Looking up a web address
Expand all | Collapse all
Kaspersky Threat Intelligence Portal provides an API for looking up a web address.
Request
Request method: GET
Endpoint: https://opentip.kaspersky.com/api/v1/search/url
Query parameter: request—Web address that you want to investigate.
cURL command sample:
curl --request GET 'https://opentip.kaspersky.com/api/v1/search/url?request=<web address>' --header 'x-api-key: <API token>'
Here:
|
Responses
200 OK
Request processed successfully.
Endpoint returns a JSON object that contains lookup results for the specified domain.
200 OK response parameters
Parameter
|
Type
|
Description
|
Zone
|
string
|
Color of the zone that a web address belongs to. Available values:
Red—The web address can be classified as Dangerous.
Orange—The web address can be classified as Not trusted and may host malicious objects.
Yellow—The web address is classified as Adware and other (Adware, Pornware, and other programs).
Grey—No data or not enough information is available for the web address.
Green—The web address has the Good or No threats detected status. The No threats detected status is applied if the web address was not classified by Kaspersky, but it was previously scanned and/or analyzed, and no threats were detected at the time of the analysis.
|
UrlGeneralInfo
|
object
|
General information about the requested web address.
|
Url
|
string
|
Requested web address.
|
Host
|
string
|
Name of the upper-level domain of the requested web address.
|
Ipv4Count
|
integer
|
Number of IP addresses (IPv4) for the requested web address.
|
FilesCount
|
integer
|
Number of known malicious files.
|
Categories
|
Array of strings
|
Categories of the requested web address. If the web address does not belong to any defined categories, the General category is displayed.
|
CategoriesWithZone
|
Array of objects
|
Categories of the requested web address and zones that the category belongs to:
Name—Category name.
Zone—Color of the category's zone (Red or Yellow). If the web address does not belong to any defined categories, the General category is displayed.
|
UrlDomainWhoIs
|
object
|
WHOIS information about the requested web address.
|
DomainName
|
string
|
Name of the domain of the requested web address.
|
Created
|
string <date-time>
|
Date when the requested web address was registered.
|
Updated
|
string <date-time>
|
Date when registration information about the domain for the requested web address was last updated.
|
Expires
|
string <date-time>
|
Expiration date of the prepaid domain registration term.
|
NameServers
|
Array of strings
|
List of name servers of the domain for the requested web address.
|
Contacts
|
Array of strings
|
Contact information for the owner of the requested web address.
|
Registrar
|
object
|
Information about the domain's registrar:
Info—Name of the domain's registrar.
IanaId—IANA ID of the domain's registrar.
|
DomainStatus
|
Array of strings
|
Statuses of the domain for the requested web address.
|
RegistrationOrganization
|
string
|
Name of the registration organization.
|
400 Bad Request
Request not processed: incorrect query.
Make sure you enter the correct parameter, and then try to run the query again.
401 Unauthorized
Request not processed: user authentication failed.
Make sure you enter the correct credentials, and then try to run the query again.
403 Forbidden
Request not processed: quota or request limit exceeded.
Check your quota and limitations, and try to run the query again later.
404 Not Found
Request not processed: requested object lookup results not found.
Make sure the specified object is correct, and then run the query again.
414 URI Too Long
Request not processed: Web address length exceeds 2000 characters.
For a web address, its length is limited to a maximum of 2000 characters. Web addresses with a length exceeding 2000 characters cannot be requested by using the RESTful API.
Specify another web address, and then run the query.