Responses

Subject (CLI)

Give us the tested element.

Tested (API)

Give us the tested element.

Status

Give us the test result/status of the tested element.

ACTIVE

This status is returned when one of the following cases is met:

INACTIVE

This status is returned when all the following cases are met:

INVALID

This status is returned when all the following cases are met:

VALID

This status is returned when we are checking for syntax. It is the equivalent of ACTIVE but for syntax checking.

MALICIOUS

This status is returned when we are checking for the reputation.

SANE

This status is returned when we are checking for the reputation.

Expiration Date

Give us the expiration date of the tested element.

Unknown (CLI)

Unknown is returned when we could not extract the expiration date from PyFunceble.lookup.whois.WhoisLookup.request() outputs.

None (API)

None is returned when we could not extract the expiration date from PyFunceble.lookup.whois.WhoisLookup.request() outputs.

A date

Only if we could extract the expiration date from PyFunceble.lookup.whois.WhoisLookup.request(), the date becomes formatted like 02-jan-2017.

Source

Give us the source of the status.

HTTP Code

This source is returned when all the following cases are met:

SYNTAX

This source is always returned when the domain has the status INVALID or in the case that we are only checking for syntax instead of availability. The usage of this source comes from the comparison of the element against our domain, IP or URL syntax validation system.

DNSLOOKUP

This source is always returned when the taken decision of the status of the domain/IP comes from PyFunceble.lookup.dns.DNSLookup.request() outputs.

SPECIAL

As PyFunceble grows, I thought that a bit of filtering for special cases would be great. So I introduced the SPECIAL source.

Note

Please consider all 3 digits number that are listed in this section as the HTTP status code catched by PyFunceble.lookup.http_code.HTTPCode.get().

Warning

Do not want those rules ? You can use following to disable them.

  • -ns|--no-special arguments from the CLI.
  • no_special: True into your local configuration file.

*.blogspot.*

  • All 404 are returned as INACTIVE
  • All 301 which are blocked by Google or does not exist are returned as INACTIVE
  • All 302 which are blocked by Google are returned as INACTIVE

*.canalblog.com

  • All 404 are returned as INACTIVE

*.github.io

  • All 404 are returned as INACTIVE

*.liveadvert.com

  • All 404 are returned as INACTIVE

*.skyrock.com

  • All 404 are returned as INACTIVE

*.tumblr.com

  • All 404 are returned as INACTIVE

*.wordpress.com

  • All 301 which match doesn’t exist are returned as INACTIVE

IP with range

  • All IPv4 with a range (for example 0.0.0.0/24) are returned as ACTIVE
  • All IPv6 with a range (for example 2001:db8::/43) are returned as ACTIVE

Reputation

Note

If the --use-reputation-data argument is activated or the use_reputation_data index of your configuration file is active, the following apply.

  • All IPv4 and IPv6 which are present into the AlienVault public reputation data are returned as ACTIVE

HTTP Code

Note

This section reflects exactly what the code does. So any changes made here should also be reported to the code or at least the configuration file.

Note

A XXX in this column means that it was impossible to catch the HTTP status code from the web server.

Note

The Status Codes we give to PyFunceble to test with can be fully customized in your own .PyFunceble.yaml.

As active

Note

While testing for domain and IP, a subject which has an HTTP code listed below, will be saved/logged into the output/Analytic/ACTIVE directory.

Warning

While testing for domain and IP, a subject which has an HTTP code listed below and a global status INACTIVE or INVALID will get its status updated to ACTIVE.

Warning

While testing for URL, if the extracted HTTP code is in the following list, the global status will be ACTIVE.

  • 100 - Continue
  • 101 - Switching Protocols
  • 200 - OK
  • 201 - Created
  • 202 - Accepted
  • 203 - Non-Authoritative Information
  • 204 - No Content
  • 205 - Reset Content
  • 206 - Partial Content

As potentially active

Note

While testing for domain and IP, a subject which has an HTTP code listed below, will be saved/logged into the output/Analytic/POTENTIALLY_ACTIVE directory.

Warning

While testing for domain and IP, a subject which has an HTTP code listed below and a global status INACTIVE or INVALID will get its status updated to ACTIVE.

Warning

While testing for URL, if the extracted HTTP code is in the following list, the global status will be ACTIVE.

  • 000
  • 300 - Multiple Choices
  • 301 - Moved Permanently
  • 302 - Found
  • 303 - See Other
  • 304 - Not Modified
  • 305 - Use Proxy
  • 307 - Temporary Redirect
  • 403 - Forbidden
  • 405 - Method Not Allowed
  • 406 - Not Acceptable
  • 407 - Proxy Authentication Required
  • 408 - Request Timeout
  • 411 - Length Required
  • 413 - Request Entity Too Large
  • 417 - Expectation Failed
  • 500 - Internal Server Error
  • 501 - Not Implemented
  • 502 - Bad Gateway
  • 503 - Service Unavailable
  • 504 - Gateway Timeout
  • 505 - HTTP Version Not Supported

As inactive or potentially inactive

Note

While testing for domain and IP, a subject which has an HTTP code listed below, will be saved/logged into the output/Analytic/POTENTIALLY_INACTIVE directory.

Warning

While testing for URL, if the extracted HTTP code is in the following list, the global status will be INACTIVE.

  • 400 - Bad Request
  • 401 - Unauthorized
  • 402 - Payment Required (Not in use but may be seen in the future)
  • 404 - Not Found
  • 409 - Conflict
  • 410 - Gone
  • 412 - Precondition Failed
  • 414 - Request-URI Too Long
  • 415 - Unsupported Media Type
  • 416 - Requested Range Not Satisfiable