Looking up a domain
Expand all | Collapse all
Kaspersky Threat Intelligence Portal provides an API for looking up a domain.
Request
Request method: GET
Endpoint: https://opentip.kaspersky.com/api/v1/search/domain
Query parameter: request—Domain that you want to investigate.
cURL command sample:
curl --request GET 'https://opentip.kaspersky.com/api/v1/search/domain?request=<domain>' --header 'x-api-key: <API token>'
Here:
|
Responses
200 OK
Request processed successfully.
Endpoint returns a JSON object that contains lookup results for the specified domain.
200 OK response parameters
Parameter
|
Type
|
Description
|
Zone
|
string
|
Color of the zone that a domain belongs to. Available values:
Red—The domain can be classified as Dangerous.
Orange—The domain can be classified as Not trusted and may host malicious objects.
Yellow—The domain is classified as Adware and other (Adware, Pornware, and other programs).
Grey—No data or not enough information is available for the domain.
Green—The domain has the Good or No threats detected status. The No threats detected status is applied if the domain was not classified by Kaspersky, but it was previously scanned and/or analyzed, and no threats were detected at the time of the analysis.
|
DomainGeneralInfo
|
object
|
General information about the requested domain.
|
FilesCount
|
integer
|
Number of known malicious files.
|
UrlsCount
|
integer
|
Number of known malicious web addresses.
|
HitsCount
|
integer
|
Number of IP addresses related to the domain.
|
Domain
|
string
|
Name of the requested domain.
|
Ipv4Count
|
integer
|
Number of IP addresses (IPv4) for the requested domain.
|
Categories
|
Array of strings
|
Categories of the requested domain.
|
CategoriesWithZone
|
Array of objects
|
Categories of the requested domain and zones that the category belongs to:
Name—Category name.
Zone—Color of the category's zone (Red or Yellow).
|
DomainWhoIsInfo
|
object
|
WHOIS information about the requested domain.
|
DomainName
|
string
|
Name of the requested domain.
|
Created
|
string <date-time>
|
Date when the requested domain was registered.
|
Updated
|
string <date-time>
|
Date when registration information about the requested domain was last updated.
|
Expires
|
string <date-time>
|
Expiration date of the requested domain.
|
NameServers
|
Array of strings
|
Name servers of the requested domain.
|
Contacts
|
Array of strings
|
Contact information for the owner of the requested domain.
|
Registrar
|
object
|
Information about the requested domain's registrar:
Info—Name of the requested domain's registrar.
IanaId—IANA ID of the requested domain's registrar.
|
DomainStatus
|
Array of strings
|
Statuses of the requested domain.
|
RegistrationOrganization
|
string
|
Name of the registration organization.
|
400 Bad Request
Request not processed: incorrect query.
Make sure you enter the correct parameter, and then try to run the query again.
401 Unauthorized
Request not processed: user authentication failed.
Make sure you enter the correct credentials, and then try to run the query again.
403 Forbidden
Request not processed: quota or request limit exceeded.
Check your quota and limitations, and try to run the query again later.
404 Not Found
Request not processed: requested object lookup results not found.
Make sure the specified object is correct, and then run the query again.