Introduction
Welcome to the FullHunt API documentation. FullHunt holds one of the largest databases for external attack surfaces of the entire Internet. You can use the FullHunt API to access attack surface data.
FullHunt API can be accessed from two hosts:
https://fullhunt.io/apihttps://enterprise-api.fullhunt.io/api(Dedicated to Enterprise usage)
Getting Started
- Get API key from FullHunt.io profile settings
- Verify authentication
Authentication
To authenticate:
# With shell, you can just pass the correct header with each request
curl "https://fullhunt.io/api/v1/auth/status" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
{
"message": "",
"status": 200,
"user": {
"company": "ACME",
"email": "john.smith@acme.com",
"first_name": "John",
"last_name": "Smith",
"plan": "enterprise"
},
"user_credits": {
"credits_usage": 1,
"max_results_per_request": 300000,
"remaining_credits": 2999,
"total_credits_per_month": 3000
}
}
Make sure to replace
xxxx-xxxx-xxxx-xxxxxxwith your API key.
FullHunt uses API Key-based authentication to allow access to the API. You can sign up for a new FullHunt account to have an API key and will find it on your profile settings.
Domain APIs
Get Domain Details
Get domain details, subdomains, associated hosts, DNS records, exposed ports, and more.
Rate limiting: requests are limited to 60 requests per minute.
curl "https://fullhunt.io/api/v1/domain/kaspersky.com/details" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"domain": "kaspersky.com",
"hosts": [
{
"categories": ["Web-Servers"],
"cdn": "",
"cert_object": {
"dns_names": ["*.cloud.kaspersky.com"],
"email_addresses": null,
"ip_addresses": [],
"is_valid_hostname": true,
"issuer_common_name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"issuer_country": "US",
"issuer_organization": "DigiCert Inc",
"issuer_serial_number": "",
"issuer_string": "CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US",
"md5_fingerprint": "6A:FC:AF:EE:A1:56:E9:E5:8F:F1:8C:BD:69:2C:BF:F3",
"not_after": "06-03-2025 23:59:59",
"not_before": "07-03-2024 00:00:00",
"remote_ip_address": "101.46.138.76:8000",
"sha1_fingerprint": "AE:1B:E5:88:42:78:C8:D4:4C:66:08:36:53:2F:63:69:A0:2B:4F:2A",
"sha256_fingerprint": "E0:3F:C7:5B:1B:FD:24:5E:8D:02:46:5E:9A:E3:ED:B4:C6:E8:26:39:16:07:0A:69:D6:52:D6:69:95:96:B8:B4",
"signature_algorithm": "SHA256-RSA",
"subject_common_name": "*.cloud.kaspersky.com",
"subject_country": "CH",
"subject_locality": "Zürich",
"subject_organization": "Kaspersky Lab Switzerland GmbH",
"subject_province": ""
},
"cloud": {
"provider": "",
"region": ""
},
"dns": {
"a": ["101.46.138.76"],
"aaaa": null,
"cname": [],
"mx": null,
"ns": [],
"ptr": ["ecs-101-46-138-76.compute.hwclouds-dns.eu."],
"txt": null
},
"domain": "kaspersky.com",
"has_ipv6": false,
"has_private_ip": false,
"host": "s331.cloud.kaspersky.com",
"http_status_code": null,
"http_title": "Kaspersky Endpoint Security Cloud",
"ip_address": "101.46.138.76",
"ip_metadata": {
"asn": 136907,
"city_name": "",
"country_code": "SG",
"country_name": "Singapore",
"isp": "HUAWEI CLOUDS",
"location_latitude": 1.3673,
"location_longitude": 103.8014,
"organization": "HUAWEI CLOUDS",
"postal_code": "",
"region": ""
},
"is_cdn": false,
"is_cloud": false,
"is_cloudflare": false,
"is_live": true,
"is_resolvable": true,
"network_ports": [8000, 8080, 8081, 9443],
"products": ["Microsoft-Kestrel", "Apache"],
"tags": ["https", "microsoft-kestrel", "web-servers", "apache"],
"tld": "com",
"urls": null
}
],
"status": 200,
"message": "",
"metadata": {
"all_results_count": 349,
"available_results_for_user": 300,
"domain": "kaspersky.com",
"last_scanned": 1626577921,
"max_results_for_user": 300,
"timestamp": 1634004417,
"user_plan": "advanced"
}
}
HTTP Request
GET https://fullhunt.io/api/v1/domain/<domain>/details
URL Parameters
| Parameter | Description |
|---|---|
| domain | The searched domain. |
Get Subdomains of a domain
List all discovered subdomains/hosts for a given domain.
Rate limiting: requests are limited to 60 requests per minute.
curl "https://fullhunt.io/api/v1/domain/kaspersky.com/subdomains" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"domain": "kaspersky.com",
"hosts": ["kaspersky.com", "www.kaspersky.com", "xxx.kaspersky.com"],
"status": 200,
"message": "",
"metadata": {
"all_results_count": 349,
"available_results_for_user": 300,
"domain": "kaspersky.com",
"last_scanned": 1626577921,
"max_results_for_user": 300,
"timestamp": 1634004387,
"user_plan": "advanced"
}
}
HTTP Request
GET https://fullhunt.io/api/v1/domain/<domain>/subdomains
URL Parameters
| Parameter | Description |
|---|---|
| domain | The searched domain. |
Get details of a specific host
This endpoint retrieves details for a given host.
curl "https://fullhunt.io/api/v1/host/fthub.kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"categories": ["Email-Servers", "SSH-Server", "Web-Servers"],
"cdn": "",
"cert_object": {
"dns_names": ["ics-cert.kaspersky.com", "fthub.kaspersky.com"],
"email_addresses": null,
"ip_addresses": [],
"is_valid_hostname": true,
"issuer_common_name": "GlobalSign RSA OV SSL CA 2018",
"issuer_country": "BE",
"issuer_organization": "GlobalSign nv-sa",
"issuer_serial_number": "",
"issuer_string": "CN=GlobalSign RSA OV SSL CA 2018,O=GlobalSign nv-sa,C=BE",
"md5_fingerprint": "3B:0C:31:87:74:FF:57:E6:71:8F:C9:C3:9E:FE:41:96",
"not_after": "24-11-2025 07:41:13",
"not_before": "23-10-2024 15:02:02",
"remote_ip_address": "185.105.225.103:443",
"sha1_fingerprint": "69:D3:44:D6:A3:34:8C:0D:2D:1F:23:55:C7:8A:71:35:F6:F7:6A:17",
"sha256_fingerprint": "74:D1:CF:DF:EF:D7:42:74:AF:1E:F3:BB:C5:49:9B:3D:9F:05:88:15:60:5E:25:A0:D1:76:B6:B8:18:0F:CA:E4",
"signature_algorithm": "SHA256-RSA",
"subject_common_name": "ics-cert.kaspersky.com",
"subject_country": "CH",
"subject_locality": "Zürich",
"subject_organization": "Kaspersky Lab Switzerland GmbH",
"subject_province": "Zürich"
},
"cloud": {
"provider": "",
"region": ""
},
"dns": {
"a": ["185.105.225.103"],
"aaaa": null,
"cname": [],
"mx": null,
"ns": [],
"ptr": ["fthub.kaspersky.com."],
"txt": null
},
"domain": "kaspersky.com",
"has_ipv6": false,
"has_private_ip": false,
"host": "fthub.kaspersky.com",
"http_status_code": null,
"http_title": "301 Moved Permanently",
"ip_address": "185.105.225.103",
"ip_metadata": {
"asn": 200487,
"city_name": "St Petersburg",
"country_code": "RU",
"country_name": "Russia",
"isp": "OOO VPS",
"location_latitude": 59.8983,
"location_longitude": 30.2618,
"organization": "OOO VPS",
"postal_code": "190000",
"region": "St.-Petersburg"
},
"is_cdn": false,
"is_cloud": false,
"is_cloudflare": false,
"is_live": true,
"is_resolvable": true,
"network_ports": [110, 143, 22, 443, 7777, 80, 8888, 993, 995],
"products": ["Dovecot", "dovecot", "openssh", "nginx"],
"tags": [
"imap",
"dovecot",
"email-servers",
"ssh",
"openssh",
"ssh-server",
"https",
"nginx",
"web-servers",
"http"
],
"tld": "com",
"urls": null
HTTP Request
GET https://fullhunt.io/api/v1/host/<host>
URL Parameters
| Parameter | Description |
|---|---|
| host | The searched host. |
Global Search APIs
Global Search APIs allows security professionals to run advanced search across the FullHunt Database with a wide range of filters.
For example, you can search for all Cisco products within a nation, a high-signal CVE on a country, or all exposed MongoDB assets for a specific organization.
Rate limiting: requests are limited to 60 requests per minute.
Note: This API is available for enterprise users only.
curl "https://fullhunt.io/api/v1/global/search" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
-d '{"country": "GB", "product": "Citrix-NetScaler"}'
The above command returns JSON structured like this:
{
"query": {
"country_code": "GB",
"products": "Citrix-NetScaler"
},
"results": [
{
"asn": 3738,
"categories": [],
"cdn": "",
"cert_object": {
"dnsnames": null,
"emailaddresses": null,
"ipaddresses": null,
"issuer_commonname": "",
"issuer_country": "",
"issuer_organization": "",
"issuer_serialnumber": "",
"issuer_string": "",
"isvalidhostname": false,
"md5_fingerprint": "",
"notafter": "",
"notbefore": "",
"remoteipaddress": "",
"sha1_fingerprint": "",
"sha256_fingerprint": "",
"signaturealgorithm": "",
"subject_commonname": "",
"subject_country": "",
"subject_locality": "",
"subject_organization": "",
"subject_province": ""
},
"city_name": "Poplar",
"cloud_provider": "",
"cloud_region": "",
"country_code": "GB",
"country_name": "United Kingdom",
"date_added": "2021-09-22 08:57:20 +0000 UTC",
"dns_a": ["192.250.98.95"],
"dns_aaaa": null,
"dns_cname": [],
"dns_mx": null,
"dns_ns": [],
"dns_ptr": ["access-ci-uk1.statestreet.com."],
"dns_records_count": 2,
"dns_txt": null,
"domain": "statestreet.com",
"has_ipv6": false,
"has_private_ip": false,
"host": "access-ci.statestreet.com",
"http_favicon": "",
"http_favicon_blob": "",
"http_title": "",
"id": "62d13e76483d7d770151acd0",
"ip_address": "192.250.98.95",
"ip_decimal": 3237634655,
"is_cdn": false,
"is_cloud": false,
"is_cloudflare": false,
"is_live": true,
"is_resolvable": true,
"isp": "State Street Bank and Trust Company",
"last_seen": "2023-03-05 07:07:31.522423199 +0000 UTC",
"location_latitude": 51.5064,
"location_longitude": -0.02,
"network_ports": [443, 80],
"network_services": [
{
"banner": "302 Object Moved\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Length: 413\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /logon/LogonPoint/tmindex.html\r\nPragma: no-cache\r\nSet-Cookie: NSC_DLGE=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_USER=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_CERT=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_TEMP=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_PERS=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_TEMP=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT\r\nSet-Cookie: NSC_PERS=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\n",
"certobject": {
"dnsnames": [
"access.statestreet.com",
"access-us.statestreet.com",
"access-emea.statestreet.com",
"access-ap.statestreet.com",
"access-jp.statestreet.com",
"access-hk.statestreet.com",
"access-au.statestreet.com",
"access-in.statestreet.com",
"access-cn.statestreet.com.cn",
"access-dr.statestreet.com",
"access-ci.statestreet.com",
"access-us1.statestreet.com",
"access-us2.statestreet.com",
"access-us3.statestreet.com",
"access-uk1.statestreet.com",
"access-uk2.statestreet.com",
"access-hk1.statestreet.com",
"access-hk2.statestreet.com",
"access-jp1.statestreet.com",
"access-jp2.statestreet.com",
"access-au1.statestreet.com",
"access-au2.statestreet.com",
"access-in1.statestreet.com",
"access-in2.statestreet.com",
"access-cn1.statestreet.com.cn",
"access-cn2.statestreet.com.cn",
"access-cn3.statestreet.com.cn"
],
"emailaddresses": null,
"ipaddresses": [],
"issuer_commonname": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"issuer_country": "US",
"issuer_organization": "DigiCert Inc",
"issuer_serialnumber": "",
"issuer_string": "CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US",
"isvalidhostname": true,
"md5_fingerprint": "DA:D2:B1:9A:D0:A7:81:9C:83:22:9E:92:43:56:44:FB",
"notafter": "13-10-2023 23:59:59",
"notbefore": "12-09-2022 00:00:00",
"remoteipaddress": "192.250.98.95:443",
"sha1_fingerprint": "80:91:FB:3F:4C:86:FE:CC:F1:0E:ED:07:3C:3C:05:4E:5A:2A:3A:FE",
"sha256_fingerprint": "9F:E1:A6:F2:D1:41:E0:0F:61:17:3A:4D:24:96:2C:54:E2:9D:BA:E7:CF:4A:3E:91:7A:34:B1:87:8E:61:0E:9F",
"signaturealgorithm": "SHA256-RSA",
"subject_commonname": "access.statestreet.com",
"subject_country": "US",
"subject_locality": "Quincy",
"subject_organization": "State Street Corporation",
"subject_province": "Massachusetts"
},
"httpfavicon": "",
"httpfaviconblob": "",
"httpstatuscode": 302,
"httptitle": "",
"port": 443,
"product": ["Citrix-NetScaler"],
"service": ["https"],
"type": "tcp",
"web": null
},
{
"banner": "302 Found : Moved Temporarily\r\nCache-Control: no-cache\r\nLocation: https://access-ci.statestreet.com:80/\r\nPragma: no-cache\r\n",
"certobject": {
"dnsnames": null,
"emailaddresses": null,
"ipaddresses": null,
"issuer_commonname": "",
"issuer_country": "",
"issuer_organization": "",
"issuer_serialnumber": "",
"issuer_string": "",
"isvalidhostname": false,
"md5_fingerprint": "",
"notafter": "",
"notbefore": "",
"remoteipaddress": "",
"sha1_fingerprint": "",
"sha256_fingerprint": "",
"signaturealgorithm": "",
"subject_commonname": "",
"subject_country": "",
"subject_locality": "",
"subject_organization": "",
"subject_province": ""
},
"httpfavicon": "",
"httpfaviconblob": "",
"httpstatuscode": 302,
"httptitle": "",
"port": 80,
"product": null,
"service": ["http"],
"type": "tcp",
"web": null
}
],
"organization": "State Street Bank and Trust Company",
"ports_count": 2,
"postal_code": "E14",
"products": ["Citrix-NetScaler"],
"region": "Tower Hamlets",
"tags": ["https", "citrix-netscaler", "http"],
"tld": "com",
"urls": null
}
],
"total_pages": 1000000,
"total_query_results": 10000000
}
HTTP Request
POST https://fullhunt.io/api/v1/global/search
Request Filters
Fullhunt Global Search comes with a powerful search filters. See ther full documentation here https://fullhunt.io/docs/global-search/filters
Data Intelligence APIs
FullHunt Data Intelligence APIs offer critical information for data intelligence and security tools.
FullHunt Data Intelligence APIs are used to query the FullHunt database, the largest asset inventory database on the Internet, for various use-cases.
Rate limiting: requests are limited to 60 requests per minute.
Note: The results are limited to 100 results per query for community accounts. Enterprise accounts have full access to Data Intelligence API.
curl "https://fullhunt.io/api/v1/intel/host?host=loja.center.kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"host": "loja.center.kaspersky.com"
},
"results": [
{
"asn": 15169,
"dns_ptr": ["154.208.186.35.bc.googleusercontent.com."],
"domain": "kaspersky.com",
"host": "loja.center.kaspersky.com",
"ip_address": "35.186.208.154",
"organization": "GOOGLE"
}
],
"total_pages": 1,
"total_query_results": 1
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/host
Get Host Details
Get details about a given host.
curl "https://fullhunt.io/api/v1/intel/host?host=loja.center.kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"host": "loja.center.kaspersky.com"
},
"results": [
{
"asn": 15169,
"dns_ptr": ["154.208.186.35.bc.googleusercontent.com."],
"domain": "kaspersky.com",
"host": "loja.center.kaspersky.com",
"ip_address": "35.186.208.154",
"organization": "GOOGLE"
}
],
"total_pages": 1,
"total_query_results": 1
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/host
URL Parameters
| Parameter | Description |
|---|---|
| host | The searched host. |
Get Hosts With a Specific Tag
Get hosts that match a given tag.
curl "https://fullhunt.io/api/v1/intel/tag?tag=ssh" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"tag": "ssh"
},
"results": [
{
"asn": 3737,
"dns_ptr": null,
"domain": "",
"host": "24.229.106.49",
"ip_address": "24.229.106.49",
"organization": "PenTeleData"
}
],
"total_pages": 10000,
"total_query_results": 10000
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/tag
URL Parameters
| Parameter | Description |
|---|---|
| tag | The searched tag. |
Get Hosts Running a Web Tech
Get hosts that are running a specific web technology.
curl "https://fullhunt.io/api/v1/intel/web-tech?tech=HTTP/3" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"tech": "HTTP/3"
},
"results": [
{
"asn": 0,
"dns_ptr": null,
"domain": "fullhunt.blue",
"host": "fullhunt.blue",
"ip_address": "2a06:98c1:3120::3",
"organization": ""
}
],
"total_pages": 10000,
"total_query_results": 10000
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/web-tech
URL Parameters
| Parameter | Description |
|---|---|
| tech | The searched web technology. |
Get hosts Running a specific Product
Get hosts that are running a specific product.
curl "https://fullhunt.io/api/v1/intel/product?product=Citrix-NetScaler" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"product": "Citrix-NetScaler"
},
"results": [
{
"asn": 7741,
"dns_ptr": ["199-198-251-31.cibc.com."],
"domain": "cibc.com",
"host": "199-198-251-31.cibc.com",
"ip_address": "199.198.251.31",
"organization": "CIBC World Markets"
}
],
"total_pages": 4551,
"total_query_results": 4551
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/product
URL Parameters
| Parameter | Description |
|---|---|
| product | The searched product. |
Get Subdomains of a Domain
Get all subdomains associated with the given domain.
curl "https://fullhunt.io/api/v1/intel/domain?domain=kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"domain": "kaspersky.com"
},
"results": [
{
"asn": 0,
"dns_ptr": null,
"domain": "kaspersky.com",
"host": "08.kaspersky.com",
"ip_address": "",
"organization": ""
}
],
"total_pages": 10000,
"total_query_results": 10000
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/domain
URL Parameters
| Parameter | Description |
|---|---|
| domain | The searched domain. |
Get Hosts Pointing to a Given IP address
Get hosts pointing to a given IP address.
curl "https://fullhunt.io/api/v1/intel/ip-to-hosts?ip=8.8.8.8" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"ip": "8.8.8.8"
},
"results": [
{
"asn": 15169,
"dns_ptr": ["dns.google."],
"domain": "dns.google",
"host": "dns.google",
"ip_address": "8.8.8.8",
"organization": "Google"
}
],
"total_pages": 202,
"total_query_results": 202
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/ip-to-hosts
URL Parameters
| Parameter | Description |
|---|---|
| ip | The searched IP Address. |
Get Hosts within a given ASN
Get hosts within a given ASN.
curl "https://fullhunt.io/api/v1/intel/asn-to-hosts?asn=200107" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"asn": 200107
},
"results": [
{
"asn": 200107,
"dns_ptr": null,
"domain": "kaspersky-labs.com",
"host": "42.ucp-ntfy.kaspersky-labs.com",
"ip_address": "82.202.185.202",
"organization": "Kaspersky Lab Switzerland GmbH"
}
],
"total_pages": 1206,
"total_query_results": 1206
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/asn-to-hosts
URL Parameters
| Parameter | Description |
|---|---|
| asn | The searched ASN. |
Get Virtual Hosts Pointing to ASN
Get virtual hosts pointing to the same ASN.
curl "https://fullhunt.io/api/v1/intel/asn-to-virtual-hosts?asn=200107" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"asn": 200107
},
"results": [
{
"asn": 200107,
"dns_ptr": null,
"domain": "kaspersky-labs.com",
"host": "42.ucp-ntfy.kaspersky-labs.com",
"ip_address": "82.202.185.202",
"organization": "Kaspersky Lab Switzerland GmbH"
}
],
"total_pages": 1206,
"total_query_results": 1206
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/asn-to-virtual-hosts
URL Parameters
| Parameter | Description |
|---|---|
| asn | The searched ASN. |
Get Hosts Pointing to a Given IP address
Get hosts pointing to a given IP address.
curl "https://fullhunt.io/api/v1/intel/ip-range-to-hosts?ip_start=1.1.1.1&ip_end=1.1.1.255" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"ip_start": "1.1.1.1",
"ip_end": "1.1.1.255"
},
"results": [
{
"asn": 0,
"dns_ptr": ["one.one.one.one."],
"domain": "cwu.edu.cn",
"host": "1.cwu.edu.cn",
"ip_address": "1.1.1.1",
"organization": "CLOUDFLARENET"
}
],
"total_pages": 10000,
"total_query_results": 10000
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/ip-range-to-hosts
URL Parameters
| Parameter | Description |
|---|---|
| ip_start | The range start ip. |
| ip_end | The range end ip. |
Get Host With Same DNS MX
Get hosts that points to the same DNS MX
curl "https://fullhunt.io/api/v1/intel/dns-mx-to-hosts?dns_mx=mx14.kaspersky-labs.com." \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"dns_mx": "mx14.kaspersky-labs.com."
},
"results": [
{
"asn": 200350,
"dns_ptr": null,
"domain": "kaspersky.com",
"host": "brand.kaspersky.com",
"ip_address": "51.250.27.190",
"organization": "Yandex.Cloud LLC"
}
],
"total_pages": 15,
"total_query_results": 15
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/dns-mx-to-hosts
URL Parameters
| Parameter | Description |
|---|---|
| dns_mx | The searched dns_mx. |
Get Hosts Pointing to Same DNS NS
Get hosts pointing to the same DNS NS.
curl "https://fullhunt.io/api/v1/intel/dns-ns-to-hosts?dns_ns=ns1.kasperskylabs.net." \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"dns_ns": "ns1.kasperskylabs.net."
},
"results": [
{
"asn": 8075,
"dns_ptr": null,
"domain": "kaspersky.com",
"host": "cloud.kaspersky.com",
"ip_address": "40.85.136.63",
"organization": "MICROSOFT-CORP-MSN-AS-BLOCK"
}
],
"total_pages": 26,
"total_query_results": 26
}
HTTP Request
GET https://fullhunt.io/api/v1/intel/dns-ns-to-hosts
URL Parameters
| Parameter | Description |
|---|---|
| dns_ns | The searched dns_ns. |
Enterprise APIs
Organizations API
Get Organizations
This endpoint retrieves your organizations list.
curl "https://fullhunt.io/api/v1/enterprise/organizations" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
[
{
"id": "3db40e1c-1d26-4309-b0c4-105fde3b3486",
"name": "ORG Name",
"description": "ORG description",
"is_default": true
}
]
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/organizations
Alerts APIs
Get Alerts
This endpoint retrieves alerts and events of exposures.
curl "https://fullhunt.io/api/v1/enterprise/alerts" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
[
{
"domain": "acme.com",
"host": "api-payments-prod.acme.com",
"id": 92731,
"is_seen": false,
"message": "A new subdomain was discovered in `acme.com`. \n\n* Subdomain: `api-payments-prod.acme.com`\n* Detection Method: DNS Enumeration\n* First Seen: 2024-02-05 14:23:59 UTC",
"timestamp": 1707142800,
"title": "New subdomain discovered in `acme.com`",
"type": "new_subdomain_discovered"
}
]
Query Parameters
| Parameter | Required | Description |
|---|---|---|
| org | no | Filter alerts by organization ID. |
| page | no | Page (default: 1). |
| from | no | Get alerts starting from a certain date (in the format DD/MM/YYYY) |
| to | no | Get alerts until a certain date (in the format DD/MM/YYYY) |
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/alerts
Vulnerabilities APIs
Get Vulnerabilities
This endpoint retrieves discovered vulnerabilities.
curl "https://fullhunt.io/api/v1/enterprise/vulnerabilities" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
[
{
"affected_location": "https://api.acme.com:8443/v1/payment-gateway/${jndi:ldap://127.0.0.1:1389/Exploit}",
"automated_vulnerability_validation_status": true,
"custom_severity": "critical",
"description": "A critical remote code execution vulnerability (CVE-2021-44228) has been detected in the Log4j logging library on the target host. The affected endpoint processes JNDI lookup strings in logged data, allowing attackers to trigger remote class loading and achieve code execution. Testing confirmed that user-controlled input is being logged by the application, making this a direct attack vector. The vulnerable version of Log4j (2.14.1) was identified through manifest analysis and active testing.",
"domain": "acme.com",
"host": "api.acme.com",
"host_type": "dns",
"identification_date": 1707152400,
"impact": "The vulnerability allows attackers to execute arbitrary code on the target system with the privileges of the Java application. Given this is a production payment processing API, successful exploitation could lead to unauthorized access to financial data, lateral movement within the network, and potential customer data exposure. The automated validation confirms the system is actively vulnerable to JNDI lookup attacks.",
"issue_id": 12458,
"last_seen": 1707238800,
"recommendation": "1. Immediately upgrade Log4j to version 2.17.1 or later\n2. Set log4j2.formatMsgNoLookups=true as a JVM parameter\n3. Implement WAF rules to block JNDI lookup patterns\n4. Review application logs for exploitation attempts\n5. Apply strict input validation on all API endpoints\n6. Deploy network rules to block outbound LDAP/RMI traffic from the application server",
"references": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
"https://logging.apache.org/log4j/2.x/security.html",
"https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-356a",
"https://github.com/apache/logging-log4j2/releases/tag/log4j-2.17.1",
"https://www.lunasec.io/docs/blog/log4j-zero-day/",
"https://www.microsoft.com/en-us/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/"
],
"severity": "critical",
"status": 0,
"title": "Log4j Remote Code Execution Vulnerability (Log4Shell) at api.acme.com",
"vulnerability_id": "CVE-2021-44228",
"vulnerability_type": "Application"
}
]
Query Parameters
| Parameter | Required | Description |
|---|---|---|
| org | no | Filter vulnerabilities by organization ID. |
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/vulnerabilities
Entities APIs
Get All Entities
List entities of the account.
curl "https://fullhunt.io/api/v1/enterprise/entities" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
[
{
"asset": "kaspersky.com",
"type": "domain"
},
{
"asset": "185.85.15.0/24",
"type": "ip-range"
}
]
Query Parameters
| Parameter | Required | Description |
|---|---|---|
| org | no | Filter entities by organization ID. |
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/entities
Get assets of an entity
This endpoint retrieves all assets of specific entity.
curl "https://fullhunt.io/api/v1/enterprise/assets?entity=kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
[
{
"asset_score": 95,
"asset_score_reason": ["delegated-cname-record"],
"categories": [
"Web-Development-Frameworks",
"Web-Servers",
"Cloud-Services"
],
"cdn": "",
"cert_object": {
"dns_names": ["cybermap.kaspersky.com"],
"email_addresses": null,
"ip_addresses": [],
"is_valid_hostname": true,
"issuer_common_name": "GlobalSign RSA OV SSL CA 2018",
"issuer_country": "BE",
"issuer_organization": "GlobalSign nv-sa",
"issuer_serial_number": "",
"issuer_string": "CN=GlobalSign RSA OV SSL CA 2018,O=GlobalSign nv-sa,C=BE",
"md5_fingerprint": "48:DF:CD:CB:D1:F2:82:05:1E:A6:53:78:8E:49:01:74",
"not_after": "03-08-2025 12:01:01",
"not_before": "02-07-2024 12:01:02",
"remote_ip_address": "185.54.223.252:443",
"sha1_fingerprint": "9C:B9:F7:80:23:9C:85:66:3E:C7:6E:C4:C3:50:5E:5E:79:BC:A4:95",
"sha256_fingerprint": "10:CE:13:BD:FF:EB:5F:F0:AC:65:4B:DF:FB:D8:70:13:55:A9:5B:7B:33:23:5B:A9:D8:C3:F5:7E:F2:CE:00:B0",
"signature_algorithm": "SHA256-RSA",
"subject_common_name": "cybermap.kaspersky.com",
"subject_country": "CH",
"subject_locality": "Zürich",
"subject_organization": "Kaspersky Lab Switzerland GmbH",
"subject_province": "Zürich"
},
"cloud": {
"provider": "",
"region": ""
},
"dns": {
"a": ["185.54.223.252"],
"aaaa": null,
"cname": [
"cybermap-kaspersky-com.sm.kaspersky.com.",
"cybermap-kaspersky-com-prod.sm.kaspersky.com."
],
"mx": null,
"ns": [],
"ptr": null,
"txt": null
},
"domain": "kaspersky.com",
"has_ipv6": false,
"has_private_ip": false,
"host": "cybermap.kaspersky.com",
"http_status_code": null,
"http_title": "MAP | Kaspersky Cyberthreat live map",
"ip_address": "185.54.223.252",
"ip_metadata": {
"asn": 200107,
"city_name": "",
"country_code": "GB",
"country_name": "United Kingdom",
"isp": "Kaspersky Lab Switzerland GmbH",
"location_latitude": 51.4964,
"location_longitude": -0.1224,
"organization": "Kaspersky Lab Switzerland GmbH",
"postal_code": "",
"region": ""
},
"is_cdn": false,
"is_cloud": false,
"is_cloudflare": false,
"is_live": true,
"is_resolvable": true,
"network_ports": [443, 80],
"products": ["Laravel", "nginx", "Amazon-CloudFront"],
"tags": [
"cname",
"https",
"laravel",
"nginx",
"amazon-cloudfront",
"web-development-frameworks",
"web-servers",
"cloud-services",
"http"
],
"tld": "com",
"urls": [
"https://cybermap.kaspersky.com/stats",
"https://cybermap.kaspersky.com/js/map.js?id=b22034f86b2e0e17052c435bbbf7c843",
"https://cybermap.kaspersky.com/tos",
"https://cybermap.kaspersky.com/fr",
"https://cybermap.kaspersky.com/subsystems"
]
}
]
Query Parameters
| Parameter | Required | Description |
|---|---|---|
| entity | yes | Entity name that want to retrieve tis assets. |
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/assets
Darkweb Compromised Credentials
You can use Darkweb Compromised Credentials API to retrieve compromised credentials and leaks within your organization.
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/darkweb/compromised-credentials
URL Parameters
| Parameter | Description |
|---|---|
| query | Email or domain search string |
| page | Pagination page number |
curl "https://fullhunt.io/api/v1/enterprise/darkweb/compromised-credentials?query=john.smith@acme.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"query": {
"query": "john.smith@acme.com"
},
"results": [
{
"id": "LEAK-7394",
"address": "123 Corporate Drive, Phoenix, AZ 85001",
"darkweb_metadata_count": 157834291,
"darkweb_metadata_date": "2023-12-10 00:00:00",
"darkweb_metadata_description": "In December 2023, a large-scale data compilation was discovered containing records from multiple corporate data breaches. The compilation included various data points from company directories and internal systems.",
"darkweb_metadata_leaked_data": "Email addresses, Passwords, Physical addresses, Names",
"darkweb_metadata_name": "CorporateDataDump_2023",
"database_name": "BreachCompilation",
"date_added": "2024-02-15 14:22:31",
"domain": "acme.com",
"email": "john.smith@acme.com",
"hash_type": "bcrypt",
"hashed_password": "$2a$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewvfbrgSP3nXnm3m",
"ipaddress": "192.168.1.100",
"name": "John Smith",
"password": "rocket2023",
"phone": "+1-555-0123-4567",
"username": "jsmith",
"vin": "1HGCM82633A123456"
},
{
"id": "LEAK-7395",
"address": "123 Corporate Drive, Phoenix, AZ 85001",
"darkweb_metadata_count": 234567890,
"darkweb_metadata_date": "2023-03-15 00:00:00",
"darkweb_metadata_description": "In March 2023, a compilation of email and password combinations appeared in a dataset known as 'DataVault'. The collection contained approximately 235 million unique email addresses along with associated passwords from various online platforms. This dataset was subsequently used in credential stuffing attacks targeting multiple services.",
"darkweb_metadata_leaked_data": "Email addresses, Passwords, Usernames, Phone numbers, IP addresses",
"darkweb_metadata_name": "DataVault_2023_Q1",
"database_name": "DataVault",
"date_added": "2024-01-12 08:15:43",
"domain": "acme.com",
"email": "john.smith@acme.com",
"hash_type": "SHA512",
"hashed_password": "c02d8a4ee64c5a80a959e7c411ed198649b018ca51d85cfc86579dce2c81c5c88f88185d8751aa1abd88d95d0455dc25ebd59a8",
"ipaddress": "10.0.0.15",
"name": "John Smith",
"password": "rocket2023",
"phone": "+1-555-0123-4567",
"username": "john.smith",
"vin": "1HGCM82633A123456"
},
{
"id": "LEAK-7396",
"address": "789 Business Park, Phoenix, AZ 85001",
"darkweb_metadata_count": 98765432,
"darkweb_metadata_date": "2023-06-15 00:00:00",
"darkweb_metadata_description": "In June 2023, a major professional networking platform experienced a data breach affecting approximately 99 million users. The exposed data included email addresses and hashed passwords. The breach was discovered when the data appeared for sale on various underground forums.",
"darkweb_metadata_leaked_data": "Email addresses, Passwords, Professional profiles, Connection data, Employment history",
"darkweb_metadata_name": "ProfessionalNetwork_June2023",
"database_name": "ProfNetwork",
"date_added": "2024-01-10 16:33:21",
"domain": "acme.com",
"email": "john.smith@acme.com",
"hash_type": "SHA256",
"hashed_password": "a8b64babd0aca91a59bdbb7761b421d4f2bb38280d3a75ba0f21f2bebc45583d",
"ipaddress": "172.16.0.100",
"name": "John Smith",
"password": "",
"phone": "+1-555-0123-4567",
"username": "johnsmith_acme",
"vin": "1HGCM82633A123456"
},
{
"id": "LEAK-7397",
"address": "123 Corporate Drive, Phoenix, AZ 85001",
"darkweb_metadata_count": 345678901,
"darkweb_metadata_date": "2023-09-20 00:00:00",
"darkweb_metadata_description": "In September 2023, multiple data aggregation files labeled 'GlobalLeaks' were discovered being distributed across various hacking forums. The complete archive contained over 345 million unique records including email addresses and associated passwords from previously compromised services.",
"darkweb_metadata_leaked_data": "Email addresses, Passwords, Physical addresses, Phone numbers, Vehicle information",
"darkweb_metadata_name": "GlobalLeaks_September2023",
"database_name": "GlobalLeaks",
"date_added": "2024-01-05 11:27:19",
"domain": "acme.com",
"email": "john.smith@acme.com",
"hash_type": "MD5",
"hashed_password": "5f4dcc3b5aa765d61d8327deb882cf99",
"ipaddress": "192.168.1.105",
"name": "John Smith",
"password": "rocket2023",
"phone": "+1-555-0123-4567",
"username": "john.s",
"vin": "1HGCM82633A123456"
}
],
"total_query_results": 4
}
Darkweb Potential Phishing Domains
The Darkweb Potential Phishing Domains API allows you to search for potentially malicious domains that may be used in phishing attacks targeting your organization. The API returns domains that have similar names or patterns to your legitimate domains.
curl "https://fullhunt.io/api/v1/enterprise/darkweb/potential-phishing" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
Example response:
{
"results": {
"items": [
{
"id": "LEAK-123",
"domain_name": "acme-login.com",
"date_added": "2024-03-15 10:30:45",
"last_seen": "2024-03-15 10:30:45",
"type": "DomainName"
}
],
"total": 15,
"page": 1,
"per_page": 10
}
}
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/darkweb/potential-phishing
URL Parameters
| Parameter | Description |
|---|---|
| query | Domain name search string |
| page | Pagination page number |
Darkweb Typosquatting Domains
The Darkweb Typosquatting Domains API helps you detect and monitor potential typosquatting domains that could be used for phishing attacks or brand impersonation. The API returns domains that are similar to your legitimate domains through common typo patterns like character omission, substitution, or transposition.
curl "https://fullhunt.io/api/v1/enterprise/darkweb/typosquatting" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
Example response:
{
"results": {
"items": [
{
"id": "LEAK-123",
"domain_name": "acmecorp.com",
"date_added": "2024-03-15",
"last_seen": "2024-03-15",
"type": "TypoSquatting"
}
],
"total": 23,
"page": 1,
"per_page": 10
}
}
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/darkweb/typosquatting
URL Parameters
| Parameter | Description |
|---|---|
| query | Domain name search string |
| page | Pagination page number |
Darkweb Discovered Emails
The Darkweb Discovered Emails API helps you monitor and detect email addresses associated with your organization that have been exposed on the dark web. This includes emails found in data breaches, dark web forums, paste sites, and other underground sources. The API returns discovered email addresses along with metadata about when and where they were found.
curl "https://fullhunt.io/api/v1/enterprise/darkweb/discovered-emails" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
Example response:
{
"results": {
"items": [
{
"id": "LEAK-123",
"email": "john.smith@acme.com",
"domain": "acme.com",
"date_added": "2024-03-15",
"breaches": ["DataVault_2023_Q1"]
]
}
],
"total": 42,
"page": 1,
"per_page": 10
}
}
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/darkweb/discovered-emails
URL Parameters
| Parameter | Description |
|---|---|
| query | Email or domain search string |
| page | Pagination page number |
Certificates API
List all certificates discovered across your organization's assets.
curl "https://fullhunt.io/api/v1/enterprise/certificates?q=kaspersky" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"status": 200,
"total_results": 42,
"page": 1,
"results": {
"items": [
{
"id": "CERT-5231",
"domain_name": "cloud.kaspersky.com",
"date_added": "2024-03-15T14:22:31Z",
"last_seen": "2024-03-15T14:22:31Z",
"type": "Certificate"
}
],
"total": 42,
"page": 1,
"per_page": 10,
"pages": 5
}
}
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/certificates
URL Parameters
| Parameter | Description |
|---|---|
| q | Search query to filter certificates by domain name, date, or certificate type |
| page | Pagination page number (default: 1) |
On-Demand Scans API
The On-Demand Scans API submits scan requests.
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/on-demand-scans
URL Parameters
| Parameter | Description |
|---|---|
| target | The target to scan. |
curl "https://fullhunt.io/api/v1/enterprise/on-demand-scans?target=kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"message": "On-demand scan request has been successfully sent to the queue for processing.",
"status": 200
}
Suggested Domains API
You can use Suggested Domains API fetch suggested domains of an organization.
Rate limiting: requests are limited to 60 requests per minute.
HTTP Request
GET https://fullhunt.io/api/v1/enterprise/suggested-domains
curl "https://fullhunt.io/api/v1/enterprise/suggested-domains" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"results": [
{
"discovery_data": "2024-05-12 18:02:09",
"identification_method": "correlation",
"suggested_domain": "google.org"
}
],
"total_query_results": 1
}
Nexus APIs
FullHunt Nexus APIs are research data provided by FullHunt Threat Intelligence.
This API is part of the Data Intelligence API Credits.
Rate limiting: requests are limited to 60 requests per minute.
Note: The results are limited to 100 results per query for community accounts. Enterprise accounts gain full access to Data Intelligence API.
curl "https://fullhunt.io/api/v1/nexus/tor/check-ip?ip=100.8.8.137" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"count": 1,
"data": {
"first_seen": "26-09-2023",
"ip_address": "100.8.8.137"
},
"error": "",
"status": 200
}
Tor IP Lookup
This API queries the FullHunt database to check if a specific IP was identified as a Tor exit node at a given time. FullHunt actively monitors and indexes Tor IPs.
HTTP Request
GET https://fullhunt.io/api/v1/nexus/tor/check-ip
URL Parameters
| Parameter | Description |
|---|---|
| ip | The IP address. |
curl "https://fullhunt.io/api/v1/nexus/tor/check-ip?ip=100.8.8.137" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"count": 1,
"data": {
"first_seen": "26-09-2023",
"ip_address": "100.8.8.137"
},
"error": "",
"status": 200
}
Cloud TLS Certificates - DNS Search
An API to query the database for DNS-related cloud certificate information. This is part of FullHunt's Internet scans.
HTTP Request
GET https://fullhunt.io/api/v1/nexus/cloud-certs/dns-search
URL Parameters
| Parameter | Description |
|---|---|
| query | A query to discover cloud assets with specific DNS names. |
curl "https://fullhunt.io/api/v1/nexus/cloud-certs/dns-search?query=kaspersky" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"count": 4,
"data": [
{
"dns": ["kaspersky-test.mygiftcard.it", "carrefour-test.mygiftcard.it"],
"host": "34.107.159.9",
"port": "443"
},
{
"dns": ["kaspersky.com", "www.kaspersky.com"],
"host": "15.220.184.189",
"port": "443"
},
{
"dns": ["kaspersky.com", "www.kaspersky.com"],
"host": "3.122.200.240",
"port": "443"
},
{
"dns": ["kasperskylabs.jp"],
"host": "35.76.8.33",
"port": "443"
}
],
"error": "",
"status": 200
}
Passive DNS Data - Domain Lookup
Retrieves historical passive DNS data for a specified domain from FullHunt's internal passive DNS database.
HTTP Request
GET https://fullhunt.io/api/v1/nexus/passive-dns/lookup
URL Parameters
| Parameter | Description |
|---|---|
| domain | Search hosts associated with a domain name on the FullHunt passive DNS database. |
curl "https://fullhunt.io/api/v1/nexus/passive-dns/lookup?domain=kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"count": 7686,
"data": [
"activate.activation-v2.kaspersky.com",
"activation-v2.geo.kaspersky.com",
"activation-v2.kaspersky.com",
"aes.geo.kaspersky.com",
"americas.activation-v2.kaspersky.com",
"americas.activate.activation-v2.kaspersky.com",
"americas.refresh-bkg.activation-v2.kaspersky.com",
"ksn-pixel.geoksn.kaspersky.com"
# ... rest of items ...
],
"error": "",
"status": 200
}
Domains Collection - Company lookup by domain name.
Query the domain collection database for information related to a specific domain.
HTTP Request
GET https://fullhunt.io/api/v1/nexus/domain-collection/lookup
URL Parameters
| Parameter | Description |
|---|---|
| domain | The domain name. |
curl "https://fullhunt.io//api/v1/nexus/domain-collection/lookup?domain=kaspersky.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"count": 1,
"data": {
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
"domain": "kaspersky.com",
"facebook_urls": ["https://www.facebook.com/Kaspersky"],
"favicon_url": "https://kaspersky.com/favicon.ico",
"github_urls": [],
"images_list": [],
"instagram_urls": ["https://instagram.com/kasperskylab"],
"linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
"meta_logo_url": "",
"other_urls": [
"https://www.kaspersky.co.kr/",
"https://kaspersky.com/enterprise-security",
"https://kaspersky.com#main",
"https://www.kaspersky.cz/",
"https://kaspersky.com/anti-corruption-policy",
"https://www.kaspersky.es/?ignoreredirects=true",
"https://www.kaspersky.com/?ignoreredirects=true",
"https://www.kaspersky.it/?ignoreredirects=true",
"https://kaspersky.com/blog/",
"https://www.kaspersky.com.au/?ignoreredirects=true",
"https://www.kaspersky.ru/?ignoreredirects=true",
"https://kaspersky.com/small-business-security",
"https://usa.kaspersky.com/?ignoreredirects=true",
"https://kaspersky.com/about/careers",
"https://kaspersky.com/resource-center",
"https://kaspersky.com/enterprise-security/endpoint",
"https://www.kaspersky.com/web-privacy-policy/ccpa#optout",
"https://www.kaspersky.ca/fr?ignoreredirects=true",
"https://kaspersky.com/enterprise-security/cybersecurity-services",
"https://www.kaspersky.fi/?ignoreredirects=true",
"https://www.kaspersky.pt/?ignoreredirects=true",
"https://support.kaspersky.com/us/consumer/faq_sales_nexway",
"https://www.kaspersky.co.in/?ignoreredirects=true",
"https://kaspersky.com/home-security",
"https://www.kaspersky.co.za/?ignoreredirects=true",
"https://www.kaspersky.gr/",
"https://www.kaspersky.bg/",
"https://shop.usa.kaspersky.com/checkout/add",
"https://www.kaspersky.ca/?ignoreredirects=true",
"https://me-en.kaspersky.com/?ignoreredirects=true",
"https://kaspersky.com/plus",
"https://kaspersky.com/enterprise-security/cloud-security",
"https://kaspersky.dz",
"https://www.kaspersky.de/?ignoreredirects=true",
"https://www.kaspersky.co.uk/?ignoreredirects=true",
"https://www.kaspersky.com.br/?ignoreredirects=true",
"https://www.kaspersky.fr/?ignoreredirects=true",
"https://www.kaspersky.ro/",
"https://kaspersky.com/standard",
"https://kaspersky.com/renewal-center/home",
"https://community.kaspersky.com/",
"https://www.kaspersky.be/?ignoreredirects=true",
"https://www.tomorrowunlocked.com/",
"https://www.kaspersky.ua/",
"https://kaspersky.com/business/eula",
"https://kaspersky.com/about/press-releases",
"https://www.kaspersky.nl/?ignoreredirects=true",
"https://usa.kaspersky.com/about",
"https://www.kaspersky.com/web-privacy-policy",
"https://securelist.com/",
"https://latam.kaspersky.com/?ignoreredirects=true",
"https://kaspersky.com/small-to-medium-business-security/cloud",
"https://www.kaspersky.co.jp/",
"https://www.kaspersky.rs/",
"https://www.kaspersky.com.tr/?ignoreredirects=true",
"https://www.kaspersky.dk/?ignoreredirects=true",
"https://kaspersky.com/partners",
"https://kaspersky.com/sitemap",
"https://kaspersky.com/",
"https://kaspersky.com/small-business-security/small-office-security",
"https://www.kaspersky.com.hk/",
"https://kaspersky.com/small-to-medium-business-security/endpoint-advanced",
"https://www.kaspersky.ma/",
"https://usa.kaspersky.com/blog/",
"https://kaspersky.com/premium",
"https://kaspersky.com/small-to-medium-business-security",
"https://www.kaspersky.com.pl/",
"https://www.kaspersky.com.tw/",
"https://afrique.kaspersky.com/",
"https://kaspersky.com/about",
"https://www.kaspersky.se/?ignoreredirects=true",
"https://www.kaspersky.co.th/",
"https://www.kaspersky.no/?ignoreredirects=true",
"https://my.kaspersky.com/",
"https://www.kaspersky.hu/",
"https://www.kaspersky.com.vn/",
"https://kaspersky.com/end-user-license-agreement",
"https://kaspersky.com/small-to-medium-business-security/endpoint-select",
"https://me.kaspersky.com/?ignoreredirects=true",
"https://kaspersky.com/pricing",
"https://kaspersky.com/about/transparency",
"https://kaspersky.com/about/contact",
"https://www.kaspersky.com.cn/?ignoreredirects=true"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/kaspersky"],
"youtube_urls": ["https://youtube.com/Kaspersky"]
},
"error": "",
"status": 200
}
Domains Collection - Company lookup by name.
Searches the domain collection database for information related to a specific company.
curl "https://fullhunt.io/api/v1/nexus/domain-collection/company-lookup?query=kaspersky" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
The above command returns JSON structured like this:
{
"count": 6,
"data": [
{
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "Najczęściej nagradzana. Najczęściej testowana. Ochrona antywirusowa i Internet Security dla domu i biznesu od Kaspersky",
"domain": "kaspersky.com.pl",
"facebook_urls": ["https://facebook.com/KasperskyPolska"],
"favicon_url": "https://kaspersky.com.pl/favicon.ico",
"github_urls": [],
"images_list": ["https://www.kaspersky.com.pl/images/image_logo.jpg"],
"instagram_urls": ["https://instagram.com/KasperskyPolska"],
"linkedin_urls": ["https://www.linkedin.com/company/kaspersky-polska"],
"meta_logo_url": "",
"other_urls": [
"https://kaspersky.com.pl/safe-kids",
"https://kaspersky.com.pl/ochrona-dla-sredniego-biznesu"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Kaspersky - oficjalna strona - najlepszy antywirus, internet security | sklep",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/KasperskyPolska"],
"youtube_urls": [
"https://www.youtube.com/embed/KurkIrV9hVo?autoplay=1",
"https://www.youtube.com/KasperskyLabPL"
]
},
{
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "Leader mondial des solutions et services de cybersécurité, Kaspersky offre une protection premium contre les cybermenaces pour votre domicile ou votre entreprise.",
"domain": "kaspersky.fr",
"facebook_urls": ["https://www.facebook.com/kasperskylabfrance"],
"favicon_url": "https://kaspersky.fr/favicon.ico",
"github_urls": [],
"images_list": [],
"instagram_urls": ["https://instagram.com/kasperskylabfrance"],
"linkedin_urls": ["https://linkedin.com/company/kaspersky-lab-france"],
"meta_logo_url": "",
"other_urls": [
"https://www.kaspersky.co.kr/",
"https://kaspersky.fr/enterprise-security/endpoint"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Solutions de cybersécurité pour particuliers et entreprises | Kaspersky",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/kasperskyfrance"],
"youtube_urls": ["https://youtube.com/KasperskyFrance"]
},
{
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
"domain": "kaspersky.co.uk",
"facebook_urls": ["https://www.facebook.com/Kaspersky"],
"favicon_url": "https://kaspersky.co.uk/favicon.ico",
"github_urls": [],
"images_list": [],
"instagram_urls": ["https://instagram.com/kasperskylab"],
"linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
"meta_logo_url": "",
"other_urls": [
"https://kaspersky.co.uk/about/press-releases",
"https://www.kaspersky.ca/?ignoreredirects=true"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/kaspersky"],
"youtube_urls": ["https://youtube.com/Kaspersky"]
},
{
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
"domain": "kaspersky.com",
"facebook_urls": ["https://www.facebook.com/Kaspersky"],
"favicon_url": "https://kaspersky.com/favicon.ico",
"github_urls": [],
"images_list": [],
"instagram_urls": ["https://instagram.com/kasperskylab"],
"linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
"meta_logo_url": "",
"other_urls": [
"https://www.kaspersky.co.kr/",
"https://kaspersky.com/enterprise-security"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/kaspersky"],
"youtube_urls": ["https://youtube.com/Kaspersky"]
},
{
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
"domain": "kaspersky.co.in",
"facebook_urls": ["https://www.facebook.com/Kaspersky"],
"favicon_url": "https://kaspersky.co.in/favicon.ico",
"github_urls": [],
"images_list": [],
"instagram_urls": ["https://instagram.com/kasperskylab"],
"linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
"meta_logo_url": "",
"other_urls": [
"https://www.kaspersky.co.kr/",
"https://kaspersky.co.in/partners"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/kaspersky"],
"youtube_urls": ["https://youtube.com/Kaspersky"]
},
{
"company_name": "Kaspersky",
"copyright": "",
"crunchbase_urls": [],
"description": "Come leader globale di soluzioni e servizi di cybersicurezza di ultima generazione, Kaspersky offre una protezione di livello premium da tutte le minacce informatiche per ambienti domestici e aziendali.",
"domain": "kaspersky.it",
"facebook_urls": ["https://www.facebook.com/kasperskylabitalia"],
"favicon_url": "https://kaspersky.it/favicon.ico",
"github_urls": [],
"images_list": [],
"instagram_urls": ["https://instagram.com/kasperskylabitalia"],
"linkedin_urls": [],
"meta_logo_url": "",
"other_urls": [
"https://www.kaspersky.co.kr/",
"https://www.kaspersky.cz/"
],
"pinterest_urls": [],
"reddit_urls": [],
"snapchat_urls": [],
"title": "Soluzioni di cybersicurezza Kaspersky per le aziende e gli utenti privati | Kaspersky",
"tumblr_urls": [],
"twitter_urls": ["https://twitter.com/KasperskyLabIT"],
"youtube_urls": ["https://youtube.com/Kaspersky"]
}
],
"error": "",
"status": 200
}
URL Parameters
| Parameter | Description |
|---|---|
| query | The Searched ip or host. |
HTTP Request
GET https://fullhunt.io/api/v1/nexus/domain-collection/company-lookup
URL Parameters
| Parameter | Description |
|---|---|
| query | The searched company. |
IP Lookup API
FullHunt IP Lookup API allows security professionals to query the FullHunt database for IP address details.
Rate limiting: requests are limited to 60 requests per minute.
curl "https://fullhunt.io/api/v1/nexus/ip-lookup?query=google.com" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
{
"other_ips": ["2a00:1450:4019:80e::200e"],
"query": "google.com",
"resolved_query": "172.217.19.206",
"resolvable": true,
"result": {
"asn": 15169,
"cdn_provider": "",
"cdn_region": "",
"city_name": "",
"cloud_provider": "GCP",
"cloud_region": "global",
"country_code": "US",
"country_name": "United States",
"error": "",
"hosts_count": 0,
"ip_address": "172.217.19.206",
"ip_decimal": "2899907534",
"is_cdn": false,
"is_cloud": true,
"is_cloudflare": false,
"is_ipv4": true,
"is_ipv6": false,
"is_private": false,
"is_public": true,
"isp": "GOOGLE",
"location_latitude": 37.751,
"location_longitude": -97.822,
"organization": "GOOGLE",
"postal_code": "",
"ptr": ["ams16s31-in-f14.1e100.net.", "fjr04s13-in-f14.1e100.net."],
"region": ""
}
}
URL Parameters
| Parameter | Description |
|---|---|
| query | The search query. |
HTTP Request
GET https://fullhunt.io/api/v1/nexus/ip-lookup
OEM APIs
FullHunt OEM APIs provide FullHunt Intelligence capabilities with enterprise and auditing features. These APIs are designed for partners integrating FullHunt's dark web intelligence into their platforms.
Features
- Audit Logging.
- OEM Billing.
Darkweb Search
Search dark web sources to detect compromised employee credentials, and sensitive data breaches.
curl "https://fullhunt.io/api/v1/oem/darkweb/search" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
-d '{
"type": "domain",
"query": "acme.com",
"query_tags": {"client_name": "ACMECorp", "workspace": "production"}
}'
The above command returns JSON structured like this:
{
"response": [
{
"email": "cfo@acme.com",
"ip_address": "10.0.42.50",
"username": "sarah.williams",
"password": "AcmeFinance2024!",
"hashed_password": "$2a$12$xK3dC8VpqHX8Kl/9J7tGh.zK9x2N5VL8jKy3Z9XgK8Q9L2Q5tNm3a",
"hash_type": "bcrypt",
"name": "Sarah Williams",
"vin": "5UXWX7C5*BA",
"address": "888 Executive Suite, Phoenix, AZ 85012",
"phone": "+1-602-555-0177",
"database_name": "FinanceTeam_Breach_2024",
"source": "darkweb_marketplace_alpha",
"hostname": "ACME-FIN-LAPTOP-042",
"mac_addresses": "00:1B:44:11:3A:B8",
"bin": "377601******8431",
"salt": "kJ8#mP2$"
},
{
"email": "admin@dev.acme.com",
"ip_address": "192.168.10.100",
"username": "devops_admin",
"password": "Kub3rn3tes2024#",
"hashed_password": "$2a$12$9K4eD8VpqHX8Kl/9J7tGh.zK9x2N5VL8jKy3Z9XgK8Q9L2Q5tNm3b",
"hash_type": "bcrypt",
"name": "Michael Chen",
"vin": null,
"address": "742 Technology Drive, Phoenix, AZ 85007",
"phone": "+1-602-555-0133",
"database_name": "DevOps_Credentials_Leak",
"source": "paste_site_delta",
"hostname": "ACME-K8S-ADMIN-01",
"mac_addresses": "00:1A:2B:3C:4D:5E",
"bins": null,
"salt": "Xp9#qR5$"
},
{
"email": "api@payments.acme.com",
"ip_address": "10.0.30.15",
"username": "payment_service",
"password": "ApiGw@Payment2024",
"hashed_password": "$2a$12$7L2dC8VpqHX8Kl/9J7tGh.zK9x2N5VL8jKy3Z9XgK8Q9L2Q5tNm3c",
"hash_type": "bcrypt",
"name": "Payment Processing Service",
"vin": null,
"address": "100 Server Room B, Phoenix, AZ 85004",
"phone": null,
"database_name": "Production_API_Secrets",
"source": "private_telegram_channel",
"hostname": "ACME-PAYMENT-PROD-15",
"mac_addresses": "00:1D:60:84:12:33",
"bins": "401288******1234",
"salt": "mN7#kL9$"
}
]
}
HTTP Request
POST https://fullhunt.io/api/v1/oem/darkweb/search
Request Body
| Parameter | Required | Description | Allowed Values |
|---|---|---|---|
| type | Yes | Type of search to perform | Supported query type |
| query | Yes | Value to search for | Valid value matching the search type |
| query_tags | No | Key-value pairs for client-specific tracking (e.g. {"client_id": "123"}) | Any valid JSON object |
Supported Query Types
- Username
username - Name
name - Email
email - Hostname
hostname - Mac Address
mac_address - IP Address
ip_address - Org Alias
org_alias - BIN
bin - CVE
cve - Domain
domain - Password
password - Hashed Password
hashed_password - VIN
vin - Address
address - Phone Number
phone
Attack Surface Search
Search for attack surface data related to a domain, including subdomains, technologies, and more.
curl -X POST "https://fullhunt.io/api/v1/oem/attack-surface/search" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
-H "Content-Type: application/json" \
-d '{
"type": "domain",
"query": "acme.com",
"query_tags": {"client_name": "ACMECorp", "workspace": "production"}
}'
The above command returns JSON structured like this:
{
"response": {
"domain": "acme.com",
"hosts": [
{
"categories": ["Web-Servers"],
"cdn": "",
"cert_object": {
"dns_names": ["*.acme.com", "acme.com"],
"issuer_common_name": "DigiCert TLS RSA SHA256 2020 CA1",
"issuer_country": "US",
"issuer_organization": "DigiCert Inc",
"not_after": "04-05-2024 23:59:59",
"not_before": "05-05-2023 00:00:00",
"signature_algorithm": "SHA256-RSA",
"subject_common_name": "*.acme.com",
"subject_country": "US",
"subject_organization": "Acme Corporation"
},
"dns": {
"a": ["192.0.2.1"],
"aaaa": null,
"cname": [],
"mx": ["mail.acme.com"],
"ns": ["ns1.acme.com", "ns2.acme.com"],
"txt": ["v=spf1 include:_spf.acme.com ~all"]
},
"domain": "acme.com",
"host": "www.acme.com",
"http_status_code": 200,
"http_title": "Acme Corporation - Home",
"ip_address": "192.0.2.1",
"is_live": true,
"is_resolvable": true,
"products": ["Nginx", "React"],
"tags": ["https", "web-servers", "nginx"],
"technologies": [
{
"categories": ["Web servers"],
"name": "Nginx"
},
{
"categories": ["JavaScript frameworks"],
"name": "React"
}
]
}
],
"metadata": {
"all_results_count": 25,
"available_results_for_user": 25,
"timestamp": 1683721587,
"domain": "acme.com"
}
}
}
HTTP Request
POST https://fullhunt.io/api/v1/oem/attack-surface/search
Request Body Parameters
| Parameter | Type | Description |
|---|---|---|
| type | string | Required. Type of search to perform. Currently only supports "domain" |
| query | string | Required. The domain to search for |
| query_tags | object | Optional. Key-value pairs for tracking and organizing searches |
Organizations Search
Search for organization information using domain names or organization names.
curl -X POST "https://fullhunt.io/api/v1/oem/organizations/search" \
-H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
-H "Content-Type: application/json" \
-d '{
"type": "organization",
"query": "uber",
"query_tags": {"client_name": "ACMECorp", "workspace": "production"}
}'
The above command returns JSON structured like this:
{
"response": [
{
"company_name": "Uber Technologies, Inc.",
"other_names": ["Uber"],
"domain": "uber.com",
"description": "Uber is a technology company that offers ride-hailing services, food delivery, and other transportation services.",
"market": "Transportation, Mobility, Technology",
"estimated_employee_count": "29,300",
"headquarters_location": {
"city": "San Francisco",
"state": "California",
"country": "United States"
},
"year_founded": "2009",
"leadership_key_executives": [
{ "name": "Dara Khosrowshahi", "title": "Chief Executive Officer" },
{ "name": "Nelson Chai", "title": "Chief Financial Officer" }
],
"stock_info": { "stock_symbol": "UBER", "exchange": "NYSE" },
"social_media_presence": {
"linkedin": "https://www.linkedin.com/company/uber-com/",
"twitter": "https://twitter.com/Uber",
"facebook": "https://www.facebook.com/uber",
"instagram": "https://www.instagram.com/uber/"
},
"notable_breaches_security_incidents": [
{
"date": "21-11-2017",
"description": "Uber revealed a data breach that exposed personal data of 57 million customers and drivers.",
"impact": "The breach exposed names, email addresses, phone numbers, and driver's license numbers.",
"source": "https://www.nytimes.com/2017/11/21/technology/uber-hack.html"
}
],
"public_code_organization": {
"name": "uber",
"platform": "GitHub",
"url": "https://github.com/uber"
},
"subsidiaries": [
{
"name": "Uber Eats",
"domain": "ubereats.com",
"description": "Uber Eats is Uber's food delivery platform that allows customers to order food from local restaurants.",
"other_domains": []
},
{
"name": "Uber Freight",
"domain": "uberfreight.com",
"description": "Uber Freight is Uber's logistics platform that connects carriers with shippers.",
"other_domains": []
}
],
"other_domains": ["uber.com", "ubereats.com", "uberfreight.com"]
}
]
}
HTTP Request
POST https://fullhunt.io/api/v1/oem/organizations/search
Request Body Parameters
| Parameter | Type | Description |
|---|---|---|
| type | string | Required. Type of search to perform. Valid values: "domain", "organization" |
| query | string | Required. The domain or organization name to search for |
| query_tags | object | Optional. Key-value pairs for tracking and organizing searches |
Rate Limiting
Rate limiting is applied based on the following factors:
- Users Credits
- API requests rate
Errors
The FullHunt API uses the following error codes:
| Error Code | Meaning |
|---|---|
| 400 | Bad Request -- Your request is invalid. |
| 401 | Unauthorized -- Your API key is wrong. |
| 403 | Forbidden -- The requested resource is forbidden. |
| 404 | Not Found -- The requested resource could not be found. |
| 429 | Too Many Requests -- You are sending too many requests. |