Metadata
Stay organized with collections
Save and categorize content based on your preferences.
This document applies to the following methods:
Metadata is information that helps distinguish between threat types and allows for more informative warnings
(see Suggested Warning Language).
Metadata is part of the
ThreatMatch
object returned in the
fullHashes.find response
and includes:
- The threat list descriptor (threat/platform/threatEntry type combination): Identifies the Safe
Browsing (threat) list.
- The threat: For
threatMatches, a URL. For fullHashes, a full-length hash.
- The metadata: Additional information about the threat.
Metadata is provided in the form of key/value string pairs (see the
ThreatEntryMetadata
field). For JSON requests, the key and value are both base64-encoded. The type of metadata
returned will vary depending on the specific Safe Browsing list (the threat/platform/threatEntry
type combination).
Malware sites
Metadata is currently available for all available lists with the MALWARE threatType
and the URL threatEntryType. The key/value pairs are described here.
| key |
value |
Description |
| malware_threat_type |
landing |
Malware landing site. These sites are gateways to malware. They are often hacked sites that
include iframes, scripts, or redirects that load content from other sites that launch the actual
attacks. |
| malware_threat_type |
distribution |
Malware distribution site. These sites launch the malware attacks. |
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-09-18 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-18 UTC."],[[["This documentation focuses on metadata within the Safe Browsing Lookup and Update APIs (v4), aiding in threat distinction and providing informative warnings."],["Metadata, found within ThreatMatch objects, includes the threat list descriptor, the threat itself (URL or hash), and additional information about the threat."],["Metadata is presented as key/value string pairs (base64-encoded for JSON) and varies based on the specific Safe Browsing list."],["Currently, metadata is available for all lists with `MALWARE` threatType and `URL` threatEntryType, and distinguishes between malware landing and distribution sites."]]],[]]
