DescribeOutgoingDomain - Cloud Firewall - Alibaba Cloud Documentation Center

Queries information about outbound domain names.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter	Type	Required	Description	Example
Lang	string	No	The language of the request and response. Valid values: zh (default): Chinese en: English	zh
StartTime	string	Yes	The beginning of the time range to query. This is a UNIX timestamp. Unit: seconds.	1656664560
EndTime	string	Yes	The end of the time range to query. This is a UNIX timestamp. Unit: seconds.	1656750960
PageSize	string	No	The number of entries to return on each page. Default value: 6. Maximum value: 100.	10
CurrentPage	string	No	The page number to return. Default value: 1.	1
CategoryId	string	No	The asset category. If you leave this parameter empty, assets in all categories are queried. Valid values: All: all categories RiskDomain: risky domain names RiskIP: risky IP addresses AliYun: Alibaba Cloud services NotAliYun: third-party services	All
Domain	string	No	The outbound domain name.	www.aliyundoc.com
PublicIP	string	No	The public IP address of the Elastic Compute Service (ECS) instance that initiates the outbound connections.	192.0.XX.XX
Sort	string	No	The field to sort by. Valid values: SessionCount (default): the number of requests TotalBytes: the total traffic	SessionCount
Order	string	No	The sorting order. Valid values: asc: ascending desc (default): descending	desc
TagIdNew	string	No	The ID of the intelligence tag. Valid values: AliYun: Alibaba Cloud service RiskDomain: Risky domain name RiskIP: Risky IP address TrustedDomain: Trusted website AliPay: Alipay DingDing: DingTalk WeChat: WeChat QQ: Tencent QQ SecurityService: Security service Microsoft: Microsoft Amazon: Amazon Pan: Cloud storage service Map: Map service Code: Code hosting service SystemService: System service Taobao: Taobao Google: Google ThirdPartyService: Third-party service FirstFlow: First-time access Downloader: Malicious downloader Alexa Top 1M: Popular website Miner: Mining pool Intelligence: Threat intelligence DDoS: DDoS trojan Ransomware: Ransomware Spyware: Spyware Rogue: Rogue software Botnet: Botnet Suspicious: Suspicious website C&C: Command and control (C&C) Gang: Gang-related activity CVE: CVE vulnerability Backdoor: Backdoor Phishing: Phishing website APT: Advanced Persistent Threat (APT) attack Supply Chain Attack: Supply chain attack Malware: Malicious software	AliYun
DataType	string	No	The source of traffic statistics. The default value is `internet`, which indicates Internet Firewall. Valid values: internet: Internet Firewall nat: NAT Firewall	nat
IsAITraffic	string	No	Specifies whether to count only traffic from accessing AI services. The default value is `false`. Valid values: true: yes false: no	true

Response elements

Element	Type	Description	Example
	object
TotalCount	integer	The total number of outbound domains found.	132
RequestId	string	The request ID.	F0F82705-CFC7-5F83-86C8-A063892F****
DomainList	array<object>	An array of outbound domains.
	array<object>	The outbound domains.
AclCoverage	string	Indicates whether an access control policy is configured for the domain. Valid values: Uncovered: no FullCoverage: yes	Uncovered
Domain	string	The outbound domain name.	www.aliyundoc.com
AclRecommendDetail	string	The recommended action for the access control policy.	建议放行
HasAclRecommend	boolean	Indicates whether a recommended access control policy exists. Valid values: true: yes false: no	true
InBytes	integer	The volume of inbound traffic, in bytes.	3214
CategoryName	string	The name of the asset category. Valid values: Alibaba Cloud product Non-Alibaba Cloud product	阿里云产品
RuleName	string	The name of the access control policy.	默认规则
RuleId	string	The ID of the access control policy.	add-dfadf-f****
SessionCount	integer	The number of requests.	12
GroupName	string	The name of the policy group.	外量地址组
SecuritySuggest	string	The recommended security action for the outbound domain name. Valid values: pass: allow alert: monitor drop: deny	pass
OutBytes	integer	The volume of outbound traffic, in bytes.	4582
AclStatus	string	The health status of the access control policy. Valid values: Normal: healthy Abnormal: unhealthy	Normal
IsMarkNormal	boolean	Indicates whether the outbound domain name is marked as normal. Valid values: true: normal false: not normal	true
CategoryId	string	The ID of the asset category. Valid values: Aliyun: Alibaba Cloud service NotAliyun: third-party service	Aliyun
AddressGroupUUID	string	The UUID of the address book.	fdad-fdafa-dafa-dfa****
AddressGroupName	string	The name of the address book.	外联地址簿
CategoryClassId	string	The category of the intelligence tag. Valid values: Suspicious: suspicious Malicious: malicious Trusted: trusted	Trusted
Business	string	The business to which the website belongs.	阿里云
HasAcl	string	Indicates whether an access control policy is configured for the domain name. Valid values: true: yes false: no	true
Organization	string	The name of the organization.	阿里云计算有限公司
SecurityReason	string	The reason for the security recommendation.	智能策略：该目的域名所属组织为阿里云计算有限公司，主要业务为阿里云，未发现安全风险，可用于配置外联白名单。
TotalBytes	string	The total traffic volume, in bytes.	800
TagList	array<object>	An array of tags.
	object	The details of the tag.
RiskLevel	integer	The risk level. Valid values: 1: low 2: medium 3: high	3
TagName	string	The name of the tag.	加白标签
TagId	string	The ID of the intelligence tag.	AliYun
TagDescribe	string	The description of the tag.	加白标签
ClassId	string	The category of the intelligence tag. Valid values: Suspicious: suspicious Malicious: malicious Trusted: trusted	Trusted
ApplicationNameList	array	An array of application names.
	string	The names of the applications.	HTTP
AssetCount	integer	The total number of assets that initiate outbound connections to the domain.	20
PrivateAssetCount	integer	The total number of assets in a private network that initiate outbound connections to the domain.	20

Examples

Success response

JSON format

{
  "TotalCount": 132,
  "RequestId": "F0F82705-CFC7-5F83-86C8-A063892F****",
  "DomainList": [
    {
      "AclCoverage": "Uncovered",
      "Domain": "www.aliyundoc.com",
      "AclRecommendDetail": "建议放行",
      "HasAclRecommend": true,
      "InBytes": 3214,
      "CategoryName": "阿里云产品",
      "RuleName": "默认规则",
      "RuleId": "add-dfadf-f****",
      "SessionCount": 12,
      "GroupName": "外量地址组",
      "SecuritySuggest": "pass",
      "OutBytes": 4582,
      "AclStatus": "Normal",
      "IsMarkNormal": true,
      "CategoryId": "Aliyun",
      "AddressGroupUUID": "fdad-fdafa-dafa-dfa****",
      "AddressGroupName": "外联地址簿",
      "CategoryClassId": "Trusted",
      "Business": "阿里云",
      "HasAcl": "true",
      "Organization": "阿里云计算有限公司",
      "SecurityReason": "智能策略：该目的域名所属组织为阿里云计算有限公司，主要业务为阿里云，未发现安全风险，可用于配置外联白名单。",
      "TotalBytes": "800",
      "TagList": [
        {
          "RiskLevel": 3,
          "TagName": "加白标签",
          "TagId": "AliYun",
          "TagDescribe": "加白标签",
          "ClassId": "Trusted"
        }
      ],
      "ApplicationNameList": [
        "HTTP"
      ],
      "AssetCount": 20,
      "PrivateAssetCount": 20
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
400	ErrorAliUid	Aliuid invalid.	The aliuid is invalid.
400	ErrorTimeError	The time is invalid.	The time is invalid.
400	ErrorDBSelectError	A database select error occurred.	The error message returned because an internal error has occurred in querying the database.
400	ErrorIntervalError	The interval is invalid.	The interval is invalid.
400	ErrorIpFormat	The IP address is invalid.	The IP address is invalid.
400	ErrorSecuritySuggest	The security suggest is invalid.	The security suggest is invalid.
400	ErrorSortError	The sort is invalid.	The sort is invalid.
400	ErrorOrderFailed	The order is invalid.	The order is invalid.
400	ErrorPageNo	Either page number or page size is invalid.	Either page number or page size is invalid.
400	ErrorDomainName	The domain name is invalid.	The domain name is invalid.
400	ErrorDataTypeError	The data type is invalid.	The data type is invalid.
400	ErrorMarshalJSON	internal error.	Internal error.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.