General information
Sending requests
Requests addressed to Spectra Intelligence must use the https protocol. The server is data.reversinglabs.com.
All APIs require the HTTP Authorization header with basic authentication. If not provided, the service will respond with status 401.
Limits and quotas
The limiting system counts the HTTP response code events for queries to ReversingLabs APIs.
The limits are determined in customer contracts and are deducted only in these cases:
Single queries – Only when HTTP code 200 is returned.
Bulk queries - Applies only to services that support bulk queries. When HTTP code 200 is returned, the quota is deducted for each valid item sent within the bulk request. For example, a bulk request containing 100 hashes, 3 of which are invalid, will count as 97.
Next page queries - Services that support pagination will count every successful next page query as a separate request.
In case you reach the daily or monthly quota limit, the API will return HTTP code 429 and send an automated alert message to the previously provided contact email address.
Daily quotas reset at 00:00 UTC, and monthly quotas reset on the first day of the month at 00:00 UTC.
Customers can check their usage via the Customer Usage API or get in touch with the Support Team to verify current API entitlements and quota limits.
Use the ReversingLabs Python SDK for easier programmatic interaction with the API.
XML body
The documentation provides request and response body examples in JSON, but all APIs also support XML request bodies.
For arrays in XML , individual elements (such as objects or strings) will be wrapped inside <item> tags in the response (and conversely, need to be wrapped inside <item> in a request body). For example, the following JSON:
{
"rl": {
"entries": [
{
"foo": "bar",
"life_meaning": 42
}
]
}
}
...should look like this in XML:
<?xml version="1.0" encoding="UTF-8"?>
<rl>
<entries>
<item>
<foo>bar</foo>
<life_meaning>42</life_meaning>
</item>
</entries>
</rl>
Response status codes
This table lists possible HTTP response codes, with descriptions. Individual APIs may have additional specific messages or codes. In those cases, see their documentation.
| Code | Description |
|---|---|
| 200 | The request has succeeded. |
| 400 | The request could not be understood by the server due to malformed syntax. A possible reason might be that the request contains Unicode characters that cannot be processed. |
| 401 | The request requires user authentication. The request MUST include a WWW-Authenticate header field containing a challenge applicable to the requested resource. |
| 403 | The server understood the request, but is refusing to fulfill it. |
| 404 | The server has not found anything matching the Request-URI. |
| 405 | The method is known by the server but is not supported by the target resource. |
| 409 | The request could not be completed due to a conflict with the current state of the resource. |
| 413 | The request contained more than the maximum allowed amount of hashes (100). |
| 429 | The daily/monthly quota has been reached, or the API rate limit exceeded (in this case, the service will return an additional "Rate limit exceeded" error message). |
| 500 | The server encountered an unexpected condition which prevented it from fulfilling the request. |
| 502 | The server received an invalid response from another server. |
| 503 | The server is currently unable to handle the request due to a temporary overloading or maintenance of the server. |