Unwanted Traffic API Documentation

The Unwanted Traffic API provides access to data collected from honeypot sensors, capturing malicious network activities such as scans and attacks. This documentation covers all endpoints, filtering options, pagination, and error handling.

Base URL

https://defrancisco.us/unwanted-traffic/

Authentication

All requests require an API key, provided in the X-API-Key header.

curl -H "X-API-Key: YOUR_API_KEY" https://defrancisco.us/unwanted-traffic/test

Contact us if you need an API key for the purpose of conducting cybersecurity research.

Rate Limiting

The API enforces rate limits to ensure fair usage:

• Default: 100 requests per minute per IP address.
• Specific endpoints (e.g., /sessions, /attempts, /malware): 50 requests per minute per IP address.

Exceeding these limits results in a 429 Too Many Requests error.

Response Format

All responses are in JSON format with the following structure:

• status: Indicates success ("success") or failure ("error").
• data: Contains the requested data (array or object).
• message: Error description (if applicable).
• pagination: Pagination metadata (for paginated endpoints).

Set the Accept: application/json header in requests.

Getting Started

Test the API with the /test endpoint:

curl -H "X-API-Key: YOUR_API_KEY" -H "Accept: application/json" https://defrancisco.us/unwanted-traffic/test

Response:

{
  "status": "success",
  "message": "Unwanted Traffic API is running"
}

Navigation

• Endpoints: Detailed documentation of all API endpoints.
• Filters: Simple and complex filtering options for queries.
• Pagination: Pagination parameters for large datasets.
• Errors: Possible error codes and their meanings.