NAV
shell

Introduction

Welcome to the FullHunt API documentation. FullHunt holds one of the largest databases for external attack surfaces of the entire Internet. You can use the FullHunt API to access attack surface data.

Authentication

To authenticate:

# With shell, you can just pass the correct header with each request
curl "https://fullhunt.io/api/v1/auth/status" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

Make sure to replace xxxx-xxxx-xxxx-xxxxxx with your API key.

FullHunt uses API keys to allow access to the API. You can sign up for a new FullHunt account to have an API key and will find it on your profile settings.

Some APIs do not require to be authenticated, however, data will be limited for non-authenticated users.

Domain APIs

Get Domain Details

Get domain details, subdomains, associated hosts, DNS records, exposed ports, and more.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/domain/kaspersky.com/details" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "domain": "kaspersky.com",
  "hosts": [
    {
      "cdn": "",
      "cloud": {
        "provider": "GCP",
        "region": "global"
      },
      "dns": {
        "a": [
          "35.186.208.154"
        ],
        "aaaa": null,
        "cname": [
          "kpcpt.cname.nexway.com."
        ],
        "mx": null,
        "ns": null,
        "ptr": [
          "154.208.186.35.bc.googleusercontent.com."
        ],
        "txt": null
      },
      "domain": "kaspersky.com",
      "has_ipv6": false,
      "has_private_ip": false,
      "host": "loja.center.kaspersky.com",
      "http_status_code": 0,
      "http_title": "",
      "ip_address": "35.186.208.154",
      "ip_metadata": {
        "asn": 15169,
        "city_name": "",
        "country_code": "US",
        "country_name": "United States",
        "isp": "Google Cloud",
        "location_latitude": 37.751,
        "location_longitude": -97.822,
        "organization": "Google Cloud",
        "postal_code": "",
        "region": ""
      },
      "is_cdn": false,
      "is_cloud": true,
      "is_cloudflare": false,
      "is_live": true,
      "is_resolvable": true,
      "network_ports": [
        1935,
        30000,
        3389,
        5672,
        5901,
        5999,
        80,
        83,
        85,
        87
      ],
      "tags": [
        "cname",
        "cloud",
        "gcp",
        "rdp",
        "amqp"
      ],
      "tld": "com"
    }
  ],
  "status": 200,
  "message": "",
  "metadata": {
    "all_results_count": 349,
    "available_results_for_user": 300,
    "domain": "kaspersky.com",
    "last_scanned": 1626577921,
    "max_results_for_user": 300,
    "timestamp": 1634004417,
    "user_plan": "advanced"
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/domain/<domain>/details

URL Parameters

Parameter Description
domain The searched domain.

Get Subdomains of a domain

List all discovered subdomains/hosts for a given domain.

Rate limiting: requests are limited to 60 requests per minute.

curl "https://fullhunt.io/api/v1/domain/kaspersky.com/subdomains" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "domain": "kaspersky.com",
  "hosts": [
    "kaspersky.com",
    "www.kaspersky.com",
    "xxx.kaspersky.com"
  ],
  "status": 200,
  "message": "",
  "metadata": {
    "all_results_count": 349,
    "available_results_for_user": 300,
    "domain": "kaspersky.com",
    "last_scanned": 1626577921,
    "max_results_for_user": 300,
    "timestamp": 1634004387,
    "user_plan": "advanced"
  }
}

HTTP Request

GET https://fullhunt.io/api/v1/domain/<domain>/subdomains

URL Parameters

Parameter Description
domain The searched domain.

Get details of a specific host

This endpoint retrieves details for a given host.

curl "https://fullhunt.io/api/v1/host/loja.center.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "cdn": "",
  "cloud": {
    "provider": "GCP",
    "region": "global"
  },
  "dns": {
    "a": [
      "35.186.208.154"
    ],
    "aaaa": null,
    "cname": [
      "kpcpt.cname.nexway.com."
    ],
    "mx": null,
    "ns": null,
    "ptr": [
      "154.208.186.35.bc.googleusercontent.com."
    ],
    "txt": null
  },
  "domain": "kaspersky.com",
  "has_ipv6": false,
  "has_private_ip": false,
  "host": "loja.center.kaspersky.com",
  "http_status_code": 0,
  "http_title": "",
  "ip_address": "35.186.208.154",
  "ip_metadata": {
    "asn": 15169,
    "city_name": "",
    "country_code": "US",
    "country_name": "United States",
    "isp": "Google Cloud",
    "location_latitude": 37.751,
    "location_longitude": -97.822,
    "organization": "Google Cloud",
    "postal_code": "",
    "region": ""
  },
  "is_cdn": false,
  "is_cloud": true,
  "is_cloudflare": false,
  "is_live": true,
  "is_resolvable": true,
  "network_ports": [
    1935,
    30000,
    3389,
    5672,
    5901,
    5999,
    80,
    83,
    85,
    87
  ],
  "tags": [
    "cname",
    "cloud",
    "gcp",
    "rdp",
    "amqp"
  ],
  "tld": "com"
}

HTTP Request

GET https://fullhunt.io/api/v1/host/<host>

URL Parameters

Parameter Description
host The searched host.

Global Search APIs

Global Search APIs allows security professionals to run advanced search across the FullHunt Database with a wide range of filters.

For example, you can search for all Cisco products within a nation, a high-signal CVE on a country, or all exposed MongoDB assets for a specific organization.

Rate limiting: requests are limited to 60 requests per minute.

Note: This API is available for enterprise customers only.

curl "https://fullhunt.io/api/v1/global/search" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx" \
  -d '{"country": "GB", "product": "Citrix-NetScaler"}'

The above command returns JSON structured like this:

{
    "query": {
        "country_code": "GB",
        "products": "Citrix-NetScaler"
    },
    "results": [
        {
            "asn": 22093,
            "categories": [],
            "cdn": "",
            "cert_object": {
                        "dnsnames": [
                            "remoteaccess.ccf.org",
                            "4cornershome.ccf.org",
                            "4cornershometest.ccf.org",
                            "mpc.clevelandclinic.org",
                            "mympc.clevelandclinic.org",
                            "vendor.ccf.org",
                            "vendortest.ccf.org",
                            "vpn.ccf.org",
                            "vpnlb.ccf.org",
                            "vpnlb1.ccf.org",
                            "vpnlb2.ccf.org",
                            "vpnlb3.ccf.org",
                            "vpnlb4.ccf.org",
                            "vpnlb5.ccf.org",
                            "vpnlb6.ccf.org",
                            "wiproxy.ccf.org",
                            "www.remoteaccess.ccf.org"
                        ],
                        "emailaddresses": null,
                        "ipaddresses": [],
                        "issuer_commonname": "Sectigo RSA Organization Validation Secure Server CA",
                        "issuer_country": "GB",
                        "issuer_organization": "Sectigo Limited",
                        "issuer_serialnumber": "",
                        "issuer_string": "CN=Sectigo RSA Organization Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB",
                        "isvalidhostname": true,
                        "md5_fingerprint": "DA:56:13:19:3B:A6:81:B8:A0:14:07:43:C5:6E:1B:E8",
                        "notafter": "24-01-2024 23:59:59",
                        "notbefore": "24-01-2023 00:00:00",
                        "remoteipaddress": "192.35.79.154:443",
                        "sha1_fingerprint": "FD:E5:31:25:4E:5E:A9:77:DA:EE:3B:95:A8:09:D5:EE:0B:A3:71:82",
                        "sha256_fingerprint": "25:0F:11:C7:49:C4:D2:86:2E:9A:ED:20:6E:B5:35:9F:AD:B3:31:F5:F1:FC:10:38:BD:68:5C:3C:8D:08:24:4C",
                        "signaturealgorithm": "SHA256-RSA",
                        "subject_commonname": "remoteaccess.ccf.org",
                        "subject_country": "US",
                        "subject_locality": "",
                        "subject_organization": "Cleveland Clinic Foundation",
                        "subject_province": "Ohio"
                    },
            "city_name": "Lakewood",
            "cloud_provider": "",
            "cloud_region": "",
            "country_code": "US",
            "country_name": "United States",
            "date_added": "2022-03-13 09:58:42 +0000 UTC",
            "dns_a": [
                "192.35.79.154"
            ],
            "dns_aaaa": null,
            "dns_cname": [],
            "dns_mx": null,
            "dns_ns": [],
            "dns_ptr": [
                "4cornershometest.ccf.org."
            ],
            "dns_records_count": 2,
            "dns_txt": null,
            "domain": "ccf.org",
            "has_ipv6": false,
            "has_private_ip": false,
            "host": "4cornershometest.ccf.org",
            "http_favicon": "",
            "http_favicon_blob": "",
            "http_title": "",
            "ip_address": "192.35.79.154",
            "ip_decimal": 3223539610,
            "is_cdn": false,
            "is_cloud": false,
            "is_cloudflare": false,
            "is_live": true,
            "is_resolvable": true,
            "isp": "Cleveland Clinic Foundation",
            "last_seen": "2023-03-21 13:45:22.624381632 +0000 UTC",
            "location_latitude": 41.4866,
            "location_longitude": -81.8037,
            "network_ports": [
                443,
                80
            ],
            "network_services": [
                {
                    "banner": "302 Object Moved\r\nCache-Control: no-cache, no-store, must-revalidate\r\nContent-Length: 551\r\nContent-Type: text/html\r\nLocation: /vpn/index.html\r\nPragma: no-cache\r\nSet-Cookie: NSC_AAAC=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_EPAC=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_USER=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_TEMP=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_PERS=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_BASEURL=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: CsrfToken=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: CtxsAuthId=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: ASP.NET_SessionId=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT;Secure\r\nSet-Cookie: NSC_TMAA=xyz;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT\r\nSet-Cookie: NS",
                    "certobject": {
                        "dnsnames": [
                            "remoteaccess.ccf.org",
                            "4cornershome.ccf.org",
                            "4cornershometest.ccf.org",
                            "mpc.clevelandclinic.org",
                            "mympc.clevelandclinic.org",
                            "vendor.ccf.org",
                            "vendortest.ccf.org",
                            "vpn.ccf.org",
                            "vpnlb.ccf.org",
                            "vpnlb1.ccf.org",
                            "vpnlb2.ccf.org",
                            "vpnlb3.ccf.org",
                            "vpnlb4.ccf.org",
                            "vpnlb5.ccf.org",
                            "vpnlb6.ccf.org",
                            "wiproxy.ccf.org",
                            "www.remoteaccess.ccf.org"
                        ],
                        "emailaddresses": null,
                        "ipaddresses": [],
                        "issuer_commonname": "Sectigo RSA Organization Validation Secure Server CA",
                        "issuer_country": "GB",
                        "issuer_organization": "Sectigo Limited",
                        "issuer_serialnumber": "",
                        "issuer_string": "CN=Sectigo RSA Organization Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB",
                        "isvalidhostname": true,
                        "md5_fingerprint": "DA:56:13:19:3B:A6:81:B8:A0:14:07:43:C5:6E:1B:E8",
                        "notafter": "24-01-2024 23:59:59",
                        "notbefore": "24-01-2023 00:00:00",
                        "remoteipaddress": "192.35.79.154:443",
                        "sha1_fingerprint": "FD:E5:31:25:4E:5E:A9:77:DA:EE:3B:95:A8:09:D5:EE:0B:A3:71:82",
                        "sha256_fingerprint": "25:0F:11:C7:49:C4:D2:86:2E:9A:ED:20:6E:B5:35:9F:AD:B3:31:F5:F1:FC:10:38:BD:68:5C:3C:8D:08:24:4C",
                        "signaturealgorithm": "SHA256-RSA",
                        "subject_commonname": "remoteaccess.ccf.org",
                        "subject_country": "US",
                        "subject_locality": "",
                        "subject_organization": "Cleveland Clinic Foundation",
                        "subject_province": "Ohio"
                    },
                    "httpfavicon": "",
                    "httpfaviconblob": "",
                    "httpstatuscode": 302,
                    "httptitle": "",
                    "port": 443,
                    "product": [
                        "Microsoft-IIS",
                        "Citrix-NetScaler"
                    ],
                    "service": [
                        "https"
                    ],
                    "type": "tcp",
                    "web": [
                        "Microsoft ASP.NET",
                        "IIS\\;confidence:50"
                    ]
                },
                {
                    "banner": "302 Object Moved\r\nCache-Control: private\r\nContent-Type: text/html\r\nLocation: https://4cornershometest.ccf.org/\r\n",
                    "certobject": {
                        "dnsnames": null,
                        "emailaddresses": null,
                        "ipaddresses": null,
                        "issuer_commonname": "",
                        "issuer_country": "",
                        "issuer_organization": "",
                        "issuer_serialnumber": "",
                        "issuer_string": "",
                        "isvalidhostname": false,
                        "md5_fingerprint": "",
                        "notafter": "",
                        "notbefore": "",
                        "remoteipaddress": "",
                        "sha1_fingerprint": "",
                        "sha256_fingerprint": "",
                        "signaturealgorithm": "",
                        "subject_commonname": "",
                        "subject_country": "",
                        "subject_locality": "",
                        "subject_organization": "",
                        "subject_province": ""
                    },
                    "httpfavicon": "",
                    "httpfaviconblob": "",
                    "httpstatuscode": 302,
                    "httptitle": "",
                    "port": 80,
                    "product": null,
                    "service": [
                        "http"
                    ],
                    "type": "tcp",
                    "web": null
                }
            ],
            "organization": "Cleveland Clinic Foundation",
            "ports_count": 2,
            "postal_code": "44107",
            "products": [
                "Microsoft-IIS",
                "Citrix-NetScaler"
            ],
            "region": "Ohio",
            "tags": [
                "https",
                "microsoft-iis",
                "citrix-netscaler",
                "http"
            ],
            "tld": "org",
            "type": "ip",
            "urls": ["http://192.35.79.154/vpn/index.html", "https://192.35.79.154/logon/LogonPoint/tmindex.html"],
            "vulnerabilities": ["cve-2024-1234"]
        }
    ],
    "total_pages": 1000000,
    "total_query_results": 10000000
}

HTTP Request

POST https://fullhunt.io/api/v1/global/search

Request Filters

Fullhunt Global Search comes with a powerful search filters. See ther full documentation here https://fullhunt.io/docs/global-search/filters

Data Intelligence APIs

FullHunt Data Intelligence APIs offer vital data for data intelligence and security tools.

FullHunt Data Intelligence APIs are used to query the FullHunt database, the largest asset inventory database on the Internet, for various use-cases.

Rate limiting: requests are limited to 60 requests per minute.

Note: The results are limited to 100 results per query for community accounts. Enterprise accounts gain full access to Data Intelligence API.

curl "https://fullhunt.io/api/v1/intel/host?host=loja.center.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "host": "loja.center.kaspersky.com"
    },
    "results": [
        {
            "asn": 15169,
            "dns_ptr": [
                "154.208.186.35.bc.googleusercontent.com."
            ],
            "domain": "kaspersky.com",
            "host": "loja.center.kaspersky.com",
            "ip_address": "35.186.208.154",
            "organization": "GOOGLE"
        }
    ],
    "total_pages": 1,
    "total_query_results": 1
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/

Get Host Details

Get details about a given host.

curl "https://fullhunt.io/api/v1/intel/host?host=loja.center.kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "host": "loja.center.kaspersky.com"
    },
    "results": [
        {
            "asn": 15169,
            "dns_ptr": [
                "154.208.186.35.bc.googleusercontent.com."
            ],
            "domain": "kaspersky.com",
            "host": "loja.center.kaspersky.com",
            "ip_address": "35.186.208.154",
            "organization": "GOOGLE"
        }
    ],
    "total_pages": 1,
    "total_query_results": 1
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/host

URL Parameters

Parameter Description
host The searched host.

Get Hosts With a Specific Tag

Get hosts that match a given tag.

curl "https://fullhunt.io/api/v1/intel/tag?tag=ssh" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
        "tag": "ssh"
    },
    "results": [
        {
            "asn": 3737,
            "dns_ptr": null,
            "domain": "",
            "host": "24.229.106.49",
            "ip_address": "24.229.106.49",
            "organization": "PenTeleData"
        }
    ],
    "total_pages": 10000,
    "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/tag

URL Parameters

Parameter Description
tag The searched tag.

Get Hosts Running a Web Tech

Get hosts that are running a specific web technology.

curl "https://fullhunt.io/api/v1/intel/web-tech?tech=HTTP/3" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
        "tech": "HTTP/3"
    },
    "results": [
        {
            "asn": 0,
            "dns_ptr": null,
            "domain": "fullhunt.blue",
            "host": "fullhunt.blue",
            "ip_address": "2a06:98c1:3120::3",
            "organization": ""
        }
    ],
    "total_pages": 10000,
    "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/web-tech

URL Parameters

Parameter Description
tech The searched web technology.

Get hosts Running a specific Product

Get hosts that are running a specific product.

curl "https://fullhunt.io/api/v1/intel/product?product=Citrix-NetScaler" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
        "product": "Citrix-NetScaler"
    },
    "results": [
        {
            "asn": 7741,
            "dns_ptr": [
                "199-198-251-31.cibc.com."
            ],
            "domain": "cibc.com",
            "host": "199-198-251-31.cibc.com",
            "ip_address": "199.198.251.31",
            "organization": "CIBC World Markets"
        }
    ],
    "total_pages": 4551,
    "total_query_results": 4551
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/product

URL Parameters

Parameter Description
product The searched product.

Get Subdomains of a Domain

Get all subdomains associated with the given domain.

curl "https://fullhunt.io/api/v1/intel/domain?domain=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "domain": "kaspersky.com"
    },
    "results": [
        {
            "asn": 0,
            "dns_ptr": null,
            "domain": "kaspersky.com",
            "host": "08.kaspersky.com",
            "ip_address": "",
            "organization": ""
        }
    ],
    "total_pages": 10000,
    "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/domain-subdomains

URL Parameters

Parameter Description
domain The searched domain.

Get Hosts Pointing to a Given IP address

Get hosts pointing to a given IP address.

curl "https://fullhunt.io/api/v1/intel/ip-to-hosts?ip=8.8.8.8" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "ip": "8.8.8.8"
    },
    "results": [
        {
            "asn": 15169,
            "dns_ptr": [
                "dns.google."
            ],
            "domain": "dns.google",
            "host": "dns.google",
            "ip_address": "8.8.8.8",
            "organization": "Google"
        }
    ],
    "total_pages": 202,
    "total_query_results": 202
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/ip-to-hosts

URL Parameters

Parameter Description
ip The searched IP Address.

Get Hosts within a given ASN

Get hosts within a given ASN.

curl "https://fullhunt.io/api/v1/intel/asn-to-hosts?asn=200107" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "asn": 200107
    },
    "results": [
        {
            "asn": 200107,
            "dns_ptr": null,
            "domain": "kaspersky-labs.com",
            "host": "42.ucp-ntfy.kaspersky-labs.com",
            "ip_address": "82.202.185.202",
            "organization": "Kaspersky Lab Switzerland GmbH"
        }
    ],
    "total_pages": 1206,
    "total_query_results": 1206
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/asn-to-hosts

URL Parameters

Parameter Description
asn The searched ASN.

Get Virtual Hosts Pointing to ASN

Get virtual hosts pointing to the same ASN.

curl "https://fullhunt.io/api/v1/intel/asn-to-virtual-hosts?asn=200107" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "asn": 200107
    },
    "results": [
        {
            "asn": 200107,
            "dns_ptr": null,
            "domain": "kaspersky-labs.com",
            "host": "42.ucp-ntfy.kaspersky-labs.com",
            "ip_address": "82.202.185.202",
            "organization": "Kaspersky Lab Switzerland GmbH"
        }
    ],
    "total_pages": 1206,
    "total_query_results": 1206
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/asn-to-virtual-hosts

URL Parameters

Parameter Description
asn The searched ASN.

Get Hosts Pointing to a Given IP address

Get hosts pointing to a given IP address.

curl "https://fullhunt.io/api/v1/intel/ip-range-to-hosts?ip_start=1.1.1.1&ip_end=1.1.1.1.255" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "ip_start": "1.1.1.1",
      "ip_end": "1.1.1.255"
    },
    "results": [
        {
            "asn": 0,
            "dns_ptr": [
                "one.one.one.one."
            ],
            "domain": "cwu.edu.cn",
            "host": "1.cwu.edu.cn",
            "ip_address": "1.1.1.1",
            "organization": "CLOUDFLARENET"
        }
    ],
    "total_pages": 10000,
    "total_query_results": 10000
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/ip-range-to-hosts

URL Parameters

Parameter Description
ip_start The range start ip.
ip_end The range end ip.

Get Host With Same DNS MX

Get hosts that points to the same DNS MX

curl "https://fullhunt.io/api/v1/intel/dns-mx-to-hosts?dns_mx=mx14.kaspersky-labs.com." \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "dns_mx": "mx14.kaspersky-labs.com."
    },
    "results": [
        {
            "asn": 200350,
            "dns_ptr": null,
            "domain": "kaspersky.com",
            "host": "brand.kaspersky.com",
            "ip_address": "51.250.27.190",
            "organization": "Yandex.Cloud LLC"
        }
    ],
    "total_pages": 15,
    "total_query_results": 15
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/dns-mx-to-hosts

URL Parameters

Parameter Description
dns_mx The searched dns_mx.

Get Hosts Pointing to Same DNS NS

Get hosts pointing to the same DNS NS.

curl "https://fullhunt.io/api/v1/intel/dns-ns-to-hosts?dns_ns=ns1.kasperskylabs.net" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
    "query": {
      "dns_ns": "ns1.kasperskylabs.net."
    },
    "results": [
        {
            "asn": 8075,
            "dns_ptr": null,
            "domain": "kaspersky.com",
            "host": "cloud.kaspersky.com",
            "ip_address": "40.85.136.63",
            "organization": "MICROSOFT-CORP-MSN-AS-BLOCK"
        }
    ],
    "total_pages": 26,
    "total_query_results": 26
}

HTTP Request

GET https://fullhunt.io/api/v1/intel/dns-ns-to-hosts

URL Parameters

Parameter Description
dns_ns The searched dns_ns.

Nexus APIs

FullHunt Nexus APIs are research data provided by FullHunt Intelligence.

This API is part of the Data Intelligence API Credits.

Rate limiting: requests are limited to 60 requests per minute.

Note: The results are limited to 100 results per query for community accounts. Enterprise accounts gain full access to Data Intelligence API.

curl "https://fullhunt.io/api/v1/nexus/tor/check-ip?ip=100.8.8.137" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 1,
  "data": {
    "first_seen": "26-09-2023",
    "ip_address": "100.8.8.137"
  },
  "error": "",
  "status": 200
}

Tor IP Lookup

This API queries the FullHunt database to check if a specific IP was identified as a Tor exit node at a given time. FullHunt actively monitors and indexes Tor IPs.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/tor/check-ip

URL Parameters

Parameter Description
ip The IP address.
curl "https://fullhunt.io/api/v1/nexus/tor/check-ip?ip=100.8.8.137" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 1,
  "data": {
    "first_seen": "26-09-2023",
    "ip_address": "100.8.8.137"
  },
  "error": "",
  "status": 200
}

An API to query the database for DNS-related cloud certificate information. This is part of FullHunt's Internet scans.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/cloud-certs/dns-search

URL Parameters

Parameter Description
query A query to discover cloud assets with specific DNS names.
curl "https://fullhunt.io/api/v1/nexus/cloud-certs/dns-search?query=kaspersky" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 4,
  "data": [
    {
      "dns": [
        "kaspersky-test.mygiftcard.it",
        "carrefour-test.mygiftcard.it",
      ],
      "host": "34.107.159.9",
      "port": "443"
    },
    {
      "dns": [
        "kaspersky.com",
        "www.kaspersky.com"
      ],
      "host": "15.220.184.189",
      "port": "443"
    },
    {
      "dns": [
        "kaspersky.com",
        "www.kaspersky.com"
      ],
      "host": "3.122.200.240",
      "port": "443"
    },
    {
      "dns": [
        "kasperskylabs.jp"
      ],
      "host": "35.76.8.33",
      "port": "443"
    }
  ],
  "error": "",
  "status": 200
}

Passive DNS Data - Domain Lookup

Retrieves historical passive DNS data for a specified domain from FullHunt's internal passive DNS database.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/passive-dns/lookup

URL Parameters

Parameter Description
domain Search hosts associated with a domain name on the FullHunt passive DNS database.
curl "https://fullhunt.io/api/v1/nexus/passive-dns/lookup?domain=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 7686,
  "data": [
    "activate.activation-v2.kaspersky.com",
    "activation-v2.geo.kaspersky.com",
    "activation-v2.kaspersky.com",
    "aes.geo.kaspersky.com",
    "americas.activation-v2.kaspersky.com",
    "americas.activate.activation-v2.kaspersky.com",
    "americas.refresh-bkg.activation-v2.kaspersky.com",
    "ksn-pixel.geoksn.kaspersky.com"
    # ... rest of items ...
  ],
  "error": "",
  "status": 200
}

Domains Collection - Company lookup by domain name.

Searches the domain collection database for information related to a specific domain.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/domain-collection/lookup

URL Parameters

Parameter Description
domain The domain name.
curl "https://fullhunt.io//api/v1/nexus/domain-collection/lookup?domain=kaspersky.com" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 1,
  "data": {
    "company_name": "Kaspersky",
    "copyright": "",
    "crunchbase_urls": [],
    "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
    "domain": "kaspersky.com",
    "facebook_urls": [
      "https://www.facebook.com/Kaspersky"
    ],
    "favicon_url": "https://kaspersky.com/favicon.ico",
    "github_urls": [],
    "images_list": [],
    "instagram_urls": [
      "https://instagram.com/kasperskylab"
    ],
    "linkedin_urls": [
      "https://linkedin.com/company/kaspersky/"
    ],
    "meta_logo_url": "",
    "other_urls": [
      "https://www.kaspersky.co.kr/",
      "https://kaspersky.com/enterprise-security",
      "https://kaspersky.com#main",
      "https://www.kaspersky.cz/",
      "https://kaspersky.com/anti-corruption-policy",
      # ... rest of URLs ...
    ],
    "pinterest_urls": [],
    "reddit_urls": [],
    "snapchat_urls": [],
    "title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
    "tumblr_urls": [],
    "twitter_urls": [
      "https://twitter.com/kaspersky"
    ],
    "youtube_urls": [
      "https://youtube.com/Kaspersky"
    ]
  },
  "error": "",
  "status": 200
}

Domains Collection - Company lookup by name.

Searches the domain collection database for information related to a specific company.

HTTP Request

GET https://fullhunt.io/api/v1/nexus/domain-collection/company-lookup

URL Parameters

Parameter Description
query The search query.
curl "https://fullhunt.io/api/v1/nexus/domain-collection/company-lookup?query=kaspersky" \
  -H "X-API-KEY: xxxx-xxxx-xxxx-xxxxxx"

The above command returns JSON structured like this:

{
  "count": 6,
  "data": [
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "Najczęściej nagradzana. Najczęściej testowana. Ochrona antywirusowa i Internet Security dla domu i biznesu od Kaspersky",
      "domain": "kaspersky.com.pl",
      "facebook_urls": [
        "https://facebook.com/KasperskyPolska"
      ],
      "favicon_url": "https://kaspersky.com.pl/favicon.ico",
      "github_urls": [],
      "images_list": [
        "https://www.kaspersky.com.pl/images/image_logo.jpg"
      ],
      "instagram_urls": [
        "https://instagram.com/KasperskyPolska"
      ],
      "linkedin_urls": [
        "https://www.linkedin.com/company/kaspersky-polska"
      ],
      "meta_logo_url": "",
      "other_urls": [
        "https://kaspersky.com.pl/safe-kids",
        "https://kaspersky.com.pl/ochrona-dla-sredniego-biznesu",
        # ... rest of URLs ...
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky - oficjalna strona - najlepszy antywirus, internet security | sklep",
      "tumblr_urls": [],
      "twitter_urls": [
        "https://twitter.com/KasperskyPolska"
      ],
      "youtube_urls": [
        "https://www.youtube.com/embed/KurkIrV9hVo?autoplay=1",
        "https://www.youtube.com/KasperskyLabPL"
      ]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "Leader mondial des solutions et services de cybersécurité, Kaspersky offre une protection premium contre les cybermenaces pour votre domicile ou votre entreprise.",
      "domain": "kaspersky.fr",
      "facebook_urls": [
        "https://www.facebook.com/kasperskylabfrance"
      ],
      "favicon_url": "https://kaspersky.fr/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": [
        "https://instagram.com/kasperskylabfrance"
      ],
      "linkedin_urls": [
        "https://linkedin.com/company/kaspersky-lab-france"
      ],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://kaspersky.fr/enterprise-security/endpoint",
          # ... rest of URLs ...
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Solutions de cybersécurité pour particuliers et entreprises | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": [
        "https://twitter.com/kasperskyfrance"
      ],
      "youtube_urls": [
        "https://youtube.com/KasperskyFrance"
      ]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
      "domain": "kaspersky.co.uk",
      "facebook_urls": [
        "https://www.facebook.com/Kaspersky"
      ],
      "favicon_url": "https://kaspersky.co.uk/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": [
        "https://instagram.com/kasperskylab"
      ],
      "linkedin_urls": [
        "https://linkedin.com/company/kaspersky/"
      ],
      "meta_logo_url": "",
      "other_urls": [
        "https://kaspersky.co.uk/about/press-releases",
        "https://www.kaspersky.ca/?ignoreredirects=true",
         # ... rest of URLs ...
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky Cyber Security Solutions for Home and Business  | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": [
        "https://twitter.com/kaspersky"
      ],
      "youtube_urls": [
        "https://youtube.com/Kaspersky"
      ]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
      "domain": "kaspersky.com",
      "facebook_urls": [
        "https://www.facebook.com/Kaspersky"
      ],
      "favicon_url": "https://kaspersky.com/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": [
        "https://instagram.com/kasperskylab"
      ],
      "linkedin_urls": [
        "https://linkedin.com/company/kaspersky/"
      ],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://kaspersky.com/enterprise-security",
        # ... rest of URLs ...
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": [
        "https://twitter.com/kaspersky"
      ],
      "youtube_urls": [
        "https://youtube.com/Kaspersky"
      ]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "A Global Leader in Next Generation Cybersecurity Solutions and Services, Kaspersky Offers Premium Protection Against All Cyber Threats for Your Home and Business.",
      "domain": "kaspersky.co.in",
      "facebook_urls": [
        "https://www.facebook.com/Kaspersky"
      ],
      "favicon_url": "https://kaspersky.co.in/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": [
        "https://instagram.com/kasperskylab"
      ],
      "linkedin_urls": [
        "https://linkedin.com/company/kaspersky/"
      ],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://kaspersky.co.in/partners",
        # ... rest of URLs ...
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Kaspersky Cyber Security Solutions for Home and Business | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": [
        "https://twitter.com/kaspersky"
      ],
      "youtube_urls": [
        "https://youtube.com/Kaspersky"
      ]
    },
    {
      "company_name": "Kaspersky",
      "copyright": "",
      "crunchbase_urls": [],
      "description": "Come leader globale di soluzioni e servizi di cybersicurezza di ultima generazione, Kaspersky offre una protezione di livello premium da tutte le minacce informatiche per ambienti domestici e aziendali.",
      "domain": "kaspersky.it",
      "facebook_urls": [
        "https://www.facebook.com/kasperskylabitalia"
      ],
      "favicon_url": "https://kaspersky.it/favicon.ico",
      "github_urls": [],
      "images_list": [],
      "instagram_urls": [
        "https://instagram.com/kasperskylabitalia"
      ],
      "linkedin_urls": [],
      "meta_logo_url": "",
      "other_urls": [
        "https://www.kaspersky.co.kr/",
        "https://www.kaspersky.cz/",
        # ... rest of URLs ...
      ],
      "pinterest_urls": [],
      "reddit_urls": [],
      "snapchat_urls": [],
      "title": "Soluzioni di cybersicurezza Kaspersky per le aziende e gli utenti privati  | Kaspersky",
      "tumblr_urls": [],
      "twitter_urls": [
        "https://twitter.com/KasperskyLabIT"
      ],
      "youtube_urls": [
        "https://youtube.com/Kaspersky"
      ]
    }
  ],
  "error": "",
  "status": 200
}

Rate Limiting

Rate limiting applies based on different factors:

Errors

The FullHunt API uses the following error codes:

Error Code Meaning
400 Bad Request -- Your request is invalid.
401 Unauthorized -- Your API key is wrong.
403 Forbidden -- The requested resource is forbidden.
404 Not Found -- The requested resource could not be found.
429 Too Many Requests -- You are sending too many requests.