Skip to content

Instantly share code, notes, and snippets.

@JPBM135

JPBM135/tranparency_report.md

Last active August 11, 2024 03:09
Show Gist options
  • Save JPBM135/5841cdd3cca8f2b86c2fd22f3521aad4 to your computer and use it in GitHub Desktop.
Save JPBM135/5841cdd3cca8f2b86c2fd22f3521aad4 to your computer and use it in GitHub Desktop.
Download ZIP
Transparency Report undocumented API
Raw
tranparency_report.md

https://transparencyreport.google.com/transparencyreport/api/v3/safebrowsing/status?site=domainhere:

When we get the results from the endpoint above, the actual results we want will be on the 3rd line. The first line will contain )]}', and the second line will be blank. Ignore both of those lines and get the results from the 3rd line.

https://transparencyreport.google.com/transparencyreport/api/v3/safebrowsing/status?site=https://jpbm.dev

)]}'

[["sb.ssr",1,false,false,false,false,false,1717826047069,"https://jpbm.dev"]]
Parser I use 
const jsonLine = rawResponse.split('\n').slice(-1)[0]; // '[["sb.ssr",1,false,false,false,false,false,1717826047069,"https://jpbm.dev"]]'
const data = JSON.parse(jsonLine)[0]; // ["sb.ssr",1,false,false,false,false,false,1717826047069,"https://jpbm.dev"]

The 3rd line contains a nested array that tells us about the domain. The 2nd entry in the array gives a general status of the results, and the rest of the entries give more details.

What the results mean:

[[0]] (sb.ssr): I believe is always sb.ssr

[[1]] (1): Shows general status of the results, the results should follow this enum:

enum SafetyStatus {
    NO_UNSAFE_CONTENT_FOUND = 1,
    SOME_PAGES_UNSAFE = 3,
    SITE_UNSAFE = 2,
    HOSTS_UNCOMMON_FILES = 5,
    CHECK_SPECIFIC_URL = 4,
    NO_AVAILABLE_DATA_0 = 0,
    NO_AVAILABLE_DATA_6 = 6,
}

const statusPhrases: { [key in SafetyStatus]: string } = {
    [SafetyStatus.NO_UNSAFE_CONTENT_FOUND]: "No unsafe content found",
    [SafetyStatus.SOME_PAGES_UNSAFE]: "Some pages on this site are unsafe",
    [SafetyStatus.SITE_UNSAFE]: "This site is unsafe",
    [SafetyStatus.HOSTS_UNCOMMON_FILES]: "This site hosts files that are not commonly downloaded",
    [SafetyStatus.CHECK_SPECIFIC_URL]: "Check a specific URL",
    [SafetyStatus.NO_AVAILABLE_DATA_0]: "No available data",
    [SafetyStatus.NO_AVAILABLE_DATA_6]: "No available data",
};

[[2]] (false): Will either be 0 for false or 1 for true.

  • 1 or true: Sends visitors to harmful websites

[[3]] (false): Will either be 0 for false or 1 for true.

  • 1 or true: Installs unwanted or malicious software on visitors’ computers

[[4]] (false): Will either be 0 for false or 1 for true.

  • 1 or true: Tries to trick visitors into sharing personal info or downloading software (this result is for phishing domains)

[[5]] (false): Will either be 0 for false or 1 for true.

  • 1 or true: Contains unwanted or malicious software

[[6]] (false): Will either be 0 for false or 1 for true.

  • 1 or true: Distributes uncommon downloads

[[7]] (1717826047069): Modified time (ms)

[[8]] (https://jpbm.dev): Domain that was scanned

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment