NAV
shell

Introduction

Welcome to the FullHunt API documentation. FullHunt holds one of the largest databases for external attack surfaces of the entire Internet. You can use the FullHunt API to access attack surface data.

FullHunt API can be accessed from two hosts:

Getting Started

  1. Get API key from FullHunt.io profile settings
  2. Verify authentication

Authentication

To authenticate:

# With shell, you can just pass the correct header with each request
curl "https://fullhunt.io/api/v1/auth/status" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
{
  "message": "",
  "status": 200,
  "user": {
    "company": "ACME",
    "email": "john.smith@acme.com",
    "first_name": "John",
    "last_name": "Smith",
    "plan": "enterprise"
  },
  "user_credits": {
    "credits_usage": 1,
    "max_results_per_request": 300000,
    "remaining_credits": 2999,
    "total_credits_per_month": 3000
  }
}

Make sure to replace xxxx-xxxx-xxxx-xxxxxx with your API key.

FullHunt uses API Key-based authentication to allow access to the API. You can sign up for a new FullHunt account to have an API key and will find it on your profile settings.

Domain APIs

Get Domain Details

Get domain details, subdomains, associated hosts, DNS records, exposed ports, and more.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/domain/kaspersky.com/details" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "domain": "kaspersky.com",
  "hosts": [
    {
      "categories": ["Web-Servers"],
      "cdn": "",
      "cert_object": {
        "dns_names": ["*.cloud.kaspersky.com"],
        "email_addresses": null,
        "ip_addresses": [],
        "is_valid_hostname": true,
        "issuer_common_name": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
        "issuer_country": "US",
        "issuer_organization": "DigiCert Inc",
        "issuer_serial_number": "",
        "issuer_string": "CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US",
        "md5_fingerprint": "6A:FC:AF:EE:A1:56:E9:E5:8F:F1:8C:BD:69:2C:BF:F3",
        "not_after": "06-03-2025 23:59:59",
        "not_before": "07-03-2024 00:00:00",
        "remote_ip_address": "101.46.138.76:8000",
        "sha1_fingerprint": "AE:1B:E5:88:42:78:C8:D4:4C:66:08:36:53:2F:63:69:A0:2B:4F:2A",
        "sha256_fingerprint": "E0:3F:C7:5B:1B:FD:24:5E:8D:02:46:5E:9A:E3:ED:B4:C6:E8:26:39:16:07:0A:69:D6:52:D6:69:95:96:B8:B4",
        "signature_algorithm": "SHA256-RSA",
        "subject_common_name": "*.cloud.kaspersky.com",
        "subject_country": "CH",
        "subject_locality": "Zürich",
        "subject_organization": "Kaspersky Lab Switzerland GmbH",
        "subject_province": ""
      },
      "cloud": {
        "provider": "",
        "region": ""
      },
      "dns": {
        "a": ["101.46.138.76"],
        "aaaa": null,
        "cname": [],
        "mx": null,
        "ns": [],
        "ptr": ["ecs-101-46-138-76.compute.hwclouds-dns.eu."],
        "txt": null
      },
      "domain": "kaspersky.com",
      "has_ipv6": false,
      "has_private_ip": false,
      "host": "s331.cloud.kaspersky.com",
      "http_status_code": null,
      "http_title": "Kaspersky Endpoint Security Cloud",
      "ip_address": "101.46.138.76",
      "ip_metadata": {
        "asn": 136907,
        "city_name": "",
        "country_code": "SG",
        "country_name": "Singapore",
        "isp": "HUAWEI CLOUDS",
        "location_latitude": 1.3673,
        "location_longitude": 103.8014,
        "organization": "HUAWEI CLOUDS",
        "postal_code": "",
        "region": ""
      },
      "is_cdn": false,
      "is_cloud": false,
      "is_cloudflare": false,
      "is_live": true,
      "is_resolvable": true,
      "network_ports": [8000, 8080, 8081, 9443],
      "products": ["Microsoft-Kestrel", "Apache"],
      "tags": ["https", "microsoft-kestrel", "web-servers", "apache"],
      "tld": "com",
      "urls": null
    }
  ],
  "status": 200,
  "message": "",
  "metadata": {
    "all_results_count": 349,
    "available_results_for_user": 300,
    "domain": "kaspersky.com",
    "last_scanned": 1626577921,
    "max_results_for_user": 300,
    "timestamp": 1634004417,
    "user_plan": "advanced"
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/domain/<domain>/details

URL Parameters

Parameter Description
domain The searched domain.

Get Subdomains of a domain

List all discovered subdomains/hosts for a given domain.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/domain/kaspersky.com/subdomains" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "domain": "kaspersky.com",
  "hosts": ["kaspersky.com", "www.kaspersky.com", "xxx.kaspersky.com"],
  "status": 200,
  "message": "",
  "metadata": {
    "all_results_count": 349,
    "available_results_for_user": 300,
    "domain": "kaspersky.com",
    "last_scanned": 1626577921,
    "max_results_for_user": 300,
    "timestamp": 1634004387,
    "user_plan": "advanced"
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/domain/<domain>/subdomains

URL Parameters

Parameter Description
domain The searched domain.

Get details of a specific host

This endpoint retrieves details for a given host.

curl "https://fullhunt.io/api/v1/host/fthub.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "categories": ["Email-Servers", "SSH-Server", "Web-Servers"],
  "cdn": "",
  "cert_object": {
    "dns_names": ["ics-cert.kaspersky.com", "fthub.kaspersky.com"],
    "email_addresses": null,
    "ip_addresses": [],
    "is_valid_hostname": true,
    "issuer_common_name": "GlobalSign RSA OV SSL CA 2018",
    "issuer_country": "BE",
    "issuer_organization": "GlobalSign nv-sa",
    "issuer_serial_number": "",
    "issuer_string": "CN=GlobalSign RSA OV SSL CA 2018,O=GlobalSign nv-sa,C=BE",
    "md5_fingerprint": "3B:0C:31:87:74:FF:57:E6:71:8F:C9:C3:9E:FE:41:96",
    "not_after": "24-11-2025 07:41:13",
    "not_before": "23-10-2024 15:02:02",
    "remote_ip_address": "185.105.225.103:443",
    "sha1_fingerprint": "69:D3:44:D6:A3:34:8C:0D:2D:1F:23:55:C7:8A:71:35:F6:F7:6A:17",
    "sha256_fingerprint": "74:D1:CF:DF:EF:D7:42:74:AF:1E:F3:BB:C5:49:9B:3D:9F:05:88:15:60:5E:25:A0:D1:76:B6:B8:18:0F:CA:E4",
    "signature_algorithm": "SHA256-RSA",
    "subject_common_name": "ics-cert.kaspersky.com",
    "subject_country": "CH",
    "subject_locality": "Zürich",
    "subject_organization": "Kaspersky Lab Switzerland GmbH",
    "subject_province": "Zürich"
  },
  "cloud": {
    "provider": "",
    "region": ""
  },
  "dns": {
    "a": ["185.105.225.103"],
    "aaaa": null,
    "cname": [],
    "mx": null,
    "ns": [],
    "ptr": ["fthub.kaspersky.com."],
    "txt": null
  },
  "domain": "kaspersky.com",
  "has_ipv6": false,
  "has_private_ip": false,
  "host": "fthub.kaspersky.com",
  "http_status_code": null,
  "http_title": "301 Moved Permanently",
  "ip_address": "185.105.225.103",
  "ip_metadata": {
    "asn": 200487,
    "city_name": "St Petersburg",
    "country_code": "RU",
    "country_name": "Russia",
    "isp": "OOO VPS",
    "location_latitude": 59.8983,
    "location_longitude": 30.2618,
    "organization": "OOO VPS",
    "postal_code": "190000",
    "region": "St.-Petersburg"
  },
  "is_cdn": false,
  "is_cloud": false,
  "is_cloudflare": false,
  "is_live": true,
  "is_resolvable": true,
  "network_ports": [110, 143, 22, 443, 7777, 80, 8888, 993, 995],
  "products": ["Dovecot", "dovecot", "openssh", "nginx"],
  "tags": [
    "imap",
    "dovecot",
    "email-servers",
    "ssh",
    "openssh",
    "ssh-server",
    "https",
    "nginx",
    "web-servers",
    "http"
  ],
  "tld": "com",
  "urls": null

HTTP Request

GET https://fullhunt.io/api/v1/host/<host>

URL Parameters

Parameter Description
host The searched host.

Global Search APIs

Global Search APIs allows security professionals to run advanced search across the FullHunt Database with a wide range of filters.

For example, you can search for all Cisco products within a nation, a high-signal CVE on a country, or all exposed MongoDB assets for a specific organization.

Rate limiting: requests are limited to 60 requests per minute.

Note: This API is available for enterprise users only.

curl "https://fullhunt.io/api/v1/global/search" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
  -d '{"country": "GB", "product": "Citrix-NetScaler"}'

The above command returns JSON structured like this:

{
  "query": {
    "country_code": "GB",
    "products": "Citrix-NetScaler"
  },
  "results": [
    {
      "asn": 3738,
      "categories": [],
      "cdn": "",
      "cert_object": {
        "dnsnames": null,
        "emailaddresses": null,
        "ipaddresses": null,
        "issuer_commonname": "",
        "issuer_country": "",
        "issuer_organization": "",
        "issuer_serialnumber": "",
        "issuer_string": "",
        "isvalidhostname": false,
        "md5_fingerprint": "",
        "notafter": "",
        "notbefore": "",
        "remoteipaddress": "",
        "sha1_fingerprint": "",
        "sha256_fingerprint": "",
        "signaturealgorithm": "",
        "subject_commonname": "",
        "subject_country": "",
        "subject_locality": "",
        "subject_organization": "",
        "subject_province": ""
      },
      "city_name": "Poplar",
      "cloud_provider": "",
      "cloud_region": "",
      "country_code": "GB",
      "country_name": "United Kingdom",
      "date_added": "2021-09-22 08:57:20 +0000 UTC",
      "dns_a": ["192.250.98.95"],
      "dns_aaaa": null,
      "dns_cname": [],
      "dns_mx": null,
      "dns_ns": [],
      "dns_ptr": ["access-ci-uk1.statestreet.com."],
      "dns_records_count": 2,
      "dns_txt": null,
      "domain": "statestreet.com",
      "has_ipv6": false,
      "has_private_ip": false,
      "host": "access-ci.statestreet.com",
      "http_favicon": "",
      "http_favicon_blob": "",
      "http_title": "",
      "id": "62d13e76483d7d770151acd0",
      "ip_address": "192.250.98.95",
      "ip_decimal": 3237634655,
      "is_cdn": false,
      "is_cloud": false,
      "is_cloudflare": false,
      "is_live": true,
      "is_resolvable": true,
      "isp": "State Street Bank and Trust Company",
      "last_seen": "2023-03-05 07:07:31.522423199 +0000 UTC",
      "location_latitude": 51.5064,
      "location_longitude": -0.02,
      "network_ports": [443, 80],
      "network_services": [
        {
          "banner": "302 Object Moved\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Length: 413\r\nContent-Type: text/html; charset=utf-8\r\nLocation: /logon/LogonPoint/tmindex.html\r\nPragma: no-cache\r\nSet-Cookie: NSC_DLGE=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_USER=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_CERT=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_TEMP=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_PERS=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_TEMP=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT\r\nSet-Cookie: NSC_PERS=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT\r\nX-Content-Type-Options: nosniff\r\nX-Xss-Protection: 1; mode=block\r\n",
          "certobject": {
            "dnsnames": [
              "access.statestreet.com",
              "access-us.statestreet.com",
              "access-emea.statestreet.com",
              "access-ap.statestreet.com",
              "access-jp.statestreet.com",
              "access-hk.statestreet.com",
              "access-au.statestreet.com",
              "access-in.statestreet.com",
              "access-cn.statestreet.com.cn",
              "access-dr.statestreet.com",
              "access-ci.statestreet.com",
              "access-us1.statestreet.com",
              "access-us2.statestreet.com",
              "access-us3.statestreet.com",
              "access-uk1.statestreet.com",
              "access-uk2.statestreet.com",
              "access-hk1.statestreet.com",
              "access-hk2.statestreet.com",
              "access-jp1.statestreet.com",
              "access-jp2.statestreet.com",
              "access-au1.statestreet.com",
              "access-au2.statestreet.com",
              "access-in1.statestreet.com",
              "access-in2.statestreet.com",
              "access-cn1.statestreet.com.cn",
              "access-cn2.statestreet.com.cn",
              "access-cn3.statestreet.com.cn"
            ],
            "emailaddresses": null,
            "ipaddresses": [],
            "issuer_commonname": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
            "issuer_country": "US",
            "issuer_organization": "DigiCert Inc",
            "issuer_serialnumber": "",
            "issuer_string": "CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US",
            "isvalidhostname": true,
            "md5_fingerprint": "DA:D2:B1:9A:D0:A7:81:9C:83:22:9E:92:43:56:44:FB",
            "notafter": "13-10-2023 23:59:59",
            "notbefore": "12-09-2022 00:00:00",
            "remoteipaddress": "192.250.98.95:443",
            "sha1_fingerprint": "80:91:FB:3F:4C:86:FE:CC:F1:0E:ED:07:3C:3C:05:4E:5A:2A:3A:FE",
            "sha256_fingerprint": "9F:E1:A6:F2:D1:41:E0:0F:61:17:3A:4D:24:96:2C:54:E2:9D:BA:E7:CF:4A:3E:91:7A:34:B1:87:8E:61:0E:9F",
            "signaturealgorithm": "SHA256-RSA",
            "subject_commonname": "access.statestreet.com",
            "subject_country": "US",
            "subject_locality": "Quincy",
            "subject_organization": "State Street Corporation",
            "subject_province": "Massachusetts"
          },
          "httpfavicon": "",
          "httpfaviconblob": "",
          "httpstatuscode": 302,
          "httptitle": "",
          "port": 443,
          "product": ["Citrix-NetScaler"],
          "service": ["https"],
          "type": "tcp",
          "web": null
        },
        {
          "banner": "302 Found : Moved Temporarily\r\nCache-Control: no-cache\r\nLocation: https://access-ci.statestreet.com:80/\r\nPragma: no-cache\r\n",
          "certobject": {
            "dnsnames": null,
            "emailaddresses": null,
            "ipaddresses": null,
            "issuer_commonname": "",
            "issuer_country": "",
            "issuer_organization": "",
            "issuer_serialnumber": "",
            "issuer_string": "",
            "isvalidhostname": false,
            "md5_fingerprint": "",
            "notafter": "",
            "notbefore": "",
            "remoteipaddress": "",
            "sha1_fingerprint": "",
            "sha256_fingerprint": "",
            "signaturealgorithm": "",
            "subject_commonname": "",
            "subject_country": "",
            "subject_locality": "",
            "subject_organization": "",
            "subject_province": ""
          },
          "httpfavicon": "",
          "httpfaviconblob": "",
          "httpstatuscode": 302,
          "httptitle": "",
          "port": 80,
          "product": null,
          "service": ["http"],
          "type": "tcp",
          "web": null
        }
      ],
      "organization": "State Street Bank and Trust Company",
      "ports_count": 2,
      "postal_code": "E14",
      "products": ["Citrix-NetScaler"],
      "region": "Tower Hamlets",
      "tags": ["https", "citrix-netscaler", "http"],
      "tld": "com",
      "urls": null
    }
  ],
  "total_pages": 1000000,
  "total_query_results": 10000000
}

HTTP Request

POST https://fullhunt.io/api/v1/global/search

Request Filters

Fullhunt Global Search comes with a powerful search filters. See ther full documentation here https://fullhunt.io/docs/global-search/filters

Data Intelligence APIs

FullHunt Data Intelligence APIs offer critical information for data intelligence and security tools.

FullHunt Data Intelligence APIs are used to query the FullHunt database, the largest asset inventory database on the Internet, for various use-cases.

Rate limiting: requests are limited to 60 requests per minute.

Note: The results are limited to 100 results per query for community accounts. Enterprise accounts have full access to Data Intelligence API.

curl "https://fullhunt.io/api/v1/intel/host?host=loja.center.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "host": "loja.center.kaspersky.com"
  },
  "results": [
    {
      "asn": 15169,
      "dns_ptr": ["154.208.186.35.bc.googleusercontent.com."],
      "domain": "kaspersky.com",
      "host": "loja.center.kaspersky.com",
      "ip_address": "35.186.208.154",
      "organization": "GOOGLE"
    }
  ],
  "total_pages": 1,
  "total_query_results": 1
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/host

Get Host Details

Get details about a given host.

curl "https://fullhunt.io/api/v1/intel/host?host=loja.center.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "host": "loja.center.kaspersky.com"
  },
  "results": [
    {
      "asn": 15169,
      "dns_ptr": ["154.208.186.35.bc.googleusercontent.com."],
      "domain": "kaspersky.com",
      "host": "loja.center.kaspersky.com",
      "ip_address": "35.186.208.154",
      "organization": "GOOGLE"
    }
  ],
  "total_pages": 1,
  "total_query_results": 1
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/host

URL Parameters

Parameter Description
host The searched host.

Get Hosts With a Specific Tag

Get hosts that match a given tag.

curl "https://fullhunt.io/api/v1/intel/tag?tag=ssh" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "tag": "ssh"
  },
  "results": [
    {
      "asn": 3737,
      "dns_ptr": null,
      "domain": "",
      "host": "24.229.106.49",
      "ip_address": "24.229.106.49",
      "organization": "PenTeleData"
    }
  ],
  "total_pages": 10000,
  "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/tag

URL Parameters

Parameter Description
tag The searched tag.

Get Hosts Running a Web Tech

Get hosts that are running a specific web technology.

curl "https://fullhunt.io/api/v1/intel/web-tech?tech=HTTP/3" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "tech": "HTTP/3"
  },
  "results": [
    {
      "asn": 0,
      "dns_ptr": null,
      "domain": "fullhunt.blue",
      "host": "fullhunt.blue",
      "ip_address": "2a06:98c1:3120::3",
      "organization": ""
    }
  ],
  "total_pages": 10000,
  "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/web-tech

URL Parameters

Parameter Description
tech The searched web technology.

Get hosts Running a specific Product

Get hosts that are running a specific product.

curl "https://fullhunt.io/api/v1/intel/product?product=Citrix-NetScaler" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "product": "Citrix-NetScaler"
  },
  "results": [
    {
      "asn": 7741,
      "dns_ptr": ["199-198-251-31.cibc.com."],
      "domain": "cibc.com",
      "host": "199-198-251-31.cibc.com",
      "ip_address": "199.198.251.31",
      "organization": "CIBC World Markets"
    }
  ],
  "total_pages": 4551,
  "total_query_results": 4551
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/product

URL Parameters

Parameter Description
product The searched product.

Get Subdomains of a Domain

Get all subdomains associated with the given domain.

curl "https://fullhunt.io/api/v1/intel/domain?domain=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "domain": "kaspersky.com"
  },
  "results": [
    {
      "asn": 0,
      "dns_ptr": null,
      "domain": "kaspersky.com",
      "host": "08.kaspersky.com",
      "ip_address": "",
      "organization": ""
    }
  ],
  "total_pages": 10000,
  "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/domain

URL Parameters

Parameter Description
domain The searched domain.

Get Hosts Pointing to a Given IP address

Get hosts pointing to a given IP address.

curl "https://fullhunt.io/api/v1/intel/ip-to-hosts?ip=8.8.8.8" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "ip": "8.8.8.8"
  },
  "results": [
    {
      "asn": 15169,
      "dns_ptr": ["dns.google."],
      "domain": "dns.google",
      "host": "dns.google",
      "ip_address": "8.8.8.8",
      "organization": "Google"
    }
  ],
  "total_pages": 202,
  "total_query_results": 202
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/ip-to-hosts

URL Parameters

Parameter Description
ip The searched IP Address.

Get Hosts within a given ASN

Get hosts within a given ASN.

curl "https://fullhunt.io/api/v1/intel/asn-to-hosts?asn=200107" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "asn": 200107
  },
  "results": [
    {
      "asn": 200107,
      "dns_ptr": null,
      "domain": "kaspersky-labs.com",
      "host": "42.ucp-ntfy.kaspersky-labs.com",
      "ip_address": "82.202.185.202",
      "organization": "Kaspersky Lab Switzerland GmbH"
    }
  ],
  "total_pages": 1206,
  "total_query_results": 1206
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/asn-to-hosts

URL Parameters

Parameter Description
asn The searched ASN.

Get Virtual Hosts Pointing to ASN

Get virtual hosts pointing to the same ASN.

curl "https://fullhunt.io/api/v1/intel/asn-to-virtual-hosts?asn=200107" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "asn": 200107
  },
  "results": [
    {
      "asn": 200107,
      "dns_ptr": null,
      "domain": "kaspersky-labs.com",
      "host": "42.ucp-ntfy.kaspersky-labs.com",
      "ip_address": "82.202.185.202",
      "organization": "Kaspersky Lab Switzerland GmbH"
    }
  ],
  "total_pages": 1206,
  "total_query_results": 1206
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/asn-to-virtual-hosts

URL Parameters

Parameter Description
asn The searched ASN.

Get Hosts Pointing to a Given IP address

Get hosts pointing to a given IP address.

curl "https://fullhunt.io/api/v1/intel/ip-range-to-hosts?ip_start=1.1.1.1&ip_end=1.1.1.255" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "ip_start": "1.1.1.1",
    "ip_end": "1.1.1.255"
  },
  "results": [
    {
      "asn": 0,
      "dns_ptr": ["one.one.one.one."],
      "domain": "cwu.edu.cn",
      "host": "1.cwu.edu.cn",
      "ip_address": "1.1.1.1",
      "organization": "CLOUDFLARENET"
    }
  ],
  "total_pages": 10000,
  "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/ip-range-to-hosts

URL Parameters

Parameter Description
ip_start The range start ip.
ip_end The range end ip.

Get Host With Same DNS MX

Get hosts that points to the same DNS MX

curl "https://fullhunt.io/api/v1/intel/dns-mx-to-hosts?dns_mx=mx14.kaspersky-labs.com." \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "dns_mx": "mx14.kaspersky-labs.com."
  },
  "results": [
    {
      "asn": 200350,
      "dns_ptr": null,
      "domain": "kaspersky.com",
      "host": "brand.kaspersky.com",
      "ip_address": "51.250.27.190",
      "organization": "Yandex.Cloud LLC"
    }
  ],
  "total_pages": 15,
  "total_query_results": 15
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/dns-mx-to-hosts

URL Parameters

Parameter Description
dns_mx The searched dns_mx.

Get Hosts Pointing to Same DNS NS

Get hosts pointing to the same DNS NS.

curl "https://fullhunt.io/api/v1/intel/dns-ns-to-hosts?dns_ns=ns1.kasperskylabs.net." \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "dns_ns": "ns1.kasperskylabs.net."
  },
  "results": [
    {
      "asn": 8075,
      "dns_ptr": null,
      "domain": "kaspersky.com",
      "host": "cloud.kaspersky.com",
      "ip_address": "40.85.136.63",
      "organization": "MICROSOFT-CORP-MSN-AS-BLOCK"
    }
  ],
  "total_pages": 26,
  "total_query_results": 26
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/dns-ns-to-hosts

URL Parameters

Parameter Description
dns_ns The searched dns_ns.

Enterprise APIs

Organizations API

Get Organizations

This endpoint retrieves your organizations list.

curl "https://fullhunt.io/api/v1/enterprise/organizations" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

[
  {
    "id": "3db40e1c-1d26-4309-b0c4-105fde3b3486",
    "name": "ORG Name",
    "description": "ORG description",
    "is_default": true
  }
]

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/organizations

Alerts APIs

Get Alerts

This endpoint retrieves alerts and events of exposures.

curl "https://fullhunt.io/api/v1/enterprise/alerts" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

[
  {
    "domain": "acme.com",
    "host": "api-payments-prod.acme.com",
    "id": 92731,
    "is_seen": false,
    "message": "A new subdomain was discovered in `acme.com`. \n\n* Subdomain: `api-payments-prod.acme.com`\n* Detection Method: DNS Enumeration\n* First Seen: 2024-02-05 14:23:59 UTC",
    "timestamp": 1707142800,
    "title": "New subdomain discovered in `acme.com`",
    "type": "new_subdomain_discovered"
  }
]

Query Parameters

Parameter Required Description
org no Filter alerts by organization ID.
page no Page (default: 1).
from no Get alerts starting from a certain date (in the format DD/MM/YYYY)
to no Get alerts until a certain date (in the format DD/MM/YYYY)

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/alerts

Vulnerabilities APIs

Get Vulnerabilities

This endpoint retrieves discovered vulnerabilities.

curl "https://fullhunt.io/api/v1/enterprise/vulnerabilities" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

[
  {
    "affected_location": "https://api.acme.com:8443/v1/payment-gateway/${jndi:ldap://127.0.0.1:1389/Exploit}",
    "automated_vulnerability_validation_status": true,
    "custom_severity": "critical",
    "description": "A critical remote code execution vulnerability (CVE-2021-44228) has been detected in the Log4j logging library on the target host. The affected endpoint processes JNDI lookup strings in logged data, allowing attackers to trigger remote class loading and achieve code execution. Testing confirmed that user-controlled input is being logged by the application, making this a direct attack vector. The vulnerable version of Log4j (2.14.1) was identified through manifest analysis and active testing.",
    "domain": "acme.com",
    "host": "api.acme.com",
    "host_type": "dns",
    "identification_date": 1707152400,
    "impact": "The vulnerability allows attackers to execute arbitrary code on the target system with the privileges of the Java application. Given this is a production payment processing API, successful exploitation could lead to unauthorized access to financial data, lateral movement within the network, and potential customer data exposure. The automated validation confirms the system is actively vulnerable to JNDI lookup attacks.",
    "issue_id": 12458,
    "last_seen": 1707238800,
    "recommendation": "1. Immediately upgrade Log4j to version 2.17.1 or later\n2. Set log4j2.formatMsgNoLookups=true as a JVM parameter\n3. Implement WAF rules to block JNDI lookup patterns\n4. Review application logs for exploitation attempts\n5. Apply strict input validation on all API endpoints\n6. Deploy network rules to block outbound LDAP/RMI traffic from the application server",
    "references": [
      "https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
      "https://logging.apache.org/log4j/2.x/security.html",
      "https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-356a",
      "https://github.com/apache/logging-log4j2/releases/tag/log4j-2.17.1",
      "https://www.lunasec.io/docs/blog/log4j-zero-day/",
      "https://www.microsoft.com/en-us/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/"
    ],
    "severity": "critical",
    "status": 0,
    "title": "Log4j Remote Code Execution Vulnerability (Log4Shell) at api.acme.com",
    "vulnerability_id": "CVE-2021-44228",
    "vulnerability_type": "Application"
  }
]

Query Parameters

Parameter Required Description
org no Filter vulnerabilities by organization ID.

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/vulnerabilities

Entities APIs

Get All Entities

List entities of the account.

curl "https://fullhunt.io/api/v1/enterprise/entities" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

[
  {
    "asset": "kaspersky.com",
    "type": "domain"
  },
  {
    "asset": "185.85.15.0/24",
    "type": "ip-range"
  }
]

Query Parameters

Parameter Required Description
org no Filter entities by organization ID.

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/entities


Get assets of an entity

This endpoint retrieves all assets of specific entity.

curl "https://fullhunt.io/api/v1/enterprise/assets?entity=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

[
  {
    "asset_score": 95,
    "asset_score_reason": ["delegated-cname-record"],
    "categories": [
      "Web-Development-Frameworks",
      "Web-Servers",
      "Cloud-Services"
    ],
    "cdn": "",
    "cert_object": {
      "dns_names": ["cybermap.kaspersky.com"],
      "email_addresses": null,
      "ip_addresses": [],
      "is_valid_hostname": true,
      "issuer_common_name": "GlobalSign RSA OV SSL CA 2018",
      "issuer_country": "BE",
      "issuer_organization": "GlobalSign nv-sa",
      "issuer_serial_number": "",
      "issuer_string": "CN=GlobalSign RSA OV SSL CA 2018,O=GlobalSign nv-sa,C=BE",
      "md5_fingerprint": "48:DF:CD:CB:D1:F2:82:05:1E:A6:53:78:8E:49:01:74",
      "not_after": "03-08-2025 12:01:01",
      "not_before": "02-07-2024 12:01:02",
      "remote_ip_address": "185.54.223.252:443",
      "sha1_fingerprint": "9C:B9:F7:80:23:9C:85:66:3E:C7:6E:C4:C3:50:5E:5E:79:BC:A4:95",
      "sha256_fingerprint": "10:CE:13:BD:FF:EB:5F:F0:AC:65:4B:DF:FB:D8:70:13:55:A9:5B:7B:33:23:5B:A9:D8:C3:F5:7E:F2:CE:00:B0",
      "signature_algorithm": "SHA256-RSA",
      "subject_common_name": "cybermap.kaspersky.com",
      "subject_country": "CH",
      "subject_locality": "Zürich",
      "subject_organization": "Kaspersky Lab Switzerland GmbH",
      "subject_province": "Zürich"
    },
    "cloud": {
      "provider": "",
      "region": ""
    },
    "dns": {
      "a": ["185.54.223.252"],
      "aaaa": null,
      "cname": [
        "cybermap-kaspersky-com.sm.kaspersky.com.",
        "cybermap-kaspersky-com-prod.sm.kaspersky.com."
      ],
      "mx": null,
      "ns": [],
      "ptr": null,
      "txt": null
    },
    "domain": "kaspersky.com",
    "has_ipv6": false,
    "has_private_ip": false,
    "host": "cybermap.kaspersky.com",
    "http_status_code": null,
    "http_title": "MAP | Kaspersky Cyberthreat live map",
    "ip_address": "185.54.223.252",
    "ip_metadata": {
      "asn": 200107,
      "city_name": "",
      "country_code": "GB",
      "country_name": "United Kingdom",
      "isp": "Kaspersky Lab Switzerland GmbH",
      "location_latitude": 51.4964,
      "location_longitude": -0.1224,
      "organization": "Kaspersky Lab Switzerland GmbH",
      "postal_code": "",
      "region": ""
    },
    "is_cdn": false,
    "is_cloud": false,
    "is_cloudflare": false,
    "is_live": true,
    "is_resolvable": true,
    "network_ports": [443, 80],
    "products": ["Laravel", "nginx", "Amazon-CloudFront"],
    "tags": [
      "cname",
      "https",
      "laravel",
      "nginx",
      "amazon-cloudfront",
      "web-development-frameworks",
      "web-servers",
      "cloud-services",
      "http"
    ],
    "tld": "com",
    "urls": [
      "https://cybermap.kaspersky.com/stats",
      "https://cybermap.kaspersky.com/js/map.js?id=b22034f86b2e0e17052c435bbbf7c843",
      "https://cybermap.kaspersky.com/tos",
      "https://cybermap.kaspersky.com/fr",
      "https://cybermap.kaspersky.com/subsystems"
    ]
  }
]

Query Parameters

Parameter Required Description
entity yes Entity name that want to retrieve tis assets.

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/assets

Darkweb Compromised Credentials

You can use Darkweb Compromised Credentials API to retrieve compromised credentials and leaks within your organization.

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/darkweb/compromised-credentials

URL Parameters

Parameter Description
query Email or domain search string
page Pagination page number
curl "https://fullhunt.io/api/v1/enterprise/darkweb/compromised-credentials?query=john.smith@acme.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "query": {
    "query": "john.smith@acme.com"
  },
  "results": [
    {
      "id": "LEAK-7394",
      "address": "123 Corporate Drive, Phoenix, AZ 85001",
      "darkweb_metadata_count": 157834291,
      "darkweb_metadata_date": "2023-12-10 00:00:00",
      "darkweb_metadata_description": "In December 2023, a large-scale data compilation was discovered containing records from multiple corporate data breaches. The compilation included various data points from company directories and internal systems.",
      "darkweb_metadata_leaked_data": "Email addresses, Passwords, Physical addresses, Names",
      "darkweb_metadata_name": "CorporateDataDump_2023",
      "database_name": "BreachCompilation",
      "date_added": "2024-02-15 14:22:31",
      "domain": "acme.com",
      "email": "john.smith@acme.com",
      "hash_type": "bcrypt",
      "hashed_password": "$2a$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewvfbrgSP3nXnm3m",
      "ipaddress": "192.168.1.100",
      "name": "John Smith",
      "password": "rocket2023",
      "phone": "+1-555-0123-4567",
      "username": "jsmith",
      "vin": "1HGCM82633A123456"
    },
    {
      "id": "LEAK-7395",
      "address": "123 Corporate Drive, Phoenix, AZ 85001",
      "darkweb_metadata_count": 234567890,
      "darkweb_metadata_date": "2023-03-15 00:00:00",
      "darkweb_metadata_description": "In March 2023, a compilation of email and password combinations appeared in a dataset known as 'DataVault'. The collection contained approximately 235 million unique email addresses along with associated passwords from various online platforms. This dataset was subsequently used in credential stuffing attacks targeting multiple services.",
      "darkweb_metadata_leaked_data": "Email addresses, Passwords, Usernames, Phone numbers, IP addresses",
      "darkweb_metadata_name": "DataVault_2023_Q1",
      "database_name": "DataVault",
      "date_added": "2024-01-12 08:15:43",
      "domain": "acme.com",
      "email": "john.smith@acme.com",
      "hash_type": "SHA512",
      "hashed_password": "c02d8a4ee64c5a80a959e7c411ed198649b018ca51d85cfc86579dce2c81c5c88f88185d8751aa1abd88d95d0455dc25ebd59a8",
      "ipaddress": "10.0.0.15",
      "name": "John Smith",
      "password": "rocket2023",
      "phone": "+1-555-0123-4567",
      "username": "john.smith",
      "vin": "1HGCM82633A123456"
    },
    {
      "id": "LEAK-7396",
      "address": "789 Business Park, Phoenix, AZ 85001",
      "darkweb_metadata_count": 98765432,
      "darkweb_metadata_date": "2023-06-15 00:00:00",
      "darkweb_metadata_description": "In June 2023, a major professional networking platform experienced a data breach affecting approximately 99 million users. The exposed data included email addresses and hashed passwords. The breach was discovered when the data appeared for sale on various underground forums.",
      "darkweb_metadata_leaked_data": "Email addresses, Passwords, Professional profiles, Connection data, Employment history",
      "darkweb_metadata_name": "ProfessionalNetwork_June2023",
      "database_name": "ProfNetwork",
      "date_added": "2024-01-10 16:33:21",
      "domain": "acme.com",
      "email": "john.smith@acme.com",
      "hash_type": "SHA256",
      "hashed_password": "a8b64babd0aca91a59bdbb7761b421d4f2bb38280d3a75ba0f21f2bebc45583d",
      "ipaddress": "172.16.0.100",
      "name": "John Smith",
      "password": "",
      "phone": "+1-555-0123-4567",
      "username": "johnsmith_acme",
      "vin": "1HGCM82633A123456"
    },
    {
      "id": "LEAK-7397",
      "address": "123 Corporate Drive, Phoenix, AZ 85001",
      "darkweb_metadata_count": 345678901,
      "darkweb_metadata_date": "2023-09-20 00:00:00",
      "darkweb_metadata_description": "In September 2023, multiple data aggregation files labeled 'GlobalLeaks' were discovered being distributed across various hacking forums. The complete archive contained over 345 million unique records including email addresses and associated passwords from previously compromised services.",
      "darkweb_metadata_leaked_data": "Email addresses, Passwords, Physical addresses, Phone numbers, Vehicle information",
      "darkweb_metadata_name": "GlobalLeaks_September2023",
      "database_name": "GlobalLeaks",
      "date_added": "2024-01-05 11:27:19",
      "domain": "acme.com",
      "email": "john.smith@acme.com",
      "hash_type": "MD5",
      "hashed_password": "5f4dcc3b5aa765d61d8327deb882cf99",
      "ipaddress": "192.168.1.105",
      "name": "John Smith",
      "password": "rocket2023",
      "phone": "+1-555-0123-4567",
      "username": "john.s",
      "vin": "1HGCM82633A123456"
    }
  ],
  "total_query_results": 4
}

Darkweb Potential Phishing Domains

The Darkweb Potential Phishing Domains API allows you to search for potentially malicious domains that may be used in phishing attacks targeting your organization. The API returns domains that have similar names or patterns to your legitimate domains.

curl "https://fullhunt.io/api/v1/enterprise/darkweb/potential-phishing" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

Example response:

{
  "results": {
    "items": [
      {
        "id": "LEAK-123",
        "domain_name": "acme-login.com",
        "date_added": "2024-03-15 10:30:45",
        "last_seen": "2024-03-15 10:30:45",
        "type": "DomainName"
      }
    ],
    "total": 15,
    "page": 1,
    "per_page": 10
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/darkweb/potential-phishing

URL Parameters

Parameter Description
query Domain name search string
page Pagination page number

Darkweb Typosquatting Domains

The Darkweb Typosquatting Domains API helps you detect and monitor potential typosquatting domains that could be used for phishing attacks or brand impersonation. The API returns domains that are similar to your legitimate domains through common typo patterns like character omission, substitution, or transposition.

curl "https://fullhunt.io/api/v1/enterprise/darkweb/typosquatting" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

Example response:

{
  "results": {
    "items": [
      {
        "id": "LEAK-123",
        "domain_name": "acmecorp.com",
        "date_added": "2024-03-15",
        "last_seen": "2024-03-15",
        "type": "TypoSquatting"
      }
    ],
    "total": 23,
    "page": 1,
    "per_page": 10
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/darkweb/typosquatting

URL Parameters

Parameter Description
query Domain name search string
page Pagination page number

Darkweb Discovered Emails

The Darkweb Discovered Emails API helps you monitor and detect email addresses associated with your organization that have been exposed on the dark web. This includes emails found in data breaches, dark web forums, paste sites, and other underground sources. The API returns discovered email addresses along with metadata about when and where they were found.

curl "https://fullhunt.io/api/v1/enterprise/darkweb/discovered-emails" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

Example response:

{
  "results": {
    "items": [
      {
        "id": "LEAK-123",
        "email": "john.smith@acme.com",
        "domain": "acme.com",
        "date_added": "2024-03-15",
        "breaches": ["DataVault_2023_Q1"]
        ]
      }
    ],
    "total": 42,
    "page": 1,
    "per_page": 10
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/darkweb/discovered-emails

URL Parameters

Parameter Description
query Email or domain search string
page Pagination page number

Certificates API

List all certificates discovered across your organization's assets.

curl "https://fullhunt.io/api/v1/enterprise/certificates?q=kaspersky" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "status": 200,
  "total_results": 42,
  "page": 1,
  "results": {
    "items": [
      {
        "id": "CERT-5231",
        "domain_name": "cloud.kaspersky.com",
        "date_added": "2024-03-15T14:22:31Z",
        "last_seen": "2024-03-15T14:22:31Z",
        "type": "Certificate"
      }
    ],
    "total": 42,
    "page": 1,
    "per_page": 10,
    "pages": 5
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/certificates

URL Parameters

Parameter Description
q Search query to filter certificates by domain name, date, or certificate type
page Pagination page number (default: 1)

On-Demand Scans API

The On-Demand Scans API submits scan requests.

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/on-demand-scans

URL Parameters

Parameter Description
target The target to scan.
curl "https://fullhunt.io/api/v1/enterprise/on-demand-scans?target=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "message": "On-demand scan request has been successfully sent to the queue for processing.",
  "status": 200
}

Suggested Domains API

You can use Suggested Domains API fetch suggested domains of an organization.

Rate limiting: requests are limited to 60 requests per minute.

HTTP Request

GET https://fullhunt.io/api/v1/enterprise/suggested-domains

curl "https://fullhunt.io/api/v1/enterprise/suggested-domains" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "results": [
    {
      "discovery_data": "2024-05-12 18:02:09",
      "identification_method": "correlation",
      "suggested_domain": "google.org"
    }
  ],
  "total_query_results": 1
}

Nexus APIs

FullHunt Nexus APIs are research data provided by FullHunt Threat Intelligence.

This API is part of the Data Intelligence API Credits.

Rate limiting: requests are limited to 60 requests per minute.

Note: The results are limited to 100 results per query for community accounts. Enterprise accounts gain full access to Data Intelligence API.

curl "https://fullhunt.io/api/v1/nexus/tor/check-ip?ip=100.8.8.137" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 1,
  "data": {
    "first_seen": "26-09-2023",
    "ip_address": "100.8.8.137"
  },
  "error": "",
  "status": 200
}

Tor IP Lookup

This API queries the FullHunt database to check if a specific IP was identified as a Tor exit node at a given time. FullHunt actively monitors and indexes Tor IPs.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/tor/check-ip

URL Parameters

Parameter Description
ip The IP address.
curl "https://fullhunt.io/api/v1/nexus/tor/check-ip?ip=100.8.8.137" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 1,
  "data": {
    "first_seen": "26-09-2023",
    "ip_address": "100.8.8.137"
  },
  "error": "",
  "status": 200
}

An API to query the database for DNS-related cloud certificate information. This is part of FullHunt's Internet scans.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/cloud-certs/dns-search

URL Parameters

Parameter Description
query A query to discover cloud assets with specific DNS names.
curl "https://fullhunt.io/api/v1/nexus/cloud-certs/dns-search?query=kaspersky" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 4,
  "data": [
    {
      "dns": ["kaspersky-test.mygiftcard.it", "carrefour-test.mygiftcard.it"],
      "host": "34.107.159.9",
      "port": "443"
    },
    {
      "dns": ["kaspersky.com", "www.kaspersky.com"],
      "host": "15.220.184.189",
      "port": "443"
    },
    {
      "dns": ["kaspersky.com", "www.kaspersky.com"],
      "host": "3.122.200.240",
      "port": "443"
    },
    {
      "dns": ["kasperskylabs.jp"],
      "host": "35.76.8.33",
      "port": "443"
    }
  ],
  "error": "",
  "status": 200
}

Passive DNS Data - Domain Lookup

Retrieves historical passive DNS data for a specified domain from FullHunt's internal passive DNS database.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/passive-dns/lookup

URL Parameters

Parameter Description
domain Search hosts associated with a domain name on the FullHunt passive DNS database.
curl "https://fullhunt.io/api/v1/nexus/passive-dns/lookup?domain=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 7686,
  "data": [
    "activate.activation-v2.kaspersky.com",
    "activation-v2.geo.kaspersky.com",
    "activation-v2.kaspersky.com",
    "aes.geo.kaspersky.com",
    "americas.activation-v2.kaspersky.com",
    "americas.activate.activation-v2.kaspersky.com",
    "americas.refresh-bkg.activation-v2.kaspersky.com",
    "ksn-pixel.geoksn.kaspersky.com"
    # ... rest of items ...
  ],
  "error": "",
  "status": 200
}

Domains Collection - Company lookup by domain name.

Query the domain collection database for information related to a specific domain.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/domain-collection/lookup

URL Parameters

Parameter Description
domain The domain name.
curl "https://fullhunt.io//api/v1/nexus/domain-collection/lookup?domain=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 1,
  "data": {
    "company_name": "Kaspersky",
    "copyright": "",
    "crunchbase_urls": [],
    "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
    "domain": "kaspersky.com",
    "facebook_urls": ["https://www.facebook.com/Kaspersky"],
    "favicon_url": "https://kaspersky.com/favicon.ico",
    "github_urls": [],
    "images_list": [],
    "instagram_urls": ["https://instagram.com/kasperskylab"],
    "linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
    "meta_logo_url": "",
    "other_urls": [
      "https://www.kaspersky.co.kr/",
      "https://kaspersky.com/enterprise-security",
      "https://kaspersky.com#main",
      "https://www.kaspersky.cz/",
      "https://kaspersky.com/anti-corruption-policy",
      "https://www.kaspersky.es/?ignoreredirects=true",
      "https://www.kaspersky.com/?ignoreredirects=true",
      "https://www.kaspersky.it/?ignoreredirects=true",
      "https://kaspersky.com/blog/",
      "https://www.kaspersky.com.au/?ignoreredirects=true",
      "https://www.kaspersky.ru/?ignoreredirects=true",
      "https://kaspersky.com/small-business-security",
      "https://usa.kaspersky.com/?ignoreredirects=true",
      "https://kaspersky.com/about/careers",
      "https://kaspersky.com/resource-center",
      "https://kaspersky.com/enterprise-security/endpoint",
      "https://www.kaspersky.com/web-privacy-policy/ccpa#optout",
      "https://www.kaspersky.ca/fr?ignoreredirects=true",
      "https://kaspersky.com/enterprise-security/cybersecurity-services",
      "https://www.kaspersky.fi/?ignoreredirects=true",
      "https://www.kaspersky.pt/?ignoreredirects=true",
      "https://support.kaspersky.com/us/consumer/faq_sales_nexway",
      "https://www.kaspersky.co.in/?ignoreredirects=true",
      "https://kaspersky.com/home-security",
      "https://www.kaspersky.co.za/?ignoreredirects=true",
      "https://www.kaspersky.gr/",
      "https://www.kaspersky.bg/",
      "https://shop.usa.kaspersky.com/checkout/add",
      "https://www.kaspersky.ca/?ignoreredirects=true",
      "https://me-en.kaspersky.com/?ignoreredirects=true",
      "https://kaspersky.com/plus",
      "https://kaspersky.com/enterprise-security/cloud-security",
      "https://kaspersky.dz",
      "https://www.kaspersky.de/?ignoreredirects=true",
      "https://www.kaspersky.co.uk/?ignoreredirects=true",
      "https://www.kaspersky.com.br/?ignoreredirects=true",
      "https://www.kaspersky.fr/?ignoreredirects=true",
      "https://www.kaspersky.ro/",
      "https://kaspersky.com/standard",
      "https://kaspersky.com/renewal-center/home",
      "https://community.kaspersky.com/",
      "https://www.kaspersky.be/?ignoreredirects=true",
      "https://www.tomorrowunlocked.com/",
      "https://www.kaspersky.ua/",
      "https://kaspersky.com/business/eula",
      "https://kaspersky.com/about/press-releases",
      "https://www.kaspersky.nl/?ignoreredirects=true",
      "https://usa.kaspersky.com/about",
      "https://www.kaspersky.com/web-privacy-policy",
      "https://securelist.com/",
      "https://latam.kaspersky.com/?ignoreredirects=true",
      "https://kaspersky.com/small-to-medium-business-security/cloud",
      "https://www.kaspersky.co.jp/",
      "https://www.kaspersky.rs/",
      "https://www.kaspersky.com.tr/?ignoreredirects=true",
      "https://www.kaspersky.dk/?ignoreredirects=true",
      "https://kaspersky.com/partners",
      "https://kaspersky.com/sitemap",
      "https://kaspersky.com/",
      "https://kaspersky.com/small-business-security/small-office-security",
      "https://www.kaspersky.com.hk/",
      "https://kaspersky.com/small-to-medium-business-security/endpoint-advanced",
      "https://www.kaspersky.ma/",
      "https://usa.kaspersky.com/blog/",
      "https://kaspersky.com/premium",
      "https://kaspersky.com/small-to-medium-business-security",
      "https://www.kaspersky.com.pl/",
      "https://www.kaspersky.com.tw/",
      "https://afrique.kaspersky.com/",
      "https://kaspersky.com/about",
      "https://www.kaspersky.se/?ignoreredirects=true",
      "https://www.kaspersky.co.th/",
      "https://www.kaspersky.no/?ignoreredirects=true",
      "https://my.kaspersky.com/",
      "https://www.kaspersky.hu/",
      "https://www.kaspersky.com.vn/",
      "https://kaspersky.com/end-user-license-agreement",
      "https://kaspersky.com/small-to-medium-business-security/endpoint-select",
      "https://me.kaspersky.com/?ignoreredirects=true",
      "https://kaspersky.com/pricing",
      "https://kaspersky.com/about/transparency",
      "https://kaspersky.com/about/contact",
      "https://www.kaspersky.com.cn/?ignoreredirects=true"
    ],
    "pinterest_urls": [],
    "reddit_urls": [],
    "snapchat_urls": [],
    "title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
    "tumblr_urls": [],
    "twitter_urls": ["https://twitter.com/kaspersky"],
    "youtube_urls": ["https://youtube.com/Kaspersky"]
  },
  "error": "",
  "status": 200
}

Domains Collection - Company lookup by name.

Searches the domain collection database for information related to a specific company.

curl "https://fullhunt.io/api/v1/nexus/domain-collection/company-lookup?query=kaspersky" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 6,
  "data": [
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "Najczęściej nagradzana. Najczęściej testowana. Ochrona antywirusowa i Internet Security dla domu i biznesu od Kaspersky",
      "domain": "kaspersky.com.pl",
      "facebook_urls": ["https://facebook.com/KasperskyPolska"],
      "favicon_url": "https://kaspersky.com.pl/favicon.ico",
      "github_urls": [],
      "images_list": ["https://www.kaspersky.com.pl/images/image_logo.jpg"],
      "instagram_urls": ["https://instagram.com/KasperskyPolska"],
      "linkedin_urls": ["https://www.linkedin.com/company/kaspersky-polska"],
      "meta_logo_url": "",
      "other_urls": [
        "https://kaspersky.com.pl/safe-kids",
        "https://kaspersky.com.pl/ochrona-dla-sredniego-biznesu"
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky - oficjalna strona - najlepszy antywirus, internet security | sklep",
      "tumblr_urls": [],
      "twitter_urls": ["https://twitter.com/KasperskyPolska"],
      "youtube_urls": [
        "https://www.youtube.com/embed/KurkIrV9hVo?autoplay=1",
        "https://www.youtube.com/KasperskyLabPL"
      ]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "Leader mondial des solutions et services de cybersécurité, Kaspersky offre une protection premium contre les cybermenaces pour votre domicile ou votre entreprise.",
      "domain": "kaspersky.fr",
      "facebook_urls": ["https://www.facebook.com/kasperskylabfrance"],
      "favicon_url": "https://kaspersky.fr/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": ["https://instagram.com/kasperskylabfrance"],
      "linkedin_urls": ["https://linkedin.com/company/kaspersky-lab-france"],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://kaspersky.fr/enterprise-security/endpoint"
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Solutions de cybersécurité pour particuliers et entreprises | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": ["https://twitter.com/kasperskyfrance"],
      "youtube_urls": ["https://youtube.com/KasperskyFrance"]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
      "domain": "kaspersky.co.uk",
      "facebook_urls": ["https://www.facebook.com/Kaspersky"],
      "favicon_url": "https://kaspersky.co.uk/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": ["https://instagram.com/kasperskylab"],
      "linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
      "meta_logo_url": "",
      "other_urls": [
        "https://kaspersky.co.uk/about/press-releases",
        "https://www.kaspersky.ca/?ignoreredirects=true"
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky Cyber Security Solutions for Home and Business  | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": ["https://twitter.com/kaspersky"],
      "youtube_urls": ["https://youtube.com/Kaspersky"]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
      "domain": "kaspersky.com",
      "facebook_urls": ["https://www.facebook.com/Kaspersky"],
      "favicon_url": "https://kaspersky.com/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": ["https://instagram.com/kasperskylab"],
      "linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://kaspersky.com/enterprise-security"
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": ["https://twitter.com/kaspersky"],
      "youtube_urls": ["https://youtube.com/Kaspersky"]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
      "domain": "kaspersky.co.in",
      "facebook_urls": ["https://www.facebook.com/Kaspersky"],
      "favicon_url": "https://kaspersky.co.in/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": ["https://instagram.com/kasperskylab"],
      "linkedin_urls": ["https://linkedin.com/company/kaspersky/"],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://kaspersky.co.in/partners"
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": ["https://twitter.com/kaspersky"],
      "youtube_urls": ["https://youtube.com/Kaspersky"]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "Come leader globale di soluzioni e servizi di cybersicurezza di ultima generazione, Kaspersky offre una protezione di livello premium da tutte le minacce informatiche per ambienti domestici e aziendali.",
      "domain": "kaspersky.it",
      "facebook_urls": ["https://www.facebook.com/kasperskylabitalia"],
      "favicon_url": "https://kaspersky.it/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": ["https://instagram.com/kasperskylabitalia"],
      "linkedin_urls": [],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://www.kaspersky.cz/"
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Soluzioni di cybersicurezza Kaspersky per le aziende e gli utenti privati  | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": ["https://twitter.com/KasperskyLabIT"],
      "youtube_urls": ["https://youtube.com/Kaspersky"]
    }
  ],
  "error": "",
  "status": 200
}

URL Parameters

Parameter Description
query The Searched ip or host.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/domain-collection/company-lookup

URL Parameters

Parameter Description
query The searched company.

IP Lookup API

FullHunt IP Lookup API allows security professionals to query the FullHunt database for IP address details.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/nexus/ip-lookup?query=google.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"
{
  "other_ips": ["2a00:1450:4019:80e::200e"],
  "query": "google.com",
  "resolved_query": "172.217.19.206",
  "resolvable": true,
  "result": {
    "asn": 15169,
    "cdn_provider": "",
    "cdn_region": "",
    "city_name": "",
    "cloud_provider": "GCP",
    "cloud_region": "global",
    "country_code": "US",
    "country_name": "United States",
    "error": "",
    "hosts_count": 0,
    "ip_address": "172.217.19.206",
    "ip_decimal": "2899907534",
    "is_cdn": false,
    "is_cloud": true,
    "is_cloudflare": false,
    "is_ipv4": true,
    "is_ipv6": false,
    "is_private": false,
    "is_public": true,
    "isp": "GOOGLE",
    "location_latitude": 37.751,
    "location_longitude": -97.822,
    "organization": "GOOGLE",
    "postal_code": "",
    "ptr": ["ams16s31-in-f14.1e100.net.", "fjr04s13-in-f14.1e100.net."],
    "region": ""
  }
}

URL Parameters

Parameter Description
query The search query.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/ip-lookup

OEM APIs

FullHunt OEM APIs provide FullHunt Intelligence capabilities with enterprise and auditing features. These APIs are designed for partners integrating FullHunt's dark web intelligence into their platforms.

Features

Search dark web sources to detect compromised employee credentials, and sensitive data breaches.

curl "https://fullhunt.io/api/v1/oem/darkweb/search" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
  -d '{
    "type": "domain",
    "query": "acme.com",
    "query_tags": {"client_name": "ACMECorp", "workspace": "production"}
  }'

The above command returns JSON structured like this:

{
  "response": [
    {
      "email": "cfo@acme.com",
      "ip_address": "10.0.42.50",
      "username": "sarah.williams",
      "password": "AcmeFinance2024!",
      "hashed_password": "$2a$12$xK3dC8VpqHX8Kl/9J7tGh.zK9x2N5VL8jKy3Z9XgK8Q9L2Q5tNm3a",
      "hash_type": "bcrypt",
      "name": "Sarah Williams",
      "vin": "5UXWX7C5*BA",
      "address": "888 Executive Suite, Phoenix, AZ 85012",
      "phone": "+1-602-555-0177",
      "database_name": "FinanceTeam_Breach_2024",
      "source": "darkweb_marketplace_alpha",
      "hostname": "ACME-FIN-LAPTOP-042",
      "mac_addresses": "00:1B:44:11:3A:B8",
      "bin": "377601******8431",
      "salt": "kJ8#mP2$"
    },
    {
      "email": "admin@dev.acme.com",
      "ip_address": "192.168.10.100",
      "username": "devops_admin",
      "password": "Kub3rn3tes2024#",
      "hashed_password": "$2a$12$9K4eD8VpqHX8Kl/9J7tGh.zK9x2N5VL8jKy3Z9XgK8Q9L2Q5tNm3b",
      "hash_type": "bcrypt",
      "name": "Michael Chen",
      "vin": null,
      "address": "742 Technology Drive, Phoenix, AZ 85007",
      "phone": "+1-602-555-0133",
      "database_name": "DevOps_Credentials_Leak",
      "source": "paste_site_delta",
      "hostname": "ACME-K8S-ADMIN-01",
      "mac_addresses": "00:1A:2B:3C:4D:5E",
      "bins": null,
      "salt": "Xp9#qR5$"
    },
    {
      "email": "api@payments.acme.com",
      "ip_address": "10.0.30.15",
      "username": "payment_service",
      "password": "ApiGw@Payment2024",
      "hashed_password": "$2a$12$7L2dC8VpqHX8Kl/9J7tGh.zK9x2N5VL8jKy3Z9XgK8Q9L2Q5tNm3c",
      "hash_type": "bcrypt",
      "name": "Payment Processing Service",
      "vin": null,
      "address": "100 Server Room B, Phoenix, AZ 85004",
      "phone": null,
      "database_name": "Production_API_Secrets",
      "source": "private_telegram_channel",
      "hostname": "ACME-PAYMENT-PROD-15",
      "mac_addresses": "00:1D:60:84:12:33",
      "bins": "401288******1234",
      "salt": "mN7#kL9$"
    }
  ]
}

HTTP Request

POST https://fullhunt.io/api/v1/oem/darkweb/search

Request Body

Parameter Required Description Allowed Values
type Yes Type of search to perform Supported query type
query Yes Value to search for Valid value matching the search type
query_tags No Key-value pairs for client-specific tracking (e.g. {"client_id": "123"}) Any valid JSON object

Supported Query Types

Search for attack surface data related to a domain, including subdomains, technologies, and more.

curl -X POST "https://fullhunt.io/api/v1/oem/attack-surface/search" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "domain",
    "query": "acme.com",
    "query_tags": {"client_name": "ACMECorp", "workspace": "production"}
  }'

The above command returns JSON structured like this:

{
  "response": {
    "domain": "acme.com",
    "hosts": [
      {
        "categories": ["Web-Servers"],
        "cdn": "",
        "cert_object": {
          "dns_names": ["*.acme.com", "acme.com"],
          "issuer_common_name": "DigiCert TLS RSA SHA256 2020 CA1",
          "issuer_country": "US",
          "issuer_organization": "DigiCert Inc",
          "not_after": "04-05-2024 23:59:59",
          "not_before": "05-05-2023 00:00:00",
          "signature_algorithm": "SHA256-RSA",
          "subject_common_name": "*.acme.com",
          "subject_country": "US",
          "subject_organization": "Acme Corporation"
        },
        "dns": {
          "a": ["192.0.2.1"],
          "aaaa": null,
          "cname": [],
          "mx": ["mail.acme.com"],
          "ns": ["ns1.acme.com", "ns2.acme.com"],
          "txt": ["v=spf1 include:_spf.acme.com ~all"]
        },
        "domain": "acme.com",
        "host": "www.acme.com",
        "http_status_code": 200,
        "http_title": "Acme Corporation - Home",
        "ip_address": "192.0.2.1",
        "is_live": true,
        "is_resolvable": true,
        "products": ["Nginx", "React"],
        "tags": ["https", "web-servers", "nginx"],
        "technologies": [
          {
            "categories": ["Web servers"],
            "name": "Nginx"
          },
          {
            "categories": ["JavaScript frameworks"],
            "name": "React"
          }
        ]
      }
    ],
    "metadata": {
      "all_results_count": 25,
      "available_results_for_user": 25,
      "timestamp": 1683721587,
      "domain": "acme.com"
    }
  }
}

HTTP Request

POST https://fullhunt.io/api/v1/oem/attack-surface/search

Request Body Parameters

Parameter Type Description
type string Required. Type of search to perform. Currently only supports "domain"
query string Required. The domain to search for
query_tags object Optional. Key-value pairs for tracking and organizing searches

Search for organization information using domain names or organization names.

curl -X POST "https://fullhunt.io/api/v1/oem/organizations/search" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "type": "organization",
    "query": "uber",
    "query_tags": {"client_name": "ACMECorp", "workspace": "production"}
  }'

The above command returns JSON structured like this:

{
  "response": [
    {
      "company_name": "Uber Technologies, Inc.",
      "other_names": ["Uber"],
      "domain": "uber.com",
      "description": "Uber is a technology company that offers ride-hailing services, food delivery, and other transportation services.",
      "market": "Transportation, Mobility, Technology",
      "estimated_employee_count": "29,300",
      "headquarters_location": {
        "city": "San Francisco",
        "state": "California",
        "country": "United States"
      },
      "year_founded": "2009",
      "leadership_key_executives": [
        { "name": "Dara Khosrowshahi", "title": "Chief Executive Officer" },
        { "name": "Nelson Chai", "title": "Chief Financial Officer" }
      ],
      "stock_info": { "stock_symbol": "UBER", "exchange": "NYSE" },
      "social_media_presence": {
        "linkedin": "https://www.linkedin.com/company/uber-com/",
        "twitter": "https://twitter.com/Uber",
        "facebook": "https://www.facebook.com/uber",
        "instagram": "https://www.instagram.com/uber/"
      },
      "notable_breaches_security_incidents": [
        {
          "date": "21-11-2017",
          "description": "Uber revealed a data breach that exposed personal data of 57 million customers and drivers.",
          "impact": "The breach exposed names, email addresses, phone numbers, and driver's license numbers.",
          "source": "https://www.nytimes.com/2017/11/21/technology/uber-hack.html"
        }
      ],
      "public_code_organization": {
        "name": "uber",
        "platform": "GitHub",
        "url": "https://github.com/uber"
      },
      "subsidiaries": [
        {
          "name": "Uber Eats",
          "domain": "ubereats.com",
          "description": "Uber Eats is Uber's food delivery platform that allows customers to order food from local restaurants.",
          "other_domains": []
        },
        {
          "name": "Uber Freight",
          "domain": "uberfreight.com",
          "description": "Uber Freight is Uber's logistics platform that connects carriers with shippers.",
          "other_domains": []
        }
      ],
      "other_domains": ["uber.com", "ubereats.com", "uberfreight.com"]
    }
  ]
}

HTTP Request

POST https://fullhunt.io/api/v1/oem/organizations/search

Request Body Parameters

Parameter Type Description
type string Required. Type of search to perform. Valid values: "domain", "organization"
query string Required. The domain or organization name to search for
query_tags object Optional. Key-value pairs for tracking and organizing searches

Rate Limiting

Rate limiting is applied based on the following factors:

Errors

The FullHunt API uses the following error codes:

Error Code Meaning
400 Bad Request -- Your request is invalid.
401 Unauthorized -- Your API key is wrong.
403 Forbidden -- The requested resource is forbidden.
404 Not Found -- The requested resource could not be found.
429 Too Many Requests -- You are sending too many requests.