DMARC Forensic endpoints

The forensic endpoint returns raw forensic (failure) reports within a specified time period.

forensic

Get /forensic

Description: Get DMARC forensic data.

Parameters:

Parameter Description
start start of Unix time in seconds
end end of Unix time in seconds

Response:

{
    "status":"SUCCESS",
    "total":"3",
    "records":[
        {
            "ForensicId":"29013",
            "Subject":"FW: [Marketing Medium] Totalspan Australia: Notice to Customer COVID-19",
            "Domain":"dmarc-reporting@clouduss.com",
            "Received":"2020-03-20 01:43:37",
            "Amount":"1",
            "Headers":"Feedback-Type: auth-failure\nIdentity-Alignment: spf, dkim\nUser-Agent: MimeKit\nVersion: 2.1\nOriginal-Mail-From: bounce-mc.us15_70631933.15110711-0157d30998@mail72.atl11.rsgsv.net\nAuthentication-Results: mail2.us.scanscope.net; spf=pass\n smtp.mailfrom=bounce-mc.us15_70631933.15110711-0157d30998@mail72.atl11.rsgsv.\n net; dkim=pass header.i=@mailchimpapp.net; dmarc=fail action=none\n header.from=mycompany.com;\nDelivery-Result: delivered\nDKIM-Domain: mailchimpapp.net\nDKIM-Identity: mail72.atl11.rsgsv.net\nDKIM-Selector: k1..."
        },
        ...
    ]
}

Example:

curl -H "Authorization: Bearer 12341fc3ce4d57f3368d47cd304812ad" "https://dmarcly.com/api/forensic?start=0&end=1811111112"