 Reset policy setting

Method & URL

POST https://console.aioncloud.com/waf-api/v1.0/policy/reset

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R email string ex) test@monitorapp.com

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/waf-api/v1.0/policy/reset \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{"dname": "test.aioncloud.com"}'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Successful applied.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": ""
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.1 Site registration

Method & URL

POST https://console.aioncloud.com/sitechecker-api/v1.0/sites

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R site_list JSONObject
R site string ex) https://test.aioncloud.com
R auto_diagnosis string 0, 1, 2, 3 "0" : Don’t want auto diagnosis
"1" : 1 Day
"2" : 1 Week
"3" : 1 Month
R email_alarm string 0, 1 "0" : Don’t want an alarm
"1" : Email alarm setting
O use_user_agent string true, false Use custom User-Agent
O mailing_list string array ["support@aioncloud.com"]
O authentication JSONObject
O auto_diagnosis_config JSONObject This is required if auto_diagnosis is enabled.
If you do not enter this, it is entered as the default values.
O diagnosis_level string quick, normal, deep Default : quick
O sitemap_config JSONObject
O depth string 1, 2, 3, 4, 5 Default : 1
O external_url bool true, false false : Not Use
true : Use
Default : false
O regex_set JSONObject
O path string

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/sitechecker-api/v1.0/sites \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "site_list": [
                {
                    "site": "http://a.test.com",
                    "auto_diagnosis": "0",
                    "email_alarm": "1",
                    "use_user_agent": true,
                    "user_agent": "TestUser/1.0",
                    "mailing_list": ["support@aioncloud.com", "test@aioncloud.com"]
                },
                {
                    "site": "https://b.test.com/en",
                    "auto_diagnosis": "3",
                    "email_alarm": "0",
                    "authentication":{
                        "type":"form",
                        "form":{
                            "id_key":"email",
                            "id_value":"test@test.com",
                            "passwd_key":"pw",
                            "passwd_value":"3c98d41e99dbd8f",
                            "url":" https://b.test.com/login.prc",
                            "method":"POST",
                            "type":"json"
                        }
                    },
                    "auto_diagnosis_config": {
                        "diagnosis_level": "quick",
                        "sitemap_config": {
                            "depth": "1",
                            "external_url": true,
                            "regex_set": {
                                "path": "index.html"
                            }
                        }
                    }
                },
                {
                    "site": "https://test.com/en",
                    "auto_diagnosis": "0",
                    "email_alarm": "0",
                    "authentication":{
                        "type":"basic",
                        "basic":{
                            "id_value":"testid",
                            "passwd_value":"e99dd41e9dd48f",
                        }
                    }
                }
             ]
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
regist JSONObject
success string array
failure JSONObject array

Sample Response

# Site registration successful.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {"regist":{"failure":[{"msg":"Already Exists URL Info","url":"https://b.test.com/en"}],
"success":["http://a.test.com","http://test.com"]}}

# Site registration failure.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.2 Modify sites

Method & URL

PUT https://console.aioncloud.com/sitechecker-api/v1.0/sites?target_site=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R target_site string ex) http://test.aioncloud.com
Body
R auto_diagnosis string 0, 1, 2, 3, 4 "0" : Don’t want auto diagnosis
"1" : 1 Day
"2" : 1 Week
"3" : 1 Month
R email_alarm string 0, 1 "0" : Don’t want an alarm
"1" : Email alarm setting
O mailing_list string array ["support@aioncloud.com"]
O use_user_agent boolean true, false true : Use custom User-Agent
false : Not using
O use_agent string
O authentication JSONObject
O type string "", "form", "basic", "digest" "" : Not use
"form" : use form auth
"basic" : Use basic auth
"digest" : Use digest auth
O basic JSONObject
O id_value string
O passwd_value string
O digest JSONObject
O id_value string
O passwd_value string
O uri string
O method string "GET", "POST", "PUT"
O form JSONObject
O id_key string
O id_value string
O passwd_key string
O passwd_value string
O url string
O method string
O type string "json", "form-data"
O auto_diagnosis_config JSONObject This is required if auto_diagnosis is enabled.
If you do not enter this, it is entered as the default values.
O diagnosis_level string quick, normal, deep Default : quick
O sitemap_config JSONObject
O depth string 1, 2, 3, 4, 5 Default : 1
O external_url bool true, false false : Not Use
true : Use
Default : false
O regex_set JSONObject
O path string

Sample Request

# Sample Request
curl -v -X PUT https://console.aioncloud.com/sitechecker-api/v1.0/sites?target_site=http://test.aioncloud.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "auto_diagnosis":"2",
            "email_alarm":"1",
            "use_user_agent": false,
            "mailing_list": ["support@aioncloud.com", "test@aioncloud.com"],
            "authentication":{
                "type":"digest",
                "digest" : {
                    "id_value" : "test@test.com",
                    "passwd_value": "e99dd41e9dd48f",
                    "uri" : "https://b.test.com/auth.prc",
                    "method": "POST"
                }
            },
            "auto_diagnosis_config": {
                "diagnosis_level": "normal",
                "sitemap_config": {
                    "depth": "1",
                    "external_url": true,
                    "regex_set": {
                        "path": "index.html"
                    }
                }
            }
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": ""
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.3 Delete sites

Method & URL

DELETE https://console.aioncloud.com/sitechecker-api/v1.0/sites

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R site_list JSONObject
R url string array

Sample Request

# Sample Request
curl -v -X DELETE https://console.aioncloud.com/sitechecker-api/v1.0/sites \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "site_list": {
             "url": [
                "http://a.test.com",
                "https://b.test.com/en"
             ]
            }
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "delete": {
        "failure": [],
        "success": [
            "http://a.test.com",
            "https://b.test.com/en"
        ]
    }
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

1.4 Sites lookup

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
site_info JSONObject array
reg_date string ex) 2018-07-15T17:25:55Z timeforemat: yyyy-MM-dd’T’HH:mm:ss
url string ex) http://a.test.com

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "site_info": [
        {
            "reg_date": "2018-07-15T17:25:55Z",
            "url": "http://a.test.com",
            "use_user_agent": true,
	        "user_agent": "TestUser/1.0",
	        "authentication": null
        },
        {
            "reg_date": "2018-07-15T17:37:35Z",
            "url": "https://b.test.com/en",
            "use_user_agent": false,
            "user_agent": "",
            "authentication":{
            "type":"form",
            "basic": {
                "id_value": "",
                "passwd_value": ""
            },
            "digest": {
                "id_value": "",
                "passwd_value": "",
                "uri": "",
                "method": ""
            },
            "form":{
                "id_key":"email",
                "id_value":"test@test.com",
                "passwd_key":"pw",
                "passwd_value":"3c98d41e99dbd8f",
                "url":" https://b.test.com/login.prc",
                "method":"POST",
                "type":"json"
            }
        }
        }
    ]
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

2.1 Sitemap Detail Lookup

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/sitemap/detail?target_site=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R target_site string ex) http://a.test.com

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/sitemap/detail?target_site=http://a.test.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
sitemap JSONObject
url string ex) http://a.test.com
msg string ex) nothing_found Response message
sitemap JSONObject sitemap detail

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "sitemap": {
        "url": "http://a.test.com",
        "msg": "",
        "sitemap": {
            "sitemap_make_date": {
                "start": "2019-11-15T17:00:56.902+09:00",
                "end": "2019-11-15T17:01:20.937+09:00"
            },
            "site_map_info":{
                "ExternalAddress":{"http://monitorapp.com/test":true,"https://aioncloud.com/test":true},
                "InternalAddress":[
                    {
                        "Text": "http://a.test.com/ko/",
                        "Information": {
                            "Protocol": "https",
                            "Host": "a.test.com",
                            "Path": "/ko/",
                            "Query": ""
                        },
                        "Checked": true
                    },
                    {
                        "Text": "http://a.test.com/wp-content/uploads/2019/02/icon2-2-1.png",
                        "Information": {
                            "Protocol": "https",
                            "Host": "a.test.com",
                            "Path": "/wp-content/uploads/2019/02/icon2-2-1.png",
                            "Query": ""
                        },
                        "Checked": false
                    },
                    {
                        "Text": "http://a.test.com/wp-content/themes/zerif-lite/js/bootstrap.min.js?ver=20120206",
                        "Information": {
                            "Protocol": "https",
                            "Host": "a.test.com",
                            "Path": "/wp-content/themes/zerif-lite/js/bootstrap.min.js",
                            "Query": "ver=20120206"
                        },
                        "Checked": true
                    }
                ]
            }
        }
    }
}

# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<{"sitemap":{"msg":"not found","sitemap":"","url":"http"}}

2.2 Whitelist URL Setting

Method & URL

POST https://console.aioncloud.com/sitechecker-api/v1.0/sites/sitemap/detail/information

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R target_site string ex) http://a.test.com
O white_list string array ex) http://a.test.com ex) ["http://a.test.com/test/login"]
O remove_whitelist string array ex) http://a.test.com ex) ["http://a.test.com/test/main"]
O external_white_list string array ex) http://a.external1.com ex) ["http://a.external1.com/test/login"]
O remove_external_whitelist string array ex) http://a.external1.com ex) ["http://a.external1.com/test/main"]

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/sitechecker-api/v1.0/sites/sitemap/detail/information \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "target_ site" : "http://a.test.com",
            "white_list": [
              "http://a.test.com/test/login",
              "http://a.test.com/en"
            ],
            "remove_whitelist": [
              "http://a.test.com/test/main",
              "http://a.test.com/jp"
            ],
            "external_white_list": [
              "http://a.external1.com/en/css.css",
              "http://b.external2.com/en/js.js"
            ],
            "remove_external_whitelist": [
              "http://a.external1.com/ko/main.html",
              "http://b.external2.com/ko/test.html"
            ]
          }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
whitelist_sitemap JSONObject
success String array
failure JSONObject array
url string
msg string ex) Response message

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "whitelist_sitemap": {
        "failure": [],
        "success": [
            "http://a.test.com",
            "https://b.test.com/en"
        ]
    }
}}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

2.3 Whitelist URL Lookup

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/sitemap/detail/whitelist?target_site=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R target_site string ex) http://a.test.com

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/sitemap/detail/whitelist?target_site=http://a.test.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
white_list JSONObject
InternalAddress String array
ExternalAddress String array

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "white_list": {
        "InternalAddress": [
            "http://a.test.com/kr/static/test.js",
            "http://a.test.com/kr/main",
            "http://a.test.com/ko/test"
        ],
        "ExternalAddress": [
            "https://www.aioncloud.com/wp-json",
            "https://www.monitorapp.com/kr/"
        ],
    }
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

3.1 Diagnosis request

Method & URL

POST https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Body
R site_list JSONObject
R url string array
O level string quick, normal, deep default : quick
O only_changed boolean true, false false : Diagnose all URLs.
true : Diagnose only newly added or changed URLs.
Default : false

Sample Request

# Sample Request
curl -v -X POST https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce" \
        -d '{
            "site_list": {
             "url": [
                "http://a.test.com"
             ],
             "level":"quick",
             "only_changed":true
            }
        }'

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
diagnosis_request JSONObject
success string array
failure JSONObject array
url string Failure url information
tid string Task unique code
msg string ex) Response message

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "diagnosis_request": {
        "failure": [],
        "success": [
            {
                "tid": "e81dc77f464b5493167d5524348c596dd3bacaec2dbf4c7bdbb393d0c8caca80",
                "url": "https://b.test.com"
            },
            {
                "tid": "fe9d7f05ae882d0e0947b0fce4fcca99fc4e5a7aca5e596506e7403782a312f5",
                "url": "http://a.test.com"
            }
        ]
    }
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

3.2 Check diagnosis task

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
progress_info JSONObject
step string Initializing, Progressing, Analyzing, Complete "Initializing" :Initializing diagnosis url.
"Progressing" :Gather information.
"Analyzing" : Information Analysis.
"Complete" : Diagnosis complete.
mal_url_cnt int
progressing_url_cnt int
total_url_cnt int
estimated_time_second int

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "progress_info": {
        "estimated_time_second": 260,
        "mal_url_cnt": 2,
        "progressing_url_cnt": 15,
        "step": "Progressing",
        "total_url_cnt": 20,
        "url": "https://a.test.com/kr"
    }
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

3.3 Diagnosis history

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis/history?target_site=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R target_site string ex) http://a.test.com

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis/history?target_site=http://a.test.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
history_list JSONObject array
Tid string Diagnosis unique id
Date string Coordinated Universal Time (UTC)
TotalURLCnt int
SuspiciousURLCnt int

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "history_list": [
      {
        "tid": "1e5d682d34b084e6f0838bf972e761eb7d20efba39cfbc901fb8bed5af94a0b8",
        "Date": "2018-08-14T17:33:28Z",
        "TotalURLCnt" :65,
        "SuspiciousURLCnt": 3,
      },
      {
        "tid": "4a5a5db9211bc5509854b2cea6ec9704868293bdc02ca98b845e714e3ef3663f",
        "Date": "2018-07-15T11:13:21Z",
        "TotalURLCnt" :82,
        "SuspiciousURLCnt": 0,
      }
    ]
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

3.4 Diagnosis visits information

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis/history/visits?tid=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R tid string ex) e81dc77f464b5493167d552...

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis/history/visits?tid=e81dc77f464b5493167d55228292d212d21 \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message
URLList JSONObject array
URL string
Status string Response code

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Content-Length: 146
< Date: Sun, 15 Jul 2018 07:05:55 GMT
< {
    "status": "success",
    "msg": {
        "URLList": [
            {
                "URL": "http://a.test.com/css/test.css",
                "Status": 405
            },
            {
                "URL": "http://a.test.com/main.html",
                "Status": 200
            }
       ]
    }
}
# Request fail.
< HTTP/1.1 400 Bad Request
< Content-Type: application/json
< Content-Length: 0
< Date: Sun, 15 Jul 2018 07:05:55 GMT
<

3.5 Diagnosis results

Method & URL

GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis/history/detail?tid=(query value)&type=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...
Query
R tid ex) e81dc77f464b5493167d552...
R page ex) 1 0 : all data (default)
R limit ex) 10 "default : 10
O type 0, 1, 2 "0" : all data (default)
"1" : only malicious data

Sample Request

# Sample Request
curl -v -X GET https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis/history/detail?tid=e81dc77f464b5493167d55228292d212d21&page=3&limit=10&type=0 \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
status string success, fail
msg string ex) Response message
mal_info JSONObject array Malicious information detail
traffic_info JSONObject Traffic information detail
total_count int Total URL count in this diagnosis
current_page int Current page
limit int Limit value used

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Fri, 21 Jun 2019 10:30:04 GMT
< {
    "status": "success",
    "msg": {
        "mal_info": [
            {
                "timestamp": "2019-06-21T19:29:21Z",
                "flow_id": 0,
                "pcap_cnt": 0,
                "event_type": "",
                "src_ip": "",
                "src_port": 0,
                "dest_ip": "",
                "dest_port": 0,
                "proto": "TCP",
                "tx_id": 0,
                "alert": {
                    "action": "",
                    "gid": 0,
                    "signature_id": 23141,
                    "rev": 0,
                    "signature": "eval(, fromCharCode, t.1u[0].L.Y.2f=, t.1u[0].L.2F[0].2c(), split",
                    "category": "EK RIG Kit obfuscate detect",
                    "severity": 0
                },
                "http": {
                    "hostname": "",
                    "url": "https://security.monitorapp.com:8435/rig_ek",
                    "http_user_agent": "",
                    "http_content_type": "text/html",
                    "http_method": "GET",
                    "protocol": "H2",
                    "status": 200,
                    "length": 3954
                },
                "vars": {
                    "flowbits": {
                        "OLE.CompoundFile": false
                    }
                },
                "flow": {
                    "pkts_toserver": 0,
                    "pkts_toclient": 0,
                    "bytes_toserver": 0,
                    "bytes_toclient": 0,
                    "start": ""
                },
                "app_proto": "https",
                "file_id": "",
                "ReputationResult": "None known"
            }
        ],
        "file_info": [],
        "traffic_info": {
            "flow": {
                "hosts": {
                    "name": "Client",
                    "children": [
                        {
                            "name": "security.monitorapp.com",
                            "children": null
                        }
                    ]
                },
                "size": 0
            },
            "info": {
                "analysis_start": "2019-06-21T19:29:21Z",
                "analysis_end": "2019-06-21T19:29:21Z"
            },
            "conversations": [
                {
                    "name": "security.monitorapp.com",
                    "ip": "182.162.109.226:8435",
                    "uris": [
                        {
                            "mud_tid": "1Mx4YWe4DK4KDwtea6iCuBexXOE",
                            "email": "test@aioncloud.com",
                            "server_ip_port": "182.162.109.226:8435",
                            "uri": "https://security.monitorapp.com:8435/rig_ek",
                            "request": "GET https://security.monitorapp.com:8435/rig_ek H2\n:path: /rig_ek\naccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\n:method: GET\n:authority: security.monitorapp.com:8435\n:scheme: https\naccept-encoding: gzip, deflate, br\nupgrade-insecure-requests: 1\nuser-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/73.0.3683.103 Safari/537.36\n",
                            "magic_name": "unknown",
                            "response_header": "H2 200 \naccess-control-allow-methods: POST, GET\naccess-control-allow-origin: *\ncontent-type: text/html; charset=utf-8\ncontent-length: 3954\ndate: Fri, 21 Jun 2019 10:29:21 GMT\nstatus: 200\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization\n",
                            "response_body": "\n<!DOCTYPE html>\n<html lang=\"en\">\n<head>\n   <title></title>\n   <meta charset=\"UTF-8\">\n   <meta http-equiv=\"X-UA-Compatible\" content=\"IE=EDGE\">\n   <meta name=\"apple-mobile-web-app-capable\" content=\"yes\">\n   <meta name=\"apple-mobile-web-app-status-bar-style\" content=\"black\">\n   <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n</head>\n<body>\n\n<textarea id=55>\n\n</textarea>\n\n<script>\neval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\\\b'+e(c)+'\\\\b','g'),k[c])}}return p}('c y=\"1c\"+\"1l\"+\"1b\"+\"14+/\"+\"=\";c 13=\\'\\';R 1r(){c 7=1y.1C;c a={q:\\'10\\',r:\\'\\',F:1I,P:0,W:\\'1K\\',1d:\\'\\',1i:\\'\\'};1G{c z=R(){5(7.j(/1m/)>-1)k\"1A\";5((7.j(/1B/)>-1)||(7.j(/1F/)>-1))k\"D\";5(7.j(/1D/)>-1)k\"E\";5((7.j(/1H/)>-1)||(7.j(/18/)>-1))k\"O\";5(7.j(/1g/)>-1)k\"19\";5(7.j(/1f/)>-1)k\"x\";5(7.j(/1N/)>-1)k\"12\";5(7.j(/11/)>-1)k\"1e\";V k\"10\"}();a.q=z;5(/24|20|1R|1Z|21|22|23\\\\1T|1S/i.1W(1y.1C.1V()))a.W=\\'1h\\';c e;5(z!=\\'10\\'){1U(z){l\"1A\":e=(7.b(\"1m\")[1]).b(\"/\")[1];n;l\"D\":5((7.j(/1F/)>-1)){e=(7.b(\"; 1Y:\")[1]).b(\")\")[0]}V{e=(7.b(\"1B \")[1]).b(\";\")[0]}n;l\"E\":e=7.b(\"1D/\")[1];n;l\"O\":e=7.b(\"1k/\")[1];n;l\"1M\":z=\"O\";e=7.b(\"18/\")[1];n;l\"19\":e=(7.b(\"1g/\")[1]).b(\" \")[0];n;l\"x\":e=(7.b(\"1f/\")[1]).b(\" \")[0];n;l\"12\":e=(7.b(\"1k/\")[1]).b(\" \")[0];n;l\"1e\":e=7.b(\"11/\")[1];n}a.1d=e;a.1i=e.b(\".\")[0]}}1L(1P){}c w=t,d=L;c 1O=G;c J=a;c u=p=s=17=0;5(J.W!=\\'1h\\'&&(a.q==\\'D\\'||a.q==\\'x\\'||a.q==\\'E\\')){5(\\'1Q\\'h t)u++;5(\\'x\\'h t)p++;5(\\'O\\'h t)17++;5(\\'1J\\'h d||\\'1X\\'h w)s++;5(\\'27\\'h w||\\'2G\\'h w||\\'2v\\'h w||\\'2w\\'h w)p++;c f=0;f|=\\'2u\\'h d.2t(\\'2q\\')?1:0;f|=\\'2r\\'h w?2:0;f|=w.2s?4:0;f|=w.2x?8:0;f|=w.1j&&1j.2E?16:0;f|=d.2C.2z?2A:0;f|=\\'2B\\'h w?U:0;5(f==0)u++;5(u>0){a.r=\\'D\\';a.P=u}5(p>1&&s==0){a.r=\\'x\\';a.P=p}5(s>0&&p==0){a.r=\\'E\\';a.P=s}5(J.q!=J.r)a.F=G;5(a.r!=\\'D\\')a.F=G}13+=a.q+\\'-\\'+a.r+\\'25\\'+u+\\'x\\'+p+\\'E\\'+s;k a}c y=\"1c\"+\"1l\"+\"1b\"+\"14+/\"+\"=\";R 1w(m){c o=\"\";c K,H,I=\"\";c Q,C,v,B=\"\";c i=0;c 1a=/[^A-1s-1E-9\\\\+\\\\/\\\\=]/g;5(1a.2d(m)){}m=m.2a(/[^A-1s-1E-9\\\\+\\\\/\\\\=]/g,\"\");28{Q=y.M(m.N(i++));C=y.M(m.N(i++));v=y.M(m.N(i++));B=y.M(m.N(i++));K=(Q<<2)|(C>>4);H=((C&15)<<4)|(v>>2);I=((v&3)<<6)|B;o=o+X.T(K);5(v!=U){o=o+X.T(H)}5(B!=U){o=o+X.T(I)}K=H=I=\"\";Q=C=v=B=\"\"}2k(i<m.2g);k 2h(o)}R 2i(){Z=1r();5(Z.F==G){L.2y(\\'<1x><1p><1q>1n 1o 1z</1q></1p><Y 2j=\"2n\"><S><1t>1n 1o 1z</1t></S><2m><S>2l</S></Y></1x>\\')}5(Z.F==G){}V{t.1u[0].L.Y.2f=\\'<1v 2e=\"26\" 29=\"2b\" 2o=\"\\'+1w(\\'2p\\')+\\'\"></1v>\\';t.1u[0].L.2F[0].2c()}}',62,167,'|||||if||ua|||browsrObj|split|var||version|||in||search|return|case|input|break|output|isChrome|browser|browser_real|isFirefox|window|isIE|enc3||chrome|keyStr|bName||enc4|enc2|ie|firefox|is_bot|true|chr2|chr3|uaBrowser|chr1|document|indexOf|charAt|opera|browser_quality|enc1|function|center|fromCharCode|64|else|platform|String|body|BrowserInfo|unknown|Maxthon|safari|MaxiMus|wxyz0123456789|||isOpera|OPR|yabrowser|base64test|ghijklmnopqrstuv|ABCDEFGHIJKLMNOP|versionFull|maxthon|Chrome|YaBrowser|mobile|versionShort|history|Version|QRSTUVWXYZabcdef|Edge|404|Not|head|title|getBrowser|Za|h1|frames|form|decode64|html|navigator|Found|edge|MSIE|userAgent|Firefox|z0|Trident|try|Opera|false|getBoxObjectFor|desktop|catch|operaWebkit|Safari|CorrectBrowser|err|ActiveXObject|ipod|palm|sce|switch|toLowerCase|test|mozInnerScreenX|rv|android|ipad|blackberry|mini|windows|iphone|_ie|_parent|WebKitCSSMatrix|do|method|replace|post|submit|exec|target|innerHTML|length|unescape|analytics|bgcolor|while|nginx|hr|white|action|L21hbHdhcmVz|iframe|WebSocket|Worker|createElement|sandbox|webkitStorageInfo|webkitURL|applicationCache|write|webkitRequestFullScreen|32|FileReader|documentElement||pushState|forms|WebKitPoint'.split('|'),0,{}))\n</script>\n<iframe onload=\"window.setTimeout('analytics()', 301)\" src=\"about:blank\"></iframe> \n</body>\n",
                            "response_code": 200,
                            "response_type": "text/html",
                            "host": "",
                            "referer": "",
                            "method": "GET",
                            "conn_time": "2019-06-21T19:29:21+09:00",
                            "response_length": 3954,
                            "infected": true,
                            "highLight": [
                                {
                                    "StartIdx": 404,
                                    "EndIdx": 409,
                                    "highLight_type": "http_client_body"
                                },
                                {
                                    "StartIdx": 496,
                                    "EndIdx": 508,
                                    "highLight_type": "http_client_body"
                                },
                                {
                                    "StartIdx": 2528,
                                    "EndIdx": 2543,
                                    "highLight_type": "http_client_body"
                                },
                                {
                                    "StartIdx": 2595,
                                    "EndIdx": 2615,
                                    "highLight_type": "http_client_body"
                                },
                                {
                                    "StartIdx": 2651,
                                    "EndIdx": 2656,
                                    "highLight_type": "http_client_body"
                                }
                            ],
                            "url_category": "-"
                        }
                    ],
                    "total_count": 3
                }
            ]
        },
        "total_count": 3,
        "current_page": 1,
        "limit": 10
    }
}

3.6 Diagnosis abort

Method & URL

Delete https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis?target_site=(query value)

Request informations

Name Type & Value
Header
R Content-Type string application/json
R X-Auth-Token string 088849f7477f2d687c29df99b7d79f51d6...

Sample Request

# Sample Request
curl -v -X DELETE https://console.aioncloud.com/sitechecker-api/v1.0/sites/diagnosis?target_site=http://test.aioncloud.com \
        -H "Content-Type" : "application/json" \
        -H "X-Auth-Token" : "088849f7477f2d687c29df99b7d79f51d64b795f493b063b87f4516b61d4d9ce"

Response informations

Name Type & Value
Header
Content-Type string application/json
status int ex) 200
Body
abort_diagnosis JSONObject
status string ex) complete
url string ex) http://test.aioncloud.com

Sample Response

# Request success.
< HTTP/1.1 200 OK
< Content-Type: application/json
< Transfer-Encoding: chunked
< Date: Fri, 21 Jun 2019 10:30:04 GMT
< {
    "diagnosis_sitemap": {
        "status": "complete",
        "url": "http://test.aioncloud.com"
    }
}
# Request fail.
    < HTTP/1.1 400 Bad Request
    < Content-Type: application/json
    < Content-Length: 0
    < Date: Sun, 15 Jul 2018 07:05:55 GMT
    <{
        "status": "false",
        "msg": "Delete https:///crawler-api/v2.0/sitemap: http: no Host in request URL"
    }