0

I'm sending requests to the Google safe browsing API. I believe I'm following their documentation correctly. I've tried regenerating my key.

I'm sending the request below

POST https://safebrowsing.googleapis.com/v4/threatMatches:find?key=AIxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx HTTP/1.1
User-Agent: Fiddler
Host: safebrowsing.googleapis.com
Content-Length: 511

  {
    "client": {
      "clientId":      "yourcompanyname",
      "clientVersion": "1.5.2"
    },
    "threatInfo": {
      "threatTypes":      ["MALWARE", "SOCIAL_ENGINEERING"],
      "platformTypes":    ["WINDOWS"],
      "threatEntryTypes": ["URL"],
      "threatEntries": [
        {"url": "http://www.urltocheck1.org/"},
        {"url": "http://malware.testing.google.test"},
        {"url": "http://www.urltocheck2.org/"},
        {"url": "http://www.urltocheck3.com/"}
      ]
    }
  }

And getting back an empty response which is not what I'm expecting with the URLs supplied and following their example.

HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Date: Wed, 08 Sep 2021 15:05:59 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding
Content-Length: 3

{}

https://transparencyreport.google.com/safe-browsing/search?url=malware.testing.google.test

https://developers.google.com/safe-browsing/v4/lookup-api

Mr J
  • 2,655
  • 4
  • 37
  • 58

1 Answers1

0
  1. You need to pass API key
  2. You need to pass MALWARE url": "http://www.urltocheck1.org/" if it is not malware it will show empty. try the following url https://testsafebrowsing.appspot.com/s/malware.html with your code. please search and test with other maleware site
Rajib
  • 392
  • 4
  • 16