About Ian.Baxter

I’ve been able to successfully submit files for analysis and file hashes for verdicts, that works fine, but I am now trying to submit a URL for a verdict, instead of a file. So I send this:   Submit Google Link to WF using API curl -F 'apikey=<apikey>' -F 'link=https://www.google.com' 'https://wildfire.paloaltonetworks.com/publicapi/submit/link'   Response from WF: <?xml version="1.0" encoding="UTF-8"?> <wildfire>     <submit-link-info>         <url>https://www.google.com</url>         <sha256>ac6bb669e40e44a8d9f8f0c94dfc63734049dcf6219aac77f02edf94b9162c09</sha256>         <md5>8ffdefbdec956b595d257f0aaeefd623</md5>     </submit-link-info> </wildfire>   I then try to get a verdict from WF curl -F 'apikey=<apikey>' -F 'hash=8ffdefbdec956b595d257f0aaeefd623' 'https://wildfire.paloaltonetworks.com/publicapi/get/verdict'   Response from WF: <?xml version="1.0" encoding="UTF-8"?> <wildfire>      <get-verdict-info>          <sha256></sha256>          <verdict>-102</verdict>          <md5>8ffdefbdec956b595d257f0aaeefd623</md5>       </get-verdict-info> </wildfire>   As you can see I get a “-102” response which means " unknown, cannot find sample record in the database".   I've done this for multiple links, both HTTP and HTTPS over a number of days but always get the -102 verdict.  Am I doing this correctly to get a verdict for a URL?  I have opened a TAC case but they don't have any answers for me other than they'll get back to me and that it may take some time...   ... View more