Kaspersky Threat Intelligence Portal

Looking up a web address

Expand all | Collapse all

Kaspersky Threat Intelligence Portal provides an API for looking up a web address.

Request

Request method: GET

Endpoint: https://opentip.kaspersky.com/api/v1/search/url

Query parameter: request—Web address that you want to investigate.

cURL command sample:

curl --request GET 'https://opentip.kaspersky.com/api/v1/search/url?request=<web address>' --header 'x-api-key: <API token>'

Here:

Responses

200 OK

Request processed successfully.

Endpoint returns a JSON object that contains lookup results for the specified domain.

200 OK response parameters

Parameter

Type

Description

Zone

string

Color of the zone that a web address belongs to. Available values:

Red—The web address can be classified as Dangerous.

Orange—The web address can be classified as Not trusted and may host malicious objects.

Yellow—The web address is classified as Adware and other (Adware, Pornware, and other programs).

Grey—No data or not enough information is available for the web address.

Green—The web address has the Good or No threats detected status. The No threats detected status is applied if the web address was not classified by Kaspersky, but it was previously scanned and/or analyzed, and no threats were detected at the time of the analysis.

UrlGeneralInfo

object

General information about the requested web address.

Url

string

Requested web address.

Host

string

Name of the upper-level domain of the requested web address.

Ipv4Count

integer

Number of IP addresses (IPv4) for the requested web address.

FilesCount

integer

Number of known malicious files.

Categories

Array of strings

Categories of the requested web address. If the web address does not belong to any defined categories, the General category is displayed.

CategoriesWithZone

Array of objects

Categories of the requested web address and zones that the category belongs to:

Name—Category name.

Zone—Color of the category's zone (Red or Yellow). If the web address does not belong to any defined categories, the General category is displayed.

UrlDomainWhoIs

object

WHOIS information about the requested web address.

DomainName

string

Name of the domain of the requested web address.

Created

string <date-time>

Date when the requested web address was registered.

Updated

string <date-time>

Date when registration information about the domain for the requested web address was last updated.

Expires

string <date-time>

Expiration date of the prepaid domain registration term.

NameServers

Array of strings

List of name servers of the domain for the requested web address.

Contacts

Array of strings

Contact information for the owner of the requested web address.

Registrar

object

Information about the domain's registrar:

Info—Name of the domain's registrar.

IanaId—IANA ID of the domain's registrar.

DomainStatus

Array of strings

Statuses of the domain for the requested web address.

RegistrationOrganization

string

Name of the registration organization.

400 Bad Request

Request not processed: incorrect query.

Make sure you enter the correct parameter, and then try to run the query again.

401 Unauthorized

Request not processed: user authentication failed.

Make sure you enter the correct credentials, and then try to run the query again.

403 Forbidden

Request not processed: quota or request limit exceeded.

Check your quota and limitations, and try to run the query again later.

404 Not Found

Request not processed: requested object lookup results not found.

Make sure the specified object is correct, and then run the query again.

414 URI Too Long

Request not processed: Web address length exceeds 2000 characters.

For a web address, its length is limited to a maximum of 2000 characters. Web addresses with a length exceeding 2000 characters cannot be requested by using the RESTful API.

Specify another web address, and then run the query.

Page top
[Topic URLLookupAPI]