NAV
shell

Introduction

Welcome to the FullHunt API documentation. FullHunt holds one of the largest Databases for external attack surfaces of the entire Internet. You can use the FullHunt API to access attack surface data.

Authentication

To authenticate:

# With shell, you can just pass the correct header with each request
curl "https://fullhunt.io/api/v1/auth/status" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

Make sure to replace xxxx-xxxx-xxxx-xxxxxx with your API key.

FullHunt uses API keys to allow access to the API. You can sign up for a new FullHunt account to have an API key and will find it on your profile settings.

Some APIs do not require to be authenticated, however, data will be limited for non-authenticated users.

Domain APIs

Get Domain Details

Get domain details, subdomains, associated hosts, DNS records, exposed ports, and more.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/domain/kaspersky.com/details" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "domain": "kaspersky.com",
  "hosts": [
    {
      "cdn": "",
      "cloud": {
        "provider": "GCP",
        "region": "global"
      },
      "dns": {
        "a": [
          "35.186.208.154"
        ],
        "aaaa": null,
        "cname": [
          "kpcpt.cname.nexway.com."
        ],
        "mx": null,
        "ns": null,
        "ptr": [
          "154.208.186.35.bc.googleusercontent.com."
        ],
        "txt": null
      },
      "domain": "kaspersky.com",
      "has_ipv6": false,
      "has_private_ip": false,
      "host": "loja.center.kaspersky.com",
      "http_status_code": 0,
      "http_title": "",
      "ip_address": "35.186.208.154",
      "ip_metadata": {
        "asn": 15169,
        "city_name": "",
        "country_code": "US",
        "country_name": "United States",
        "isp": "Google Cloud",
        "location_latitude": 37.751,
        "location_longitude": -97.822,
        "organization": "Google Cloud",
        "postal_code": "",
        "region": ""
      },
      "is_cdn": false,
      "is_cloud": true,
      "is_cloudflare": false,
      "is_live": true,
      "is_resolvable": true,
      "network_ports": [
        1935,
        30000,
        3389,
        5672,
        5901,
        5999,
        80,
        83,
        85,
        87
      ],
      "tags": [
        "cname",
        "cloud",
        "gcp",
        "rdp",
        "amqp"
      ],
      "tld": "com"
    }
  ],
  "status": 200,
  "message": "",
  "metadata": {
    "all_results_count": 349,
    "available_results_for_user": 300,
    "domain": "kaspersky.com",
    "last_scanned": 1626577921,
    "max_results_for_user": 300,
    "timestamp": 1634004417,
    "user_plan": "advanced"
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/domain/<domain>/details

URL Parameters

Parameter Description
domain The searched domain.

Get Subdomains of a domain

List all discovered subdomains for a given domain.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/domain/kaspersky.com/subdomains" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "domain": "kaspersky.com",
  "subdomains": [
    "kaspersky.com",
    "www.kaspersky.com",
    "xxx.kaspersky.com"
  ],
  "status": 200,
  "message": "",
  "metadata": {
    "all_results_count": 349, 
    "available_results_for_user": 300, 
    "domain": "kaspersky.com", 
    "last_scanned": 1626577921, 
    "max_results_for_user": 300, 
    "timestamp": 1634004387, 
    "user_plan": "advanced"
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/domain/<domain>/subdomains

URL Parameters

Parameter Description
domain The searched domain.

Get details of a specific host

This endpoint retrieves details for a given host.

curl "https://fullhunt.io/api/v1/host/loja.center.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "cdn": "",
  "cloud": {
    "provider": "GCP",
    "region": "global"
  },
  "dns": {
    "a": [
      "35.186.208.154"
    ],
    "aaaa": null,
    "cname": [
      "kpcpt.cname.nexway.com."
    ],
    "mx": null,
    "ns": null,
    "ptr": [
      "154.208.186.35.bc.googleusercontent.com."
    ],
    "txt": null
  },
  "domain": "kaspersky.com",
  "has_ipv6": false,
  "has_private_ip": false,
  "host": "loja.center.kaspersky.com",
  "http_status_code": 0,
  "http_title": "",
  "ip_address": "35.186.208.154",
  "ip_metadata": {
    "asn": 15169,
    "city_name": "",
    "country_code": "US",
    "country_name": "United States",
    "isp": "Google Cloud",
    "location_latitude": 37.751,
    "location_longitude": -97.822,
    "organization": "Google Cloud",
    "postal_code": "",
    "region": ""
  },
  "is_cdn": false,
  "is_cloud": true,
  "is_cloudflare": false,
  "is_live": true,
  "is_resolvable": true,
  "network_ports": [
    1935,
    30000,
    3389,
    5672,
    5901,
    5999,
    80,
    83,
    85,
    87
  ],
  "tags": [
    "cname",
    "cloud",
    "gcp",
    "rdp",
    "amqp"
  ],
  "tld": "com"
}

HTTP Request

GET https://fullhunt.io/api/v1/host/<host>

URL Parameters

Parameter Description
host The searched host.

Rate Limiting

Rate limiting applies based on different factors:

Errors

The FullHunt API uses the following error codes:

Error Code Meaning
400 Bad Request -- Your request is invalid.
401 Unauthorized -- Your API key is wrong.
403 Forbidden -- The requested resource is forbidden.
404 Not Found -- The requested resource could not be found.
429 Too Many Requests -- You are sending too many requests.